mirror of
https://github.com/git-pkgs/proxy.git
synced 2026-06-02 08:38:17 -04:00
552c8ac4e5* feat(gradle): add request metrics for build cache handler * Implement fallback handling for Gradle plugin requests and update tests * refactor(gradle): simplify response handling and remove unused metrics assertions * Add tests for Gradle plugin metadata fallback and refactor metadata handling --------- Co-authored-by: Mateusz (Mati) Kepa <m.kepa@sportradar.com>
162 lines
5.1 KiB
YAML
162 lines
5.1 KiB
YAML
# Proxy server configuration
|
|
# Copy to config.yaml and modify as needed
|
|
|
|
# Server listen address
|
|
listen: ":8080"
|
|
|
|
# Public URL where this proxy is accessible
|
|
# Used for rewriting package metadata URLs
|
|
base_url: "http://localhost:8080"
|
|
|
|
# Artifact storage configuration
|
|
storage:
|
|
# Storage backend URL
|
|
# Supported schemes:
|
|
# - file:///path/to/dir - Local filesystem (default)
|
|
# - s3://bucket-name - Amazon S3
|
|
# - s3://bucket?endpoint=http://localhost:9000 - S3-compatible (MinIO)
|
|
#
|
|
# For S3, configure credentials via environment variables:
|
|
# AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION
|
|
url: ""
|
|
|
|
# Local filesystem path (used when url is empty)
|
|
# Deprecated: Use url with file:// scheme instead
|
|
path: "./cache/artifacts"
|
|
|
|
# Maximum cache size (e.g., "10GB", "500MB")
|
|
# When exceeded, least recently used artifacts are evicted
|
|
# Empty or "0" means unlimited
|
|
max_size: ""
|
|
|
|
# Redirect cached artifact downloads to presigned storage URLs (HTTP 302)
|
|
# instead of streaming through the proxy. Only effective for S3 and Azure.
|
|
# Leave disabled if clients reach the proxy through an authenticating gateway,
|
|
# since presigned URLs bypass it.
|
|
direct_serve: false
|
|
|
|
# How long presigned URLs remain valid (e.g. "5m", "1h"). Default: "15m".
|
|
direct_serve_ttl: "15m"
|
|
|
|
# Public base URL to substitute into presigned URLs. Set this when the
|
|
# proxy reaches storage at an internal address (127.0.0.1, a Docker
|
|
# service name) but clients must use a public hostname. Only scheme and
|
|
# host are used; the signed path and query are preserved. For S3/MinIO
|
|
# the reverse proxy at this address must forward requests with the
|
|
# internal Host header or the SigV4 signature will not validate.
|
|
# direct_serve_base_url: "https://minio.example.com"
|
|
|
|
# Database configuration
|
|
database:
|
|
# Database driver: "sqlite" (default) or "postgres"
|
|
driver: "sqlite"
|
|
|
|
# SQLite database file path (used when driver is "sqlite")
|
|
path: "./cache/proxy.db"
|
|
|
|
# PostgreSQL connection URL (used when driver is "postgres")
|
|
# Example: "postgres://user:password@localhost:5432/proxy?sslmode=disable"
|
|
url: ""
|
|
|
|
# Logging configuration
|
|
log:
|
|
# Minimum log level: "debug", "info", "warn", "error"
|
|
level: "info"
|
|
|
|
# Log format: "text" or "json"
|
|
format: "text"
|
|
|
|
# Upstream registry URLs and authentication
|
|
upstream:
|
|
# npm registry URL
|
|
npm: "https://registry.npmjs.org"
|
|
|
|
# Maven repository URL (used by /maven endpoint)
|
|
maven: "https://repo1.maven.org/maven2"
|
|
|
|
# Gradle Plugin Portal Maven URL (fallback for plugin marker artifacts)
|
|
gradle_plugin_portal: "https://plugins.gradle.org/m2"
|
|
|
|
# Cargo sparse index URL
|
|
cargo: "https://index.crates.io"
|
|
|
|
# Cargo crate download URL
|
|
cargo_download: "https://static.crates.io/crates"
|
|
|
|
# Authentication for upstream registries
|
|
# Keys are URL prefixes matched against request URLs.
|
|
# Values can reference environment variables using ${VAR_NAME} syntax.
|
|
#
|
|
# Supported auth types:
|
|
# - bearer: Authorization header with Bearer token
|
|
# - basic: Authorization header with Basic auth (username:password)
|
|
# - header: Custom header name and value
|
|
auth:
|
|
# Example: npm with bearer token
|
|
# "https://registry.npmjs.org":
|
|
# type: bearer
|
|
# token: "${NPM_TOKEN}"
|
|
|
|
# Example: GitHub npm registry
|
|
# "https://npm.pkg.github.com":
|
|
# type: bearer
|
|
# token: "${GITHUB_TOKEN}"
|
|
|
|
# Example: PyPI with basic auth
|
|
# "https://pypi.org":
|
|
# type: basic
|
|
# username: "__token__"
|
|
# password: "${PYPI_TOKEN}"
|
|
|
|
# Example: Custom header for private registry
|
|
# "https://maven.mycompany.com":
|
|
# type: header
|
|
# header_name: "X-Auth-Token"
|
|
# header_value: "${MAVEN_TOKEN}"
|
|
|
|
# Gradle HttpBuildCache configuration
|
|
gradle:
|
|
build_cache:
|
|
# Set to true to disable PUT uploads (read-only cache mode)
|
|
read_only: false
|
|
|
|
# Maximum accepted Gradle cache upload body size
|
|
# Required and must be > 0
|
|
max_upload_size: "100MB"
|
|
|
|
# Evict entries older than this age (set to "0" to disable age-based eviction)
|
|
max_age: "168h"
|
|
|
|
# Cap total Gradle cache size; oldest entries are deleted first
|
|
# ("0" disables size-based eviction)
|
|
# max_size: "20GB"
|
|
|
|
# How often eviction runs when max_age or max_size is set
|
|
sweep_interval: "10m"
|
|
|
|
# Health endpoint configuration.
|
|
health:
|
|
# Minimum time between storage backend probes.
|
|
# The /health endpoint runs a write/read/verify/delete round-trip
|
|
# against the configured storage backend and caches the result for
|
|
# this interval. Set to "0" to probe on every request.
|
|
# Default: "30s".
|
|
storage_probe_interval: "30s"
|
|
|
|
# Version cooldown configuration
|
|
# Hides package versions published too recently, giving the community time
|
|
# to spot malicious releases before they're pulled into projects.
|
|
# Supported durations: "7d" (days), "48h" (hours), "30m" (minutes), "0" (disabled)
|
|
cooldown:
|
|
# Global default cooldown for all ecosystems
|
|
# default: "3d"
|
|
|
|
# Per-ecosystem overrides
|
|
# ecosystems:
|
|
# npm: "7d"
|
|
# cargo: "0"
|
|
|
|
# Per-package overrides (keyed by PURL)
|
|
# packages:
|
|
# "pkg:npm/lodash": "0"
|
|
# "pkg:npm/@babel/core": "14d"
|