ff4d909b7e
- Added detailed comments and examples for the `policyPaths` configuration in both BAP and BPP YAML files to improve clarity on usage. - Introduced a new benchmark test suite for the Policy Enforcer to evaluate performance under varying rule counts, measuring both evaluation and compilation times.
178 lines
6.0 KiB
YAML
178 lines
6.0 KiB
YAML
appName: "onix-local"
|
|
log:
|
|
level: debug
|
|
destinations:
|
|
- type: stdout
|
|
contextKeys:
|
|
- transaction_id
|
|
- message_id
|
|
- subscriber_id
|
|
- module_id
|
|
http:
|
|
port: 8081
|
|
timeout:
|
|
read: 30
|
|
write: 30
|
|
idle: 30
|
|
pluginManager:
|
|
root: ./plugins
|
|
|
|
# OpenTelemetry (OTLP) - metrics and traces sent to OTEL collector
|
|
plugins:
|
|
otelsetup:
|
|
id: otelsetup
|
|
config:
|
|
serviceName: "beckn-one-bap"
|
|
serviceVersion: "1.0.0"
|
|
environment: "development"
|
|
domain: "ev_charging"
|
|
otlpEndpoint: "otel-collector-bap:4317"
|
|
enableMetrics: "true"
|
|
networkMetricsGranularity: "2min"
|
|
networkMetricsFrequency: "4min"
|
|
enableTracing: "true"
|
|
enableLogs: "true"
|
|
timeInterval: "5"
|
|
auditFieldsConfig: "/app/config/audit-fields.yaml"
|
|
|
|
modules:
|
|
- name: bapTxnReceiver
|
|
path: /bap/receiver/
|
|
handler:
|
|
type: std
|
|
role: bap
|
|
httpClientConfig:
|
|
maxIdleConns: 1000
|
|
maxIdleConnsPerHost: 200
|
|
idleConnTimeout: 300s
|
|
responseHeaderTimeout: 5s
|
|
plugins:
|
|
registry:
|
|
id: dediregistry
|
|
config:
|
|
url: https://api.dev.beckn.io/registry/dedi # This is the testnet URL. The production URL is https://api.beckn.io/registry/dedi
|
|
registryName: subscribers.beckn.one # This is the wildcard string used to lookup across registries in Beckn One. Do not change this.
|
|
timeout: 10
|
|
retry_max: 3
|
|
retry_wait_min: 100ms
|
|
retry_wait_max: 500ms
|
|
keyManager:
|
|
id: simplekeymanager
|
|
config:
|
|
networkParticipant: ev-charging.sandbox1.com
|
|
keyId: 76EU7PktCXdPoNEZBjmg4Eb25A2egsd5MYJ67Qxza7bJQFvBHCYxgk
|
|
signingPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
|
|
signingPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
|
|
encrPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
|
|
encrPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
|
|
cache:
|
|
id: cache
|
|
config:
|
|
addr: redis:6379
|
|
schemaValidator:
|
|
id: schemav2validator
|
|
config:
|
|
type: url
|
|
location: https://raw.githubusercontent.com/beckn/protocol-specifications-new/refs/heads/main/api/beckn.yaml
|
|
cacheTTL: "3600"
|
|
extendedSchema_enabled: "true"
|
|
extendedSchema_cacheTTL: "86400"
|
|
extendedSchema_maxCacheSize: "100"
|
|
extendedSchema_downloadTimeout: "30"
|
|
extendedSchema_allowedDomains: "beckn.org,example.com,raw.githubusercontent.com"
|
|
signValidator:
|
|
id: signvalidator
|
|
router:
|
|
id: router
|
|
config:
|
|
routingConfig: ./config/local-beckn-one-routing-BAPReceiver.yaml
|
|
policyEnforcer:
|
|
id: policyenforcer
|
|
config:
|
|
# policyPaths: polymorphic, auto-detects each entry as URL, directory, or file
|
|
# Examples:
|
|
# policyPaths: "./policies" # local directory
|
|
# policyPaths: "https://example.com/compliance.rego" # remote URL
|
|
# policyPaths: "./policies/compliance.rego" # local file
|
|
# For multiple sources, use YAML folded scalar (>-):
|
|
# policyPaths: >-
|
|
# https://example.com/compliance.rego,
|
|
# https://example.com/safety.rego,
|
|
# ./policies
|
|
policyPaths: "./policies"
|
|
middleware:
|
|
- id: reqpreprocessor
|
|
config:
|
|
contextKeys: transaction_id,message_id
|
|
role: bap
|
|
steps:
|
|
- validateSign
|
|
- policyEnforcer
|
|
- addRoute
|
|
- validateSchema
|
|
|
|
- name: bapTxnCaller
|
|
path: /bap/caller/
|
|
handler:
|
|
type: std
|
|
role: bap
|
|
httpClientConfig:
|
|
maxIdleConns: 1000
|
|
maxIdleConnsPerHost: 200
|
|
idleConnTimeout: 300s
|
|
responseHeaderTimeout: 5s
|
|
plugins:
|
|
registry:
|
|
id: dediregistry
|
|
config:
|
|
url: https://api.dev.beckn.io/registry/dedi # This is the testnet URL. The production URL is https://api.beckn.io/registry/dedi
|
|
registryName: subscribers.beckn.one # This is the wildcard string used to lookup across registries in Beckn One. Do not change this.
|
|
timeout: 10
|
|
retry_max: 3
|
|
retry_wait_min: 100ms
|
|
retry_wait_max: 500ms
|
|
keyManager:
|
|
id: simplekeymanager
|
|
config:
|
|
networkParticipant: ev-charging.sandbox1.com
|
|
keyId: 76EU7PktCXdPoNEZBjmg4Eb25A2egsd5MYJ67Qxza7bJQFvBHCYxgk
|
|
signingPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
|
|
signingPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
|
|
encrPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
|
|
encrPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
|
|
cache:
|
|
id: cache
|
|
config:
|
|
addr: redis:6379
|
|
schemaValidator:
|
|
id: schemav2validator
|
|
config:
|
|
type: url
|
|
location: https://raw.githubusercontent.com/beckn/protocol-specifications-new/refs/heads/main/api/beckn.yaml
|
|
cacheTTL: "3600"
|
|
extendedSchema_enabled: "true"
|
|
extendedSchema_cacheTTL: "86400"
|
|
extendedSchema_maxCacheSize: "100"
|
|
extendedSchema_downloadTimeout: "30"
|
|
extendedSchema_allowedDomains: "beckn.org,example.com,raw.githubusercontent.com"
|
|
router:
|
|
id: router
|
|
config:
|
|
routingConfig: ./config/local-beckn-one-routing-BAPCaller.yaml
|
|
signer:
|
|
id: signer
|
|
middleware:
|
|
- id: reqpreprocessor
|
|
config:
|
|
contextKeys: transaction_id,message_id
|
|
role: bap
|
|
policyEnforcer:
|
|
id: policyenforcer
|
|
config:
|
|
policyPaths: "./policies"
|
|
steps:
|
|
- policyEnforcer
|
|
- addRoute
|
|
- sign
|
|
- validateSchema
|
|
|