Documentation
¶
Overview ¶
Package config loads and validates cr's non-secret configuration.
Index ¶
- Constants
- Variables
- func EffectiveModelMap(llm LLMConfig) map[ModelTier]ModelMapResolution
- func NormalizeHost(raw string) string
- func Path() (string, error)
- func Save(path string, cfg File) error
- func Validate(cfg File) error
- func ValidateKeyring(keyring KeyringConfig) error
- func ValidateRetention(retention RetentionConfig) error
- func ValidateSecrets(secrets SecretsConfig) error
- type CredentialRef
- type DataConfig
- type EffectiveSecretsProfile
- type EffectiveSecretsProfileSource
- type File
- type GitAuthMode
- type GitConfig
- type KeyringConfig
- type LLMAdapter
- type LLMAuth
- type LLMConfig
- type LLMProvider
- type ModelMap
- type ModelMapResolution
- type ModelMapSource
- type ModelTier
- type Profile
- type RepositoryProfile
- type RepositoryProfileMatch
- type RepositoryProfileResolution
- type RepositoryProfileResolutionSource
- type RepositoryTarget
- type ResolveThreadsPolicy
- type RetentionConfig
- type RetentionEnforcement
- type ReviewMajorEvent
- type ReviewPolicy
- type ReviewerCredentials
- type SecretsBackendKind
- type SecretsConfig
- type SecretsProfile
- type SecretsProfileBackend
Constants ¶
const ( // LegacyProjectedSecretsProfileID is the reserved effective id used when an // old config still relies on legacy keyring.backend behavior. LegacyProjectedSecretsProfileID = "legacy-default" // ProjectedLegacySecretsBackendKind is the effective backend summary when the // old config omits keyring.backend and still relies on auto/env resolution. ProjectedLegacySecretsBackendKind = "auto" )
Variables ¶
var ( // ErrNotConfigured means config.yml does not exist. ErrNotConfigured = errors.New("config: not configured") // ErrProfileNotFound means the requested profile is absent. ErrProfileNotFound = errors.New("config: profile not found") // ErrInvalid means the config file is malformed or violates the schema. ErrInvalid = errors.New("config: invalid") // ErrUnsupported means the config uses a known v2-only option. ErrUnsupported = errors.New("config: not supported in v1") )
Functions ¶
func EffectiveModelMap ¶ added in v0.3.64
func EffectiveModelMap(llm LLMConfig) map[ModelTier]ModelMapResolution
EffectiveModelMap merges built-in defaults with profile model_map overrides.
func NormalizeHost ¶ added in v0.3.81
NormalizeHost applies the same host normalization used by config validation and repository route resolution.
func ValidateKeyring ¶ added in v0.3.104
func ValidateKeyring(keyring KeyringConfig) error
ValidateKeyring checks non-secret keyring backend preferences.
func ValidateRetention ¶ added in v0.3.87
func ValidateRetention(retention RetentionConfig) error
ValidateRetention checks retention after applying omitted-field defaults.
func ValidateSecrets ¶ added in v0.3.146
func ValidateSecrets(secrets SecretsConfig) error
ValidateSecrets checks non-secret named secrets-management profile config.
Types ¶
type CredentialRef ¶
type CredentialRef struct {
Purpose string `json:"purpose"`
Ref string `json:"ref"`
Mode string `json:"mode"`
Provider string `json:"provider,omitempty"`
}
CredentialRef is one declared non-secret pointer into the credential store.
func CredentialRefs ¶
func CredentialRefs(profile Profile) ([]CredentialRef, error)
CredentialRefs returns all credential-store refs declared by profile.
type DataConfig ¶
type DataConfig struct {
Retention RetentionConfig `yaml:"retention,omitempty" json:"retention"`
}
DataConfig carries non-secret durable data policy.
type EffectiveSecretsProfile ¶ added in v0.3.146
type EffectiveSecretsProfile struct {
ID string `json:"id"`
Label string `json:"label,omitempty"`
Backend string `json:"backend"`
IsDefault bool `json:"is_default,omitempty"`
Source EffectiveSecretsProfileSource `json:"source"`
}
EffectiveSecretsProfile is the presentation-safe effective secrets-management inventory shape used by callers that need to summarize the config.
func EffectiveSecretsProfiles ¶ added in v0.3.146
func EffectiveSecretsProfiles(cfg File) []EffectiveSecretsProfile
EffectiveSecretsProfiles returns the configured secrets-management profiles or a projected read-only legacy profile when config still relies on the old keyring.backend model.
type EffectiveSecretsProfileSource ¶ added in v0.3.146
type EffectiveSecretsProfileSource string
EffectiveSecretsProfileSource distinguishes configured profiles from the read-only projected legacy compatibility entry.
const ( EffectiveSecretsProfileSourceConfigured EffectiveSecretsProfileSource = "configured" EffectiveSecretsProfileSourceProjectedLegacy EffectiveSecretsProfileSource = "projected_legacy" )
Effective secrets-profile inventory sources.
type File ¶
type File struct {
DefaultProfile string `yaml:"default_profile" json:"default_profile"`
Keyring KeyringConfig `yaml:"keyring,omitempty" json:"keyring"`
Secrets SecretsConfig `yaml:"secrets,omitempty" json:"secrets,omitempty"`
RepositoryProfiles []RepositoryProfile `yaml:"repository_profiles,omitempty" json:"repository_profiles,omitempty"`
Profiles map[string]Profile `yaml:"profiles" json:"profiles"`
Data DataConfig `yaml:"data,omitempty" json:"data"`
}
File is the root config.yml schema.
type GitAuthMode ¶
type GitAuthMode string
GitAuthMode identifies how git-host credentials are obtained.
const ( GitAuthModePAT GitAuthMode = "pat" GitAuthModeOAuthDevice GitAuthMode = "oauth_device" GitAuthModeGitHubApp GitAuthMode = "github_app" )
Git auth modes.
func (GitAuthMode) Supported ¶
func (m GitAuthMode) Supported() bool
Supported reports whether m is implemented in v1.
func (GitAuthMode) Valid ¶
func (m GitAuthMode) Valid() bool
Valid reports whether m is a known git auth mode.
type GitConfig ¶
type GitConfig struct {
Host string `yaml:"host" json:"host"`
AuthMode GitAuthMode `yaml:"auth_mode" json:"auth_mode"`
CredentialRef string `yaml:"credential_ref" json:"credential_ref"`
IdentityCache string `yaml:"identity_cache,omitempty" json:"identity_cache,omitempty"`
}
GitConfig identifies the user's git-host credentials.
type KeyringConfig ¶
type KeyringConfig struct {
Backend string `yaml:"backend,omitempty" json:"backend,omitempty"`
}
KeyringConfig carries non-secret keyring backend preferences.
type LLMAdapter ¶
type LLMAdapter string
LLMAdapter identifies the concrete LLM adapter.
const ( LLMAdapterClaudeCLI LLMAdapter = "claude_cli" LLMAdapterAnthropicAPI LLMAdapter = "anthropic_api" LLMAdapterCodexCLI LLMAdapter = "codex_cli" LLMAdapterOpenAIAPI LLMAdapter = "openai_api" LLMAdapterPiRPC LLMAdapter = "pi_rpc" )
LLM adapters.
func (LLMAdapter) Valid ¶
func (a LLMAdapter) Valid() bool
Valid reports whether a is a known LLM adapter.
type LLMAuth ¶
type LLMAuth string
LLMAuth identifies how the LLM adapter authenticates.
LLM auth modes.
type LLMConfig ¶
type LLMConfig struct {
Provider LLMProvider `yaml:"provider" json:"provider"`
Auth LLMAuth `yaml:"auth" json:"auth"`
Adapter LLMAdapter `yaml:"adapter" json:"adapter"`
CredentialRef string `yaml:"credential_ref,omitempty" json:"credential_ref,omitempty"`
ModelMap ModelMap `yaml:"model_map,omitempty" json:"model_map,omitempty"`
ReviewerModelTier ModelTier `yaml:"reviewer_model_tier,omitempty" json:"reviewer_model_tier,omitempty"`
}
LLMConfig identifies the LLM provider and adapter.
type LLMProvider ¶
type LLMProvider string
LLMProvider identifies the model provider family.
const ( LLMProviderAnthropic LLMProvider = "anthropic" LLMProviderOpenAI LLMProvider = "openai" LLMProviderPi LLMProvider = "pi" )
LLM providers.
func (LLMProvider) Valid ¶
func (p LLMProvider) Valid() bool
Valid reports whether p is a known LLM provider.
type ModelMap ¶ added in v0.3.64
ModelMap maps portable model tiers to provider-specific model identifiers.
func BuiltInModelMap ¶ added in v0.3.64
func BuiltInModelMap(provider LLMProvider, adapter LLMAdapter) ModelMap
BuiltInModelMap returns this CLI's provider+adapter model-tier defaults.
type ModelMapResolution ¶ added in v0.3.64
type ModelMapResolution struct {
Tier ModelTier `json:"tier"`
Model string `json:"model"`
Source ModelMapSource `json:"source"`
}
ModelMapResolution is one effective tier mapping.
func ResolveModelTier ¶ added in v0.3.64
func ResolveModelTier(llm LLMConfig, tier ModelTier) (ModelMapResolution, bool)
ResolveModelTier resolves one portable tier under the active LLM config.
type ModelMapSource ¶ added in v0.3.64
type ModelMapSource string
ModelMapSource identifies where a resolved model map value came from.
const ( ModelMapSourceConfig ModelMapSource = "config" ModelMapSourceBuiltIn ModelMapSource = "built_in" )
Model map sources.
type ModelTier ¶ added in v0.3.64
type ModelTier string
ModelTier is a provider-neutral model slot.
const ( ModelTierSmall ModelTier = "small" ModelTierMedium ModelTier = "medium" ModelTierLarge ModelTier = "large" )
Model tiers.
func ModelTiers ¶ added in v0.3.64
func ModelTiers() []ModelTier
ModelTiers returns model tiers in stable display order.
type Profile ¶
type Profile struct {
Git GitConfig `yaml:"git" json:"git"`
ReviewerCredentials *ReviewerCredentials `yaml:"reviewer_credentials,omitempty" json:"reviewer_credentials,omitempty"`
LLM LLMConfig `yaml:"llm" json:"llm"`
AgentSources []string `yaml:"agent_sources,omitempty" json:"agent_sources,omitempty"`
ReviewPolicy ReviewPolicy `yaml:"review_policy,omitempty" json:"review_policy"`
}
Profile is one named review profile.
func ResolveProfile ¶
ResolveProfile returns the requested profile, or the default profile when requestedName is empty.
func ResolveProfileForRepository ¶ added in v0.3.77
func ResolveProfileForRepository(cfg File, requestedName string, explicitProfile bool, target RepositoryTarget) (string, Profile, error)
ResolveProfileForRepository resolves the active profile for a repository. Explicit profile selection bypasses repository routing.
type RepositoryProfile ¶ added in v0.3.77
type RepositoryProfile struct {
Profile string `yaml:"profile" json:"profile"`
Match RepositoryProfileMatch `yaml:"match" json:"match"`
}
RepositoryProfile routes repositories to profiles when --profile is omitted.
type RepositoryProfileMatch ¶ added in v0.3.77
type RepositoryProfileMatch struct {
Host string `yaml:"host" json:"host"`
Namespace string `yaml:"namespace" json:"namespace"`
Repos []string `yaml:"repos,omitempty" json:"repos,omitempty"`
}
RepositoryProfileMatch identifies a provider namespace and optional repos.
type RepositoryProfileResolution ¶ added in v0.3.82
type RepositoryProfileResolution struct {
ProfileName string
Profile Profile
Source RepositoryProfileResolutionSource
MatchedRoute *RepositoryProfile
}
RepositoryProfileResolution describes the resolved profile plus the source of that decision.
func ResolveProfileForRepositoryWithSource ¶ added in v0.3.82
func ResolveProfileForRepositoryWithSource(cfg File, requestedName string, explicitProfile bool, target RepositoryTarget) (RepositoryProfileResolution, error)
ResolveProfileForRepositoryWithSource resolves the active profile for a repository and reports why that profile was selected.
type RepositoryProfileResolutionSource ¶ added in v0.3.82
type RepositoryProfileResolutionSource string
RepositoryProfileResolutionSource identifies why a profile was selected for a repository target.
const ( // RepositoryProfileResolutionSourceExplicit means the inherited global // --profile flag explicitly bypassed repository routing. RepositoryProfileResolutionSourceExplicit RepositoryProfileResolutionSource = "explicit_profile" // RepositoryProfileResolutionSourceRoute means a repository_profiles route // selected the profile. RepositoryProfileResolutionSourceRoute RepositoryProfileResolutionSource = "repository_route" // RepositoryProfileResolutionSourceDefault means routing did not match and // the default profile was used. RepositoryProfileResolutionSourceDefault RepositoryProfileResolutionSource = "default_profile" )
type RepositoryTarget ¶ added in v0.3.77
RepositoryTarget identifies the pull-request repository used for route lookup.
type ResolveThreadsPolicy ¶
type ResolveThreadsPolicy string
ResolveThreadsPolicy identifies profile-level thread-resolution behavior.
const ( ResolveThreadsAuto ResolveThreadsPolicy = "auto" ResolveThreadsNever ResolveThreadsPolicy = "never" )
Thread-resolution policies.
func (ResolveThreadsPolicy) Valid ¶
func (p ResolveThreadsPolicy) Valid() bool
Valid reports whether p is a known thread-resolution policy.
type RetentionConfig ¶
type RetentionConfig struct {
MaxAgeDays *int `yaml:"max_age_days,omitempty" json:"max_age_days"`
Enforcement RetentionEnforcement `yaml:"enforcement,omitempty" json:"enforcement"`
}
RetentionConfig controls run-data lifecycle behavior.
func DefaultRetentionConfig ¶ added in v0.3.87
func DefaultRetentionConfig() RetentionConfig
DefaultRetentionConfig returns the normalized durable retention defaults.
func (RetentionConfig) MaxAgeDaysValue ¶
func (r RetentionConfig) MaxAgeDaysValue() int
MaxAgeDaysValue returns the configured max age, applying the default when max_age_days was omitted. A configured zero still means keep forever.
type RetentionEnforcement ¶
type RetentionEnforcement string
RetentionEnforcement identifies when retention is applied.
const ( RetentionAtWrite RetentionEnforcement = "at_write" RetentionManualOnly RetentionEnforcement = "manual_only" )
Retention enforcement policies.
func (RetentionEnforcement) Valid ¶
func (e RetentionEnforcement) Valid() bool
Valid reports whether e is a known retention enforcement policy.
type ReviewMajorEvent ¶
type ReviewMajorEvent string
ReviewMajorEvent identifies how major findings affect the review event.
const ( ReviewMajorEventComment ReviewMajorEvent = "comment" ReviewMajorEventRequestChanges ReviewMajorEvent = "request_changes" )
Review major-event policies.
func (ReviewMajorEvent) Valid ¶
func (e ReviewMajorEvent) Valid() bool
Valid reports whether e is a known major-event policy.
type ReviewPolicy ¶
type ReviewPolicy struct {
MajorEvent ReviewMajorEvent `yaml:"major_event,omitempty" json:"major_event"`
AllowSelfApprove bool `yaml:"allow_self_approve,omitempty" json:"allow_self_approve"`
ResolveThreads ResolveThreadsPolicy `yaml:"resolve_threads,omitempty" json:"resolve_threads,omitempty"`
ResolveAfter string `yaml:"resolve_after,omitempty" json:"resolve_after,omitempty"`
}
ReviewPolicy carries profile-level review policy toggles.
type ReviewerCredentials ¶
type ReviewerCredentials struct {
AuthMode GitAuthMode `yaml:"auth_mode" json:"auth_mode"`
CredentialRef string `yaml:"credential_ref" json:"credential_ref"`
DisplayName string `yaml:"display_name,omitempty" json:"display_name,omitempty"`
IdentityCache string `yaml:"identity_cache,omitempty" json:"identity_cache,omitempty"`
}
ReviewerCredentials optionally identifies separate posting credentials.
type SecretsBackendKind ¶ added in v0.3.146
type SecretsBackendKind string
SecretsBackendKind is the durable non-secret backend selector for a named secrets-management profile.
type SecretsConfig ¶ added in v0.3.146
type SecretsConfig struct {
DefaultProfile string `yaml:"default_profile,omitempty" json:"default_profile,omitempty"`
Profiles map[string]SecretsProfile `yaml:"profiles,omitempty" json:"profiles,omitempty"`
}
SecretsConfig carries named secrets-management profile configuration.
type SecretsProfile ¶ added in v0.3.146
type SecretsProfile struct {
Label string `yaml:"label,omitempty" json:"label,omitempty"`
Backend SecretsProfileBackend `yaml:"backend" json:"backend"`
}
SecretsProfile is one named secrets-management profile.
type SecretsProfileBackend ¶ added in v0.3.146
type SecretsProfileBackend struct {
Kind SecretsBackendKind `yaml:"kind" json:"kind"`
}
SecretsProfileBackend carries one typed backend choice.