-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp-config.yaml
141 lines (129 loc) · 4.36 KB
/
app-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
app:
title: WeeboDevHub
baseUrl: http://localhost:3000
organization:
name: Weebo
backend:
# Used for enabling authentication, secret is shared by all backend plugins
# See https://backstage.io/docs/auth/service-to-service-auth for
# information on the format
# auth:
# keys:
# - secret: ${BACKEND_SECRET}
baseUrl: http://localhost:7000
listen: ':7000'
# Uncomment the following host directive to bind to specific interfaces
# host: 127.0.0.1
csp:
connect-src: [ "'self'", 'http:', 'https:' ]
# Content-Security-Policy directives follow the Helmet format: https://helmetjs.github.io/#reference
# Default Helmet Content-Security-Policy values can be removed by setting the key to false
img-src: [ "'self'", 'data:', 'https:', 'https://avatars.githubusercontent.com', 'https://imgs.xkcd.com' ]
cors:
origin: ${FRONTEND_URL}
methods: [ GET, HEAD, PATCH, POST, PUT, DELETE, OPTIONS ]
credentials: true
# This is for local development only, it is not recommended to use this in production
# The production database configuration is stored in app-config.production.yaml
database:
client: better-sqlite3
connection: ':memory:'
# workingDirectory: /tmp # Use this to configure a working directory for the scaffolder, defaults to the OS temp-dir
integrations:
github:
- host: github.com
token: ${GITHUB_TOKEN}
gitea:
- host: git.weebo.fr
token: ${GITEA_TOKEN}
proxy:
endpoints:
'/xkcd-proxy':
target: https://xkcd.com/
'/argocd/api':
target: ${ARGOCD_URL}/api/v1/
changeOrigin: true
# only if your argocd api has self-signed cert
secure: true
headers:
Cookie:
$env: ARGOCD_AUTH_TOKEN
sonarqube:
instances:
- name: default
baseUrl: ${SONARQUBE_URL}
apiKey: ${SONARQUBE_TOKEN}
### A typical reason to do this is to handle HTTPS and CORS for internal services.
# endpoints:
# '/test':
# target: 'https://example.com'
# changeOrigin: true
# Reference documentation http://backstage.io/docs/features/techdocs/configuration
# Note: After experimenting with basic setup, use CI/CD to generate docs
# and an external cloud storage when deploying TechDocs for production use-case.
# https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach
techdocs:
builder: 'local' # Alternatives - 'external'
generator:
runIn: 'docker' # Alternatives - 'local'
publisher:
type: 'local' # Alternatives - 'googleGcs' or 'awsS3'. Read documentation for using alternatives.
auth:
environment: development
# see https://backstage.io/docs/auth/ to learn about auth providers
providers:
# See https://backstage.io/docs/auth/guest/provider
guest: {}
oauth2Proxy: {}
github:
development:
clientId: ${GITHUB_CLIENT_ID}
clientSecret: ${GITHUB_CLIENT_SECRET}
scaffolder: # see https://backstage.io/docs/features/software-templates/configuration for software template options
spectralLinter:
openApiRulesetUrl: https://raw.githubusercontent.com/batleforc/Monofolio/refs/heads/main/.spectral.yaml
catalog:
import:
entityFilename: catalog-info.yaml
pullRequestBranchName: backstage-integration
rules:
- allow: [ Component, System, API, Resource, Location ]
locations:
# Weebo scope
- type: file
target: ../../model/location/*.yaml
- type: file
target: ../../model/system/*.yaml
- type: file
target: ../../model/user/*.yaml
rules:
- allow: [ User ]
- type: file
target: ../../model/group/weebdev.yaml
rules:
- allow: [ Group ]
kubernetes:
# see https://backstage.io/docs/features/kubernetes/configuration for kubernetes configuration options
serviceLocatorMethod:
type: multiTenant
clusterLocatorMethods:
- type: 'config'
clusters:
- url: ${K8S_CLUSTER_URL}
name: weebo4
authProvider: 'serviceAccount'
skipTLSVerify: false
skipMetricsLookup: true
serviceAccountToken: ${K8S_SA_TOKEN}
caFile: ${K8S_CA_FILE}
customResources:
- group: 'tekton.dev'
apiVersion: 'v1'
plural: 'pipelineruns'
- group: 'tekton.dev'
apiVersion: 'v1'
plural: 'taskruns'
# see https://backstage.io/docs/permissions/getting-started for more on the permission framework
permission:
# setting this to `false` will disable permissions
enabled: true