git.stella-ops.org/etc/signals.yaml.sample

# Signals service configuration template.
# Copy to ../etc/signals.yaml (relative to the Signals content root)
# and adjust values to fit your environment.

schemaVersion: 1

Signals:
  Authority:
    Enabled: true
    Issuer: "https://authority.stella-ops.local"
    AllowAnonymousFallback: false
    Audiences:
      - "api://signals"
    RequiredTenants:
      - "tenant-default"
    RequiredScopes:
      - "signals:read"
      - "signals:write"
      - "signals:admin"
    BypassNetworks:
      - "127.0.0.1/32"
      - "::1/128"
  Mongo:
    ConnectionString: "mongodb://localhost:27017/signals"
    Database: "signals"
    CallgraphsCollection: "callgraphs"
    ReachabilityFactsCollection: "reachability_facts"
  Storage:
    RootPath: "../data/signals-artifacts"
  Scoring:
    ReachableConfidence: 0.75
    UnreachableConfidence: 0.25
    RuntimeBonus: 0.15
    MaxConfidence: 0.99
    MinConfidence: 0.05
  AirGap:
    SealedMode:
      EnforcementEnabled: false
      EvidencePath: "../ops/devops/sealed-mode-ci/artifacts/sealed-mode-ci/latest/signals-sealed-ci.json"
      MaxEvidenceAge: "06:00:00"
      CacheLifetime: "00:01:00"