app-config.yaml

app:
  title: Bistec Global Backstage App
  baseUrl: http://localhost:3000

organization:
  name: Bistec Global

backend:
  baseUrl: http://localhost:7007
  listen:
    port: 7007
  csp:
    connect-src: ["'self'", 'http:', 'https:']
  cors:
    origin: http://localhost:3000
    methods: [GET, HEAD, PATCH, POST, PUT, DELETE]
    credentials: true
  coop:
    policy: same-origin 
  corp:
    policy: cross-origin
  database:
    client: pg
    connection:
      host: ${POSTGRES_HOST}
      port: ${POSTGRES_PORT}
      user: ${POSTGRES_USER}
      password: ${POSTGRES_PASSWORD}
      database: ${POSTGRES_DB}
      ssl: { rejectUnauthorized: false }
    knexConfig:
      pool:
        min: 2
        max: 10
        acquireTimeoutMillis: 30000
        createTimeoutMillis: 10000
        destroyTimeoutMillis: 5000
        idleTimeoutMillis: 30000
        reapIntervalMillis: 1000
        createRetryIntervalMillis: 200
        propagateCreateError: false
proxy:
# Example of adding a proxy endpoint for the frontend to handle HTTPS and CORS for internal services.
#   endpoints:
#     '/test':
#       target: 'https://example.com'
#       changeOrigin: true

techdocs:
  builder: 'local'
  generator:
    runIn: 'local'
  publisher:
    type: 'azureBlobStorage'
    azureBlobStorage:
      credentials:
        accountName: ${AZURE_BLOB_STORAGE_ACC_NAME}
        accountKey: ${AZURE_BLOB_STORAGE_ACC_KEY}
      containerName: 'techdocs'
  storageUrl: 'https://backstagebistec001.blob.core.windows.net/techdocs'

auth:
  environment: development
  providers:
    guest: {}
    microsoft:
      development:
        clientId: ${MICROSOFT_CLIENT_ID}
        clientSecret: ${MICROSOFT_CLIENT_SECRET}
        tenantId: ${MICROSOFT_TENANT_ID}
        domainHint: ${MICROSOFT_DOMAIN_HINT}
        additionalScopes:
          - user.read
        signIn:
          resolvers:
            - resolver: emailMatchingUserEntityProfileEmail
    google:
      development:
        clientId: ${AUTH_GOOGLE_CLIENT_ID}
        clientSecret: ${AUTH_GOOGLE_CLIENT_SECRET}
        signIn:
          resolvers:
            - resolver: emailMatchingUserEntityAnnotation

catalog:
  locations:
    - type: file
      target: ./catalog-info.yaml

permission:
  enabled: true