-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp-config.yaml
133 lines (124 loc) · 4.14 KB
/
app-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
app:
title: D&I Service Registry
baseUrl: http://localhost:3000
organization:
name: Tyler Technologies - D&I
backend:
# Used for enabling authentication, secret is shared by all backend plugins
# See https://backstage.io/docs/auth/service-to-service-auth for
# information on the format
# auth:
# keys:
# - secret: ${BACKEND_SECRET}
baseUrl: http://localhost:7007
listen:
port: 7007
# Uncomment the following host directive to bind to specific interfaces
# host: 127.0.0.1
csp:
connect-src: ["'self'", 'http:', 'https:']
# Content-Security-Policy directives follow the Helmet format: https://helmetjs.github.io/#reference
# Default Helmet Content-Security-Policy values can be removed by setting the key to false
cors:
origin: http://localhost:3000
methods: [GET, HEAD, PATCH, POST, PUT, DELETE]
credentials: true
database:
# config options: https://node-postgres.com/apis/client
client: pg
pluginDivisionMode: schema # plugins get their own schema
connection:
database: "service_registry"
host: localhost
port: 5432
user: "service_registry_db_user"
password: ${PG_PASSWORD}
integrations:
github:
- host: github.com
apps:
- $include: github-app-socrata-backstage-credentials.yaml
# Reference documentation http://backstage.io/docs/features/techdocs/configuration
techdocs:
builder: 'local' # Alternatives - 'external'
generator:
runIn: 'local' # Alternatives - 'docker'
publisher:
type: 'local' # Alternatives - 'googleGcs' or 'awsS3'
auth: # see https://backstage.io/docs/auth/ to learn about auth providers
environment: development
providers:
okta:
development:
clientId: ${AUTH_OKTA_CLIENT_ID}
clientSecret: ${AUTH_OKTA_CLIENT_SECRET}
audience: 'https://socrata.okta.com'
signIn:
resolvers:
- resolver: emailMatchingUserEntityProfileEmail
# see https://backstage.io/docs/features/software-templates/configuration for software template options
scaffolder:
# see https://backstage.io/docs/features/software-catalog/configuration
catalog:
stitchingStrategy:
mode: immediate
orphanStrategy: delete
# readonly: true # TODO - this maybe be worthwhile, since I don't think we're creating/updating/deleting
providers:
#githubOrg: # config for getting users/teams into the catalog
# id: socrata
# githubUrl: https://github.com
# orgs: ['socrata'] # TODO - cookbooks and platform
# schedule:
# initialDelay: { seconds: 10 }
# frequency: { hours: 1 }
# timeout: { minutes: 50 }
github: # config for getting repository information into the catalog
socrata:
organization: 'socrata'
catalogPath: '/**/service-registry.yaml'
schedule:
frequency: { minutes: 30 }
timeout: { minutes: 25 }
microsoftGraphOrg:
default:
tenantId: ${AZURE_TENANT_ID}
clientId: ${AZURE_CLIENT_ID}
clientSecret: ${AZURE_CLIENT_SECRET}
user:
expand: manager
groups:
includeSubGroups: true
expand: member
select: ['id', 'displayName', 'description']
userGroupMember:
filter: "id eq '42a286ac-820c-4f35-90ee-cfbdcceca658'"
schedule:
frequency: PT1H
timeout: PT50M
import: # for the import plugin: https://github.com/backstage/backstage/tree/master/plugins/catalog-import
entityFilename: service-registry.yaml
pullRequestBranchName: backstage-integration
rules:
- allow: [Component, System, API, Resource, Location]
locations: # file locations are relative to the backend process (`packages/backend`)
- type: file
target: ../../catalog-info/entities.yaml
- type: file
target: ../../catalog-info/template/template.yaml
rules:
- allow: [Template]
- type: file
target: ../../catalog-info/org.yaml
rules:
- allow: [User, Group]
# see https://backstage.io/docs/permissions/getting-started
permission:
enabled: true
#events:
# http:
# topics:
# - github
# modules:
# github:
# webhookSecret: ${GITHUB_WORKFLOW_SECRET}