-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
50 lines (41 loc) · 2.08 KB
/
.env.example
File metadata and controls
50 lines (41 loc) · 2.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# debug
APP_DEBUG_ENABLED=false
# admin token for /server/* and /scheduled/* endpoints (optional)
# when set, requests to these endpoints require "Authorization: Bearer <token>"
# APP_ADMIN_TOKEN=your-secret-admin-token
# github app (required)
APP_GITHUB_APP_ID=123456
APP_GITHUB_APP_PRIVATE_KEY_PATH=./.local/private-key.pem
APP_GITHUB_INSTALLATION_ID=987654
APP_GITHUB_ORG=cruxstack
APP_GITHUB_WEBHOOK_SECRET=your-webhook-secret-here
# github pr compliance (optional)
APP_PR_COMPLIANCE_ENABLED=true
APP_PR_MONITORED_BRANCHES=main,master
# okta (optional)
APP_OKTA_DOMAIN=company.okta.com
APP_OKTA_CLIENT_ID=0oaxxxxxxxxxxxxxxxxxxxxx
APP_OKTA_PRIVATE_KEY_PATH=./.local/okta-private-key.pem
# APP_OKTA_SCOPES=okta.groups.read,okta.users.read
# okta sync rules
APP_OKTA_GITHUB_USER_FIELD=githubUsername
APP_OKTA_SYNC_RULES=[{"name":"sync-eng","enabled":true,"okta_group_pattern":"^github-eng-.*","github_team_prefix":"eng-","strip_prefix":"github-eng-","sync_members":true,"create_team_if_missing":true}]
# APP_OKTA_SYNC_SAFETY_THRESHOLD=0.5 # Prevent mass removal if more than 50% would be removed (default: 0.5)
# security alerts monitoring (optional)
# APP_SECURITY_ALERTS_ENABLED=true
# APP_SECURITY_ALERTS_MIN_AGE_DAYS=30 # only report alerts older than N days (default: 30)
# APP_SECURITY_ALERTS_MIN_SEVERITY=high # minimum severity: critical, high, medium, low (default: high)
# slack configuration (optional)
APP_SLACK_TOKEN=xoxb-xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
APP_SLACK_CHANNEL=C01234ABCDE
# optional: per-notification-type channels (fall back to APP_SLACK_CHANNEL)
# APP_SLACK_CHANNEL_PR_BYPASS=C01234ABCDE
# APP_SLACK_CHANNEL_OKTA_SYNC=C01234ABCDE
# APP_SLACK_CHANNEL_ORPHANED_USERS=C01234ABCDE
# APP_SLACK_CHANNEL_SECURITY_ALERTS=C01234ABCDE
# optional: custom footer note for PR bypass notifications (supports Slack mrkdwn)
# APP_SLACK_FOOTER_NOTE_PR_BYPASS=_Please review the <https://example.com/policy|security policy>._
# api gateway base path (optional, for lambda deployments with stage prefix)
# APP_BASE_PATH=v1
# server port (optional, for cmd/server only, default: 8080)
# APP_PORT=8080