stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
ff0eca3a51f9612335c51d0653397060f79e0f53
git.stella-ops.org/etc/packs-registry.yaml.sample
master f98cea3bcf Add Authority Advisory AI and API Lifecycle Configuration 
- Introduced AuthorityAdvisoryAiOptions and related classes for managing advisory AI configurations, including remote inference options and tenant-specific settings.
- Added AuthorityApiLifecycleOptions to control API lifecycle settings, including legacy OAuth endpoint configurations.
- Implemented validation and normalization methods for both advisory AI and API lifecycle options to ensure proper configuration.
- Created AuthorityNotificationsOptions and its related classes for managing notification settings, including ack tokens, webhooks, and escalation options.
- Developed IssuerDirectoryClient and related models for interacting with the issuer directory service, including caching mechanisms and HTTP client configurations.
- Added support for dependency injection through ServiceCollectionExtensions for the Issuer Directory Client.
- Updated project file to include necessary package references for the new Issuer Directory Client library.
2025-11-02 13:50:25 +02:00

63 lines
1.8 KiB
Plaintext
Raw Blame History

# StellaOps Packs Registry configuration template.
# Copy to ../etc/packs-registry.yaml (relative to the Packs Registry content root)
# and adjust values as needed. Environment variables prefixed with
# STELLAOPS_PACKSREGISTRY_ override these settings at runtime.
schemaVersion: 1
telemetry:
enabled: true
serviceName: "stellaops-packs-registry"
exportConsole: true
minimumLogLevel: "Information"
otlpEndpoint: ""
resourceAttributes:
deployment.environment: "local"
authority:
issuer: "https://authority.stella-ops.local"
metadataAddress: ""
requireHttpsMetadata: true
audiences:
- "api://packs-registry"
tenant: "tenant-default"
# Client credentials for publishing packs into the registry.
publishClient:
clientId: "packs-registry"
clientSecret: ""
clientSecretFile: "../secrets/packs-registry.secret"
scopes:
- "packs.write"
- "packs.read"
# Optional read-only client for mirrors or offline tooling.
readerClient:
clientId: "packs-reader"
clientSecret: ""
clientSecretFile: "../secrets/packs-reader.secret"
scopes:
- "packs.read"
storage:
# Mongo database storing pack metadata and provenance.
mongoConnectionString: "mongodb://packs-registry:registry@mongo:27017/packs-registry?authSource=admin"
# Object storage bucket/container for pack bundles and signatures.
bundleStore: "s3://stellaops-packs"
signing:
# Trusted keys (PEM paths or Fulcio issuer URLs) used to validate inbound packs.
trustedKeys:
- "../certificates/packs-signing.pem"
# Enforce DSSE attestations for published packs.
requireDsse: true
mirroring:
enabled: false
# Remote registry or file share used to seed mirrors in offline deployments.
source: ""
schedule: "00:30:00"
offlineKit:
enabled: true
exportDirectory: "out/offline/packs"
provenanceManifest: "out/offline/packs/provenance.json"
Reference in New Issue View Git Blame Copy Permalink