generated from coulomb/repo-seed
tegwick
a08bd1684f
Issue-core requires a shared ingestion key on POST /issues/. The REST sink now sends Authorization: Bearer using ISSUE_CORE_API_KEY and fails fast when the key is missing under ISSUE_SINK_TYPE=rest. Updates .env.example, emission boundary docs, and unit tests for the header contract and missing-key error.
47 lines
3.1 KiB
Plaintext
47 lines
3.1 KiB
Plaintext
# ── Required ──────────────────────────────────────────────────────────────────
|
|
# PostgreSQL connection string for activity-core application data.
|
|
ACTCORE_DB_URL=postgresql+asyncpg://actcore:actcore@app-db:5432/actcore
|
|
|
|
# ── Temporal ──────────────────────────────────────────────────────────────────
|
|
# Temporal frontend gRPC address.
|
|
TEMPORAL_HOST=temporal:7233
|
|
# Temporal namespace (must exist before workers start).
|
|
TEMPORAL_NAMESPACE=default
|
|
|
|
# ── NATS ──────────────────────────────────────────────────────────────────────
|
|
# NATS server URL. JetStream must be enabled (-js flag).
|
|
NATS_URL=nats://nats:4222
|
|
|
|
# ── Service integrations (gracefully degraded if unavailable) ─────────────────
|
|
# State Hub — used by the state-hub context adapter. Binds {} on failure.
|
|
STATE_HUB_URL=http://127.0.0.1:8000
|
|
# Repo scoping — used by the repo-scoping context adapter. Binds {} on failure.
|
|
REPO_SCOPING_URL=http://127.0.0.1:8020
|
|
# Issue Core — task emission backend.
|
|
ISSUE_CORE_URL=http://127.0.0.1:8765
|
|
# Shared ingestion key — must match issue-core's ISSUE_CORE_API_KEY.
|
|
ISSUE_CORE_API_KEY=
|
|
# Sink type: 'rest' (POST to issue-core) or 'null' (discard, for dry-run).
|
|
ISSUE_SINK_TYPE=rest
|
|
|
|
# ── Activity definitions ───────────────────────────────────────────────────────
|
|
# Colon-separated paths to additional activity-definitions/ directories.
|
|
# The local activity-definitions/ directory is always scanned.
|
|
# Coulomb-loop kaizen engagement definitions (colon-separated for more roots).
|
|
ACTIVITY_DEFINITION_DIRS=/home/worsch/coulomb-loop
|
|
|
|
# ── Observability ─────────────────────────────────────────────────────────────
|
|
# Prometheus metrics bind address (Temporal SDK metrics).
|
|
PROMETHEUS_BIND_ADDR=0.0.0.0:9090
|
|
|
|
# ── Security (webhook receiver) ───────────────────────────────────────────────
|
|
# HMAC-SHA256 secret for Gitea webhook signature validation.
|
|
WEBHOOK_SECRET_GITEA=
|
|
# HMAC-SHA256 secret for GitHub webhook signature validation.
|
|
WEBHOOK_SECRET_GITHUB=
|
|
|
|
# ── Curator gate ──────────────────────────────────────────────────────────────
|
|
# 'disabled': accepts active + pending event types (pending logged as warning).
|
|
# 'required': only active event types accepted; pending events are discarded.
|
|
ACTIVITY_CURATOR_GATE=disabled
|