stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
233873f62095794364088a497b9db63a228ceab9
git.stella-ops.org/etc/signals.yaml.sample
StellaOps Bot 108d1c64b3
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Findings Ledger CI / build-test (push) Has been cancelled
Details
Findings Ledger CI / migration-validation (push) Has been cancelled
Details
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
cryptopro-linux-csp / build-and-test (push) Has been cancelled
Details
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
sm-remote-ci / build-and-test (push) Has been cancelled
Details
Findings Ledger CI / generate-manifest (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details
up
2025-12-09 09:38:09 +02:00

84 lines
2.7 KiB
Plaintext
Raw Blame History

# Signals service configuration template.
# Copy to ../etc/signals.yaml (relative to the Signals content root)
# and adjust values to fit your environment.
schemaVersion: 1
Signals:
Authority:
Enabled: true
Issuer: "https://authority.stella-ops.local"
AllowAnonymousFallback: false
Audiences:
- "api://signals"
RequiredTenants:
- "tenant-default"
RequiredScopes:
- "signals:read"
- "signals:write"
- "signals:admin"
BypassNetworks:
- "127.0.0.1/32"
- "::1/128"
Mongo:
ConnectionString: "mongodb://localhost:27017/signals"
Database: "signals"
CallgraphsCollection: "callgraphs"
ReachabilityFactsCollection: "reachability_facts"
Storage:
# Storage driver: "filesystem" (default) or "rustfs" (CAS-backed)
Driver: "filesystem"
# Filesystem driver options (used when Driver=filesystem)
RootPath: "../data/signals-artifacts"
# RustFS driver options (used when Driver=rustfs)
# Per CAS contract, signals uses "signals-data" bucket
BucketName: "signals-data"
RootPrefix: "callgraphs"
RustFs:
BaseUrl: "http://localhost:8180/api/v1"
AllowInsecureTls: false
ApiKey: ""
ApiKeyHeader: "X-API-Key"
Timeout: "00:01:00"
Scoring:
ReachableConfidence: 0.75
UnreachableConfidence: 0.25
RuntimeBonus: 0.15
MaxConfidence: 0.99
MinConfidence: 0.05
Cache:
# Cache is always Redis-backed for reachability fact reuse.
ConnectionString: "localhost:6379"
DefaultTtlSeconds: 600
Events:
Enabled: true
# Transport driver: "redis" (default), "router" (HTTP gateway), or "inmemory" for local smoke.
Driver: "router"
ConnectionString: "localhost:6379" # still required for cache + redis driver
Stream: "signals.fact.updated.v1"
DeadLetterStream: "signals.fact.updated.dlq"
PublishTimeoutSeconds: 5
MaxStreamLength: 10000
DefaultTenant: "tenant-default"
Producer: "StellaOps.Signals"
Pipeline: "signals"
Release: ""
Router:
BaseUrl: "https://gateway.stella-ops.local"
Path: "/router/events/signals.fact.updated"
ApiKeyHeader: "X-API-Key"
ApiKey: ""
TimeoutSeconds: 5
AllowInsecureTls: false
Headers:
X-Router-Service: "signals"
AirGap:
# Optional override for fact-update event topic when signaling across air-gap boundaries.
# Defaults to "signals.fact.updated.v1" when omitted.
EventTopic: "signals.fact.updated.v1"
SealedMode:
EnforcementEnabled: false
EvidencePath: "../ops/devops/sealed-mode-ci/artifacts/sealed-mode-ci/latest/signals-sealed-ci.json"
MaxEvidenceAge: "06:00:00"
CacheLifetime: "00:01:00"
Reference in New Issue View Git Blame Copy Permalink