Mobb Broker
Mobb supports source code repositories (GitLab/GitHub/ADO) that are hosted in an on-premise environment by using the Mobb broker. The Mobb broker provides organizations with the following benefits:
Mobb broker allows you to connect to your hosted/on-premise source code repositories to Mobb to perform the fix analysis.
Mobb broker allows you to easily commit fixes back into your source code repositories by automatically creating a Pull Request for your team to review.
Architecture

Step 1 - Mobb Broker Client initiates a secure HTTPS tunnel connection to the Mobb Broker Server.
Step 2 - The optional HTTPS Proxy completes the tunnel creation. The tunnel is now ready to be used.
Step 3 - During a fix analysis, Mobb requests access to your GitLab/GitHub/ADO Repository to access source code to produce fixes. The bi-directional communication is facilitated by the tunnel created in Step 1 and Step 2.
Step 4 - Fixes are pushed to GitLab/GitHub/ADO as Pull Requests through the HTTPS tunnel.
Additional Notes:
For Steps 3 and 4, Mobb can only connect to designed servers (i.e. GitLab) as specified during the Broker client setup process.
End-users control the initiation of the tunnel creation process.
Mobb Broker Installation Guide
Sample Docker command
Mobb docker can be deployed on any machine with a docker host. Here is a sample docker command:
docker run --rm --pull=always --platform linux/amd64 --network="host" -d \
-e FRP_BROKER_SERVER_HOST='broker-app.mobb.ai' \
-e FRP_BROKER_AUTH_TOKEN='<YOUR_AUTH_TOKEN_HERE>' \
-e FRP_BROKERED_DOMAIN='<YOUR_BROKERED_DOMAIN_UUID_HERE>' \
-e TARGET_SERVER_URL='https://<YOUR_SCM_ADDRESS>' \
-e TARGET_DISABLE_CERT_VALIDATION='true' \
-e HOST_HEADER_OVERWRITE='<YOUR_SCM_ADDRESS>' \
--name frpc_multi-tenant_main mobbai/broker-frpc
Explanation of the Environment Variables
FRP_BROKER_SERVER_HOST
For the production server, set this to
broker-app.mobb.ai
For single tenants, this is usually
https://<SINGLE_TENANT_ID>.mobb.ai
. If you are unclear, please consult your Mobb representative or reach out to us at [email protected].
FRP_BROKER_AUTH_TOKEN
Please consult your Mobb representative on the token value or reach out to us at [email protected]
FRP_BROKERED_DOMAIN
Please consult your Mobb representative for the Brokered Domain UUID or reach out to us at [email protected]i
TARGET_SERVER_URL
Your target server URL, for example:
https://your_internal_scm_server_address
HOST_HEADER_OVERWRITE
The same value as TARGET_SERRVER_URL with the
https://
, for example:your_internal_scm_server_address
(Optional) TARGET_DISABLE_CERT_VALIDATION
If you have a good public SSL certificate on the on-premise SCM server, then you can ignore this. If not, you can set this to "true" to disable certificate validation.
Specific set-up instructions for AWS ECS
Navigate to ECS Task Definitions in the AWS Console.
Create a new task definition and select AWS Fargate as the launch type.
Set the following configurations for the task definition:
Container Name: Choose a suitable name for your container.
Image URI: Use the following Docker image URI: docker.io/mobbai/broker-frpc:latest.
For the ECS task execution IAM role configuration, here is a list of required permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*"
}
]
}
4. Configure the required Environment Variables as described in the section above.
FRP_BROKER_SERVER_HOST
FRP_BROKER_AUTH_TOKEN
FRP_BROKERED_DOMAIN
TARGET_SERVER_URL=https://YOUR_SCM_SERVER_ADDRESS
HOST_HEADER_OVERWRITE=YOUR_SCM_SERVER_ADDRESS
Optional settings:
You can also define the following proxy settings (
FRP_PROXY_URL
,TARGET_PROXY_URL
) depending on your specific requirementsYou can also set the environment variable
TARGET_DISABLE_CERT_VALIDATION
totrue
- if the SCM server doesn’t provide a trusted certificate
After completing the task definition setup, go to ECS Clusters.
Create a new cluster and select the task definition you just created.
Last updated
Was this helpful?