app-config.yaml

app:
  title: Backstage Example App
  baseUrl: http://localhost:7000

backend:
  baseUrl: http://localhost:7000
  listen:
    port: 7000
  database:
    client: sqlite3
    connection: ':memory:'

# See README.md in the proxy-backend plugin for information on the configuration format
proxy:
  '/circleci/api':
    target: https://circleci.com/api/v1.1
    changeOrigin: true
    pathRewrite:
      '^/proxy/circleci/api/': '/'
    headers:
      Circle-Token:
        $secret:
          env: CIRCLECI_AUTH_TOKEN

  '/jenkins/api':
    target: http://localhost:8080
    headers:
      Authorization:
        $secret:
          env: JENKINS_BASIC_AUTH_HEADER

organization:
  name: Spotify

techdocs:
  storageUrl: http://localhost:7000/techdocs/static/docs
  requestUrl: http://localhost:7000/techdocs/docs
  generators:
    techdocs: 'docker'

sentry:
  organization: spotify

rollbar:
  organization: spotify
  accountToken:
    $secret:
      env: ROLLBAR_ACCOUNT_TOKEN

newrelic:
  api:
    baseUrl: 'https://api.newrelic.com/v2'
    key: NEW_RELIC_REST_API_KEY

lighthouse:
  baseUrl: http://localhost:3003

catalog:
  rules:
    - allow: [Component, API, Group, Template, Location]
  processors:
    github:
      providers:
        - target: https://github.com
          token:
            $secret:
              env: GITHUB_PRIVATE_TOKEN
        #### Example for how to add your GitHub Enterprise instance using the API:
        # - target: https://ghe.example.net
        #   apiBaseUrl: https://ghe.example.net/api/v3
        #   token:
        #     $secret:
        #       env: GHE_PRIVATE_TOKEN
        #### Example for how to add your GitHub Enterprise instance using raw HTTP fetches (token is optional):
        # - target: https://ghe.example.net
        #   rawBaseUrl: https://ghe.example.net/raw
        #   token:
        #     $secret:
        #       env: GHE_PRIVATE_TOKEN
    bitbucketApi:
      username:
        $secret:
          env: BITBUCKET_USERNAME
      appPassword:
        $secret:
          env: BITBUCKET_APP_PASSWORD
    gitlabApi:
      privateToken:
        $secret:
          env: GITLAB_PRIVATE_TOKEN
    azureApi:
      privateToken:
        $secret:
          env: AZURE_PRIVATE_TOKEN

  locations:
    # Backstage example components
    - type: github
      target: https://github.com/spotify/backstage/blob/master/packages/catalog-model/examples/all-components.yaml

    # Example component for github-actions
    - type: github
      target: https://github.com/spotify/backstage/blob/master/plugins/github-actions/examples/sample.yaml

    # Example component for techdocs
    - type: github
      target: https://github.com/spotify/backstage/blob/master/plugins/techdocs-backend/examples/documented-component/documented-component.yaml

    # Backstage example APIs
    - type: github
      target: https://github.com/spotify/backstage/blob/master/packages/catalog-model/examples/all-apis.yaml

    # Backstage example templates
    - type: github
      target: https://github.com/spotify/backstage/blob/master/plugins/scaffolder-backend/sample-templates/all-templates.yaml

scaffolder:
  github:
    token:
      $secret:
        env: GITHUB_ACCESS_TOKEN
    visibility: public # or 'internal' or 'private'
  gitlab:
    api:
      baseUrl: https://gitlab.com
      token:
        $secret:
          env: GITLAB_ACCESS_TOKEN

auth:
  providers:
    google:
      development:
        clientId:
          $secret:
            env: AUTH_GOOGLE_CLIENT_ID
        clientSecret:
          $secret:
            env: AUTH_GOOGLE_CLIENT_SECRET
    github:
      development:
        clientId:
          $secret:
            env: AUTH_GITHUB_CLIENT_ID
        clientSecret:
          $secret:
            env: AUTH_GITHUB_CLIENT_SECRET
        enterpriseInstanceUrl:
          $secret:
            env: AUTH_GITHUB_ENTERPRISE_INSTANCE_URL
    gitlab:
      development:
        clientId:
          $secret:
            env: AUTH_GITLAB_CLIENT_ID
        clientSecret:
          $secret:
            env: AUTH_GITLAB_CLIENT_SECRET
        audience:
          $secret:
            env: GITLAB_BASE_URL
    saml:
      entryPoint: 'http://localhost:7001/'
      issuer: 'passport-saml'
    okta:
      development:
        clientId:
          $secret:
            env: AUTH_OKTA_CLIENT_ID
        clientSecret:
          $secret:
            env: AUTH_OKTA_CLIENT_SECRET
        audience:
          $secret:
            env: AUTH_OKTA_AUDIENCE
    oauth2:
      development:
        clientId:
          $secret:
            env: AUTH_OAUTH2_CLIENT_ID
        clientSecret:
          $secret:
            env: AUTH_OAUTH2_CLIENT_SECRET
        authorizationUrl:
          $secret:
            env: AUTH_OAUTH2_AUTH_URL
        tokenUrl:
          $secret:
            env: AUTH_OAUTH2_TOKEN_URL
    auth0:
      development:
        clientId:
          $secret:
            env: AUTH_AUTH0_CLIENT_ID
        clientSecret:
          $secret:
            env: AUTH_AUTH0_CLIENT_SECRET
        domain:
          $secret:
            env: AUTH_AUTH0_DOMAIN
    microsoft:
      development:
        clientId:
          $secret:
            env: AUTH_MICROSOFT_CLIENT_ID
        clientSecret:
          $secret:
            env: AUTH_MICROSOFT_CLIENT_SECRET
        tenantId:
          $secret:
            env: AUTH_MICROSOFT_TENANT_ID