# Configuring your Self Service Agent
## Overview
The Rely.io Self-Service Agent is a **critical component required to enable self-service action features** within Rely.io. Without it, you won't be able to trigger self-service actions. The Agent is [fully open-source](https://gitlab.com/relyio/backend/self-service-agent).
This agent runs on the customer's side, ensuring that Rely.io does not need write access to the customer's platforms. Once deployed, it will periodically check for pending actions triggered via Rely.io's UI or API and execute them.
## Obtaining Your Self-Service Agent API Token
You need to generate an API token to ensure the Rely.io Self-Service Agent can properly interact with Rely.io and listen for events. We have several options for getting the token.
### Get Token from Plugins Page
1. Open the Rely.io platform.
2. Navigate to the **Plugins** page.
3. Open the details of the **Self-Service Agent** plugin.
4. Click **View details** and then **Generate Self Service Token**.
### Get Token from the Self-Service Onboarding Page
1. Open the Rely.io platform.
2. Navigate to the **Self-Service** **Actions** page.
3. Click the **Setup Self-Service Agent** button.
4. On the tab **Generate Rely API token,** click on the **Generate Token**.
5. On the modal dialog, click **Generate token**.
6. Finally, the generated token can be copied from the token input textbox to the clipboard
{% hint style="danger" %}
Generating a new token will invalidate all previously generated tokens.
{% endhint %}
## Installation Method 1: Kubernetes cluster using **Helm (Recommended)**
#### Prerequisites
* A Kubernetes cluster
* [Helm](https://helm.sh/docs/intro/install/) installed on your local machine
* Rely.io Self-Service Agent API Token
* [kubectl](https://kubernetes.io/docs/tasks/tools/) command line app
* [jq](https://jqlang.github.io/jq/download/) command line
#### Step 1: Crete a Kubernetes Namespace
First, create a Kubernetes namespace
```
kubectl create namespace rely-ssa
```
#### **Step 2: Create a Kubernetes Secret with Your API Token**
Create a Kubernetes secret to store your Rely.io API token securely.
kubectl create secret generic relyio-api-token-ssa \
--namespace rely-ssa \
--from-literal=API_TOKEN="YOUR-API-TOKEN"
Replace `YOUR-API-TOKEN` with your actual API token.
**Step 3: Install the Rely.io Self-Service Agent Chart**
Install the Rely.io Self-Service Agent using the Helm chart.
```bash
helm upgrade --install my-self-service-agent \
oci://registry-1.docker.io/devrelyio/relyio-self-service-agent-helm \
--namespace rely-ssa
```
The previous command will install or upgrade the Self Service Agent install to latest version.
## **Installation Method 2: Docker**
#### Prerequisites
* [Docker](https://docs.docker.com/engine/install/) installed
* Rely.io Self-Service Agent API Token
**Step 1: Run the Docker Container**
Run the Rely.io Self-Service Agent Docker container with your API token.
```bash
docker run -e API_TOKEN="YOUR-API-TOKEN" devrelyio/self-service-agent:latest
```
Replace `YOUR-API-TOKEN` with your actual API token.
## Managing Secrets and Environment Variables
The Rely.io Self-Service Agent requires tokens to interact with various data sources. The specific tokens to provide will depend on the integrations you want to use in self-service actions. Examples include:
* `GITHUB_TOKEN`: For GitHub integration
* `GITLAB_TOKEN`: For GitLab integration
* `SONARQUBE_TOKEN`: For SonarQube integration
* `PAGERDUTY_TOKEN`: For PagerDuty integration
* `GCP_SERVICE_ACCOUNT`: Google Cloud Service Account credentials
### **Kubernetes (Helm Installation)**
To update the Kubernetes secret with additional environment variables, use the following command:
```bash
kubectl patch secret relyio-api-token-ssa --namespace rely-ssa --patch '{
"data": {
"EXAMPLE_ENV_VAR": "'"$(echo -n 'ENV_VAR_VALUE_GOES_HERE' | base64)"'"
}}'
```
Replace `EXAMPLE_ENV_VAR` and `ENV_VAR_VALUE_GOES_HERE` with your specific variable name and value.
For setting up all our previous environment variables at once, we could do it like this:
```bash
kubectl patch secret relyio-api-token-ssa --namespace rely-ssa --patch '{
"data": {
"GITHUB_TOKEN": "'"$(echo -n 'YOUR_TOKEN_HERE' | base64)"'",
"GITLAB_TOKEN": "'"$(echo -n 'YOUR_TOKEN_HERE' | base64)"'",
"SONARQUBE_TOKEN": "'"$(echo -n 'YOUR_TOKEN_HERE' | base64)"'",
"PAGERDUTY_TOKEN": "'"$(echo -n 'YOUR_TOKEN_HERE' | base64)"'",
"GCP_SERVICE_ACCOUNT": "'"$(printf '%s' "$(cat service-account.json | jq -c)" | base64)"'"
}}'
```
Than re-deploy your agent:
```bash
kubectl rollout restart deployment my-self-service-agent-relyio-self-service-agent-helm \
--namespace rely-ssa
```
### **Docker**
For the Docker installation, you can pass additional environment variables directly into the `docker run` command. Example:
```bash
docker run -e API_TOKEN="YOUR-API-TOKEN" \
-e GITHUB_TOKEN="YOUR_TOKEN_HERE" \
-e GITLAB_TOKEN="YOUR_TOKEN_HERE" \
-e SONARQUBE_TOKEN="YOUR_TOKEN_HERE" \
-e PAGERDUTY_TOKEN="YOUR_TOKEN_HERE" \
-e GCP_SERVICE_ACCOUNT="$(printf '%s' "$(cat service-account.json | jq -c)" \
devrelyio/self-service-agent:latest
```
## Upgrading the Self-Service Agent
Upgrade to the latest version of the Self-Service Agent; available versions can be checked [here](https://hub.docker.com/r/devrelyio/relyio-self-service-agent-helm/tags)
**Helm**
helm upgrade my-self-service-agent \
oci://registry-1.docker.io/devrelyio/relyio-self-service-agent-helm \
--namespace rely-ssa
If a specific version is required, a parameter needs to be added to the previous command just like this:
```bash
helm upgrade relyio-self-service-agent \
oci://registry-1.docker.io/devrelyio/relyio-self-service-agent-helm \
--version 0.2.4 \
--namespace rely-ssa
```
**Docker**
Pull the latest Docker image and run it. Feel free to check and specify for specific versions [here](https://hub.docker.com/r/devrelyio/self-service-agent/tags).
```bash
docker pull devrelyio/self-service-agent:latest
docker run -e API_TOKEN="YOUR-API-TOKEN" devrelyio/self-service-agent:latest
```