stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
de6f3f0c33c5a9c5ca060681b4a6500c57fce896
git.stella-ops.org/etc/policy-gateway.yaml.sample
master c1ecc75ace refactor(policy): merge policy gateway into policy-engine 
- Move 24 gateway source files (endpoints, services, contracts) into engine
  under Endpoints/Gateway/, Services/Gateway/, Contracts/Gateway/ namespaces
- Add gateway DI registrations and endpoint mappings to engine Program.cs
- Add missing project references (StellaOps.Policy.Scoring, DeltaVerdict, Localization)
- Remove HTTP proxy layer (PolicyEngineClient, DPoP, forwarding context not copied)
- Update gateway routes in router appsettings to point to policy-engine
- Comment out policy service in docker-compose, add backwards-compat network alias
- Update services-matrix (gateway build line commented out)
- Update all codebase references: AdvisoryAI, JobEngine, CLI, router tests, helm
- Update docs: OFFLINE_KIT, configuration-migration, gateway guide, port-registry
- Deprecate etc/policy-gateway.yaml.sample with notice
- Eliminates 1 container, 9 HTTP round-trips, DPoP token flow

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 13:19:09 +03:00

45 lines
1.7 KiB
Plaintext
Raw Blame History

# DEPRECATED: The Policy Gateway has been merged into Policy Engine.
# This file is kept for reference only. Use policy-engine.yaml instead.
# See docs/modules/policy/guides/gateway.md for migration guidance.
#
# Original description:
# StellaOps Policy Gateway configuration template.
# Copy to ../etc/policy-gateway.yaml (relative to the gateway content root)
# and adjust values to fit your environment. Environment variables prefixed with
# STELLAOPS_POLICY_GATEWAY_ override these values at runtime.
schemaVersion: 1
telemetry:
minimumLogLevel: Information
resourceServer:
authority: "https://authority.stella-ops.local"
metadataAddress: "https://authority.stella-ops.local/.well-known/openid-configuration"
audiences: [ "api://policy-gateway" ]
requiredScopes: [ "policy:read", "policy:author", "policy:review", "policy:approve", "policy:operate", "policy:simulate", "policy:run", "policy:activate" ]
requiredTenants: [ ]
bypassNetworks:
- "127.0.0.1/32"
- "::1/128"
requireHttpsMetadata: true
backchannelTimeoutSeconds: 30
tokenClockSkewSeconds: 60
policyEngine:
baseAddress: "https://policy-engine.stella-ops.local"
audience: "api://policy-engine"
clientCredentials:
enabled: true
clientId: "policy-gateway"
clientSecret: "change-me"
scopes: [ "policy:read", "policy:author", "policy:review", "policy:approve", "policy:operate", "policy:simulate", "policy:run", "policy:activate" ]
backchannelTimeoutSeconds: 30
dpop:
enabled: false
keyPath: "../etc/policy-gateway-dpop.pem"
keyPassphrase: ""
algorithm: "ES256"
proofLifetime: "00:02:00"
clockSkew: "00:00:30"
Reference in New Issue View Git Blame Copy Permalink