536f6249a6
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.
39 lines
1.1 KiB
Plaintext
39 lines
1.1 KiB
Plaintext
# StellaOps Policy Engine configuration template.
|
|
# Copy to ../etc/policy-engine.yaml (relative to the Policy Engine content root)
|
|
# and adjust values to fit your environment. Environment variables prefixed with
|
|
# STELLAOPS_POLICY_ENGINE_ override these values at runtime.
|
|
|
|
schemaVersion: 1
|
|
|
|
authority:
|
|
enabled: true
|
|
issuer: "https://authority.stella-ops.local"
|
|
clientId: "policy-engine"
|
|
clientSecret: "change-me"
|
|
scopes: [ "policy:run", "findings:read", "effective:write" ]
|
|
backchannelTimeoutSeconds: 30
|
|
|
|
storage:
|
|
connectionString: "mongodb://localhost:27017/policy-engine"
|
|
databaseName: "policy_engine"
|
|
commandTimeoutSeconds: 30
|
|
|
|
workers:
|
|
schedulerIntervalSeconds: 15
|
|
maxConcurrentEvaluations: 4
|
|
|
|
activation:
|
|
forceTwoPersonApproval: false
|
|
defaultRequiresTwoPersonApproval: false
|
|
emitAuditLogs: true
|
|
|
|
resourceServer:
|
|
authority: "https://authority.stella-ops.local"
|
|
requireHttpsMetadata: true
|
|
audiences: [ "api://policy-engine" ]
|
|
requiredScopes: [ "policy:run" ]
|
|
requiredTenants: [ ]
|
|
bypassNetworks:
|
|
- "127.0.0.1/32"
|
|
- "::1/128"
|