141 lines
2.9 KiB
YAML
Executable File
141 lines
2.9 KiB
YAML
Executable File
# 🦁 Lionsctl Configuration
|
|
# This is the default configuration file for lionsctl
|
|
# Enterprise-grade CI/CD platform for lions.dev
|
|
|
|
version: "2.0.0-alpha"
|
|
environment: "development"
|
|
log_level: "info"
|
|
|
|
# Compatibility settings
|
|
compatibility:
|
|
enabled: true
|
|
version: "2.0"
|
|
fallback: true
|
|
|
|
# Container registry configuration
|
|
docker:
|
|
registry:
|
|
url: "registry.lions.dev"
|
|
namespace: ""
|
|
insecure: false
|
|
buildkit:
|
|
enabled: true
|
|
driver: "docker-container"
|
|
platforms: ["linux/amd64", "linux/arm64"]
|
|
daemon:
|
|
host: "unix:///var/run/docker.sock"
|
|
timeout: "30s"
|
|
|
|
# Git configuration
|
|
git:
|
|
domain: "git.lions.dev"
|
|
base_url: "https://git.lions.dev"
|
|
default_branch: "main"
|
|
# Credentials managed via Vault
|
|
vault_path: "secret/data/lionsctl/git"
|
|
auth_method: "token" # token-based auth via HTTPS
|
|
|
|
# HashiCorp Vault configuration
|
|
vault:
|
|
address: "https://vault.lions.dev"
|
|
namespace: ""
|
|
timeout: "10s"
|
|
token: "hvs.PQ5emcpA9SNqvx5sjuuub2TD"
|
|
engines:
|
|
kv: "secret/"
|
|
transit: "transit/"
|
|
pki: "pki/"
|
|
auth:
|
|
method: "token"
|
|
path: "auth/token"
|
|
role: "lionsctl"
|
|
|
|
# Kubernetes configuration
|
|
kubernetes:
|
|
clusters:
|
|
- name: "k1-siib"
|
|
context: "k1"
|
|
server: "https://k8s-k1.lions.dev"
|
|
- name: "k2-sigobe"
|
|
context: "k2"
|
|
server: "https://k8s-k2.lions.dev"
|
|
context: "" # Auto-detect
|
|
namespace: "default"
|
|
timeout: "30s"
|
|
|
|
# Monitoring and observability
|
|
monitoring:
|
|
prometheus:
|
|
url: "https://prometheus.lions.dev"
|
|
timeout: "10s"
|
|
metrics:
|
|
enabled: true
|
|
namespace: "lionsctl"
|
|
interval: "15s"
|
|
port: 8080
|
|
path: "/metrics"
|
|
grafana:
|
|
url: "https://grafana.lions.dev"
|
|
org_id: 1
|
|
tracing:
|
|
enabled: true
|
|
provider: "jaeger"
|
|
service_name: "lionsctl"
|
|
sample_rate: 0.1
|
|
logging:
|
|
level: "info"
|
|
format: "json"
|
|
structured: true
|
|
|
|
# Build configuration
|
|
build:
|
|
parallel: true
|
|
max_parallel: 4
|
|
timeout: "30m"
|
|
cache:
|
|
enabled: true
|
|
ttl: "24h"
|
|
type: "memory" # memory, redis, file
|
|
retry:
|
|
enabled: true
|
|
max_retries: 3
|
|
delay: "5s"
|
|
backoff: "exponential"
|
|
maven:
|
|
goals: ["clean", "package"]
|
|
skip_tests: false
|
|
offline: false
|
|
nodejs:
|
|
package_manager: "npm" # npm, yarn, pnpm
|
|
registry: "https://registry.npmjs.org"
|
|
skip_tests: false
|
|
|
|
# Security configuration
|
|
security:
|
|
signing:
|
|
enabled: true
|
|
provider: "cosign" # cosign, notary
|
|
keyless: true
|
|
oidc_token: true
|
|
scanning:
|
|
enabled: true
|
|
provider: "trivy" # trivy, grype, snyk
|
|
fail_on: ["critical", "high"]
|
|
exclude: []
|
|
timeout: "5m"
|
|
policies:
|
|
enabled: true
|
|
provider: "opa" # opa, falco
|
|
action: "warn" # warn, block
|
|
compliance:
|
|
enabled: true
|
|
standards: ["slsa", "sbom"]
|
|
reports: true
|
|
|
|
# User interface configuration
|
|
ui:
|
|
color: true
|
|
interactive: true
|
|
theme: "lions"
|
|
progress: true
|
|
animations: true |