stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
b1e78fe41273a80c09ca56e37f273fc64d2a0a32
git.stella-ops.org/etc/task-runner.yaml.sample
master f98cea3bcf Add Authority Advisory AI and API Lifecycle Configuration 
- Introduced AuthorityAdvisoryAiOptions and related classes for managing advisory AI configurations, including remote inference options and tenant-specific settings.
- Added AuthorityApiLifecycleOptions to control API lifecycle settings, including legacy OAuth endpoint configurations.
- Implemented validation and normalization methods for both advisory AI and API lifecycle options to ensure proper configuration.
- Created AuthorityNotificationsOptions and its related classes for managing notification settings, including ack tokens, webhooks, and escalation options.
- Developed IssuerDirectoryClient and related models for interacting with the issuer directory service, including caching mechanisms and HTTP client configurations.
- Added support for dependency injection through ServiceCollectionExtensions for the Issuer Directory Client.
- Updated project file to include necessary package references for the new Issuer Directory Client library.
2025-11-02 13:50:25 +02:00

70 lines
2.3 KiB
Plaintext
Raw Blame History

# StellaOps Task Runner configuration template.
# Copy to ../etc/task-runner.yaml (relative to the Task Runner content root)
# and adjust values for your environment. Environment variables prefixed with
# STELLAOPS_TASKRUNNER_ override these values at runtime.
schemaVersion: 1
telemetry:
enabled: true
serviceName: "stellaops-taskrunner"
exportConsole: true
minimumLogLevel: "Information"
otlpEndpoint: ""
resourceAttributes:
deployment.environment: "local"
authority:
issuer: "https://authority.stella-ops.local"
metadataAddress: ""
requireHttpsMetadata: true
audiences:
- "api://task-runner"
# Client credentials used for executing packs. Provide either clientSecret or
# clientSecretFile (preferred for production).
runnerClient:
clientId: "task-runner"
clientSecret: ""
clientSecretFile: "../secrets/task-runner.secret"
scopes:
- "packs.run"
- "packs.read"
# Client used to approve gates when automation workflows sign off on runs.
approvalsClient:
clientId: "pack-approver"
clientSecret: ""
clientSecretFile: "../secrets/pack-approver.secret"
scopes:
- "packs.approve"
- "packs.read"
# Optional secondary client used for registry interactions (promote/deprecate).
registryClient:
clientId: "packs-registry"
clientSecret: ""
clientSecretFile: "../secrets/packs-registry.secret"
scopes:
- "packs.write"
- "packs.read"
# Tenant context required for all Task Runner operations.
tenant: "tenant-default"
storage:
# Object storage bucket where run artifacts and evidence bundles are kept.
artifactsBucket: "s3://stellaops-taskrunner-artifacts"
# MongoDB stores run metadata and approval state; update connection string
# before deploying.
mongoConnectionString: "mongodb://taskrunner:taskrunner@mongo:27017/taskrunner?authSource=admin"
approvals:
# Default timeout before pending approvals auto-expire.
defaultExpiresAfter: "04:00:00"
# Notifications topic emitted when approvals are requested/resolved.
notifyTopic: "pack.run.approvals"
runner:
# Maximum concurrent steps Task Runner executes per worker.
maxParallelSteps: 8
# Allowlist of modules that can initiate network calls when sealed=false.
networkAllowlist:
- "*.internal.stella-ops.local"
Reference in New Issue View Git Blame Copy Permalink