Files
onix/config/local-beckn-one-bap.yaml
Ayush Rawat ff4d909b7e Enhance Policy Enforcer Configuration and Add Benchmark Tests
- Added detailed comments and examples for the `policyPaths` configuration in both BAP and BPP YAML files to improve clarity on usage.
- Introduced a new benchmark test suite for the Policy Enforcer to evaluate performance under varying rule counts, measuring both evaluation and compilation times.
2026-03-05 15:31:34 +05:30

178 lines
6.0 KiB
YAML

appName: "onix-local"
log:
level: debug
destinations:
- type: stdout
contextKeys:
- transaction_id
- message_id
- subscriber_id
- module_id
http:
port: 8081
timeout:
read: 30
write: 30
idle: 30
pluginManager:
root: ./plugins
# OpenTelemetry (OTLP) - metrics and traces sent to OTEL collector
plugins:
otelsetup:
id: otelsetup
config:
serviceName: "beckn-one-bap"
serviceVersion: "1.0.0"
environment: "development"
domain: "ev_charging"
otlpEndpoint: "otel-collector-bap:4317"
enableMetrics: "true"
networkMetricsGranularity: "2min"
networkMetricsFrequency: "4min"
enableTracing: "true"
enableLogs: "true"
timeInterval: "5"
auditFieldsConfig: "/app/config/audit-fields.yaml"
modules:
- name: bapTxnReceiver
path: /bap/receiver/
handler:
type: std
role: bap
httpClientConfig:
maxIdleConns: 1000
maxIdleConnsPerHost: 200
idleConnTimeout: 300s
responseHeaderTimeout: 5s
plugins:
registry:
id: dediregistry
config:
url: https://api.dev.beckn.io/registry/dedi # This is the testnet URL. The production URL is https://api.beckn.io/registry/dedi
registryName: subscribers.beckn.one # This is the wildcard string used to lookup across registries in Beckn One. Do not change this.
timeout: 10
retry_max: 3
retry_wait_min: 100ms
retry_wait_max: 500ms
keyManager:
id: simplekeymanager
config:
networkParticipant: ev-charging.sandbox1.com
keyId: 76EU7PktCXdPoNEZBjmg4Eb25A2egsd5MYJ67Qxza7bJQFvBHCYxgk
signingPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
signingPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
encrPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
encrPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
cache:
id: cache
config:
addr: redis:6379
schemaValidator:
id: schemav2validator
config:
type: url
location: https://raw.githubusercontent.com/beckn/protocol-specifications-new/refs/heads/main/api/beckn.yaml
cacheTTL: "3600"
extendedSchema_enabled: "true"
extendedSchema_cacheTTL: "86400"
extendedSchema_maxCacheSize: "100"
extendedSchema_downloadTimeout: "30"
extendedSchema_allowedDomains: "beckn.org,example.com,raw.githubusercontent.com"
signValidator:
id: signvalidator
router:
id: router
config:
routingConfig: ./config/local-beckn-one-routing-BAPReceiver.yaml
policyEnforcer:
id: policyenforcer
config:
# policyPaths: polymorphic, auto-detects each entry as URL, directory, or file
# Examples:
# policyPaths: "./policies" # local directory
# policyPaths: "https://example.com/compliance.rego" # remote URL
# policyPaths: "./policies/compliance.rego" # local file
# For multiple sources, use YAML folded scalar (>-):
# policyPaths: >-
# https://example.com/compliance.rego,
# https://example.com/safety.rego,
# ./policies
policyPaths: "./policies"
middleware:
- id: reqpreprocessor
config:
contextKeys: transaction_id,message_id
role: bap
steps:
- validateSign
- policyEnforcer
- addRoute
- validateSchema
- name: bapTxnCaller
path: /bap/caller/
handler:
type: std
role: bap
httpClientConfig:
maxIdleConns: 1000
maxIdleConnsPerHost: 200
idleConnTimeout: 300s
responseHeaderTimeout: 5s
plugins:
registry:
id: dediregistry
config:
url: https://api.dev.beckn.io/registry/dedi # This is the testnet URL. The production URL is https://api.beckn.io/registry/dedi
registryName: subscribers.beckn.one # This is the wildcard string used to lookup across registries in Beckn One. Do not change this.
timeout: 10
retry_max: 3
retry_wait_min: 100ms
retry_wait_max: 500ms
keyManager:
id: simplekeymanager
config:
networkParticipant: ev-charging.sandbox1.com
keyId: 76EU7PktCXdPoNEZBjmg4Eb25A2egsd5MYJ67Qxza7bJQFvBHCYxgk
signingPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
signingPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
encrPrivateKey: 9NBh67Pk/6v3irrkYZHlQ5E1qw+GivHdDFtKeCylzIM=
encrPublicKey: Z3Hnc8FZDo/7dwWApeRVs6OV560gr7uxPsFUDGUMsBg=
cache:
id: cache
config:
addr: redis:6379
schemaValidator:
id: schemav2validator
config:
type: url
location: https://raw.githubusercontent.com/beckn/protocol-specifications-new/refs/heads/main/api/beckn.yaml
cacheTTL: "3600"
extendedSchema_enabled: "true"
extendedSchema_cacheTTL: "86400"
extendedSchema_maxCacheSize: "100"
extendedSchema_downloadTimeout: "30"
extendedSchema_allowedDomains: "beckn.org,example.com,raw.githubusercontent.com"
router:
id: router
config:
routingConfig: ./config/local-beckn-one-routing-BAPCaller.yaml
signer:
id: signer
middleware:
- id: reqpreprocessor
config:
contextKeys: transaction_id,message_id
role: bap
policyEnforcer:
id: policyenforcer
config:
policyPaths: "./policies"
steps:
- policyEnforcer
- addRoute
- sign
- validateSchema