# yaml-language-server: $schema=https://raw.githubusercontent.com/ArcadeAI/schemas/main/engine/config/1.0/schema.json
$schema: https://raw.githubusercontent.com/ArcadeAI/schemas/main/engine/config/1.0/schema.json

api:
  development: false
  host: localhost
  port: 9099

auth:
  providers:
    - id: default-github
      description: The default GitHub provider
      enabled: true
      type: oauth2
      provider_id: github
      client_id: ${env:GITHUB_CLIENT_ID}
      client_secret: ${env:GITHUB_CLIENT_SECRET}

    - id: hooli
      description: Hooli OAuth 2.0 provider
      enabled: true
      type: oauth2
      client_id: ${env:HOOLI_CLIENT_ID}
      client_secret: ${env:HOOLI_CLIENT_SECRET}
      oauth2:
        # For a custom OAuth 2.0 provider, specify the full OAuth configuration:
        scope_delimiter: ' '
        pkce: # Optional
          enabled: true
          code_challenge_method: S256
        authorize_request:
          endpoint: 'https://example.com/oauth/authorize'
          parameters:
            response_type: code
            client_id: '{{client_id}}'
            redirect_uri: '{{redirect_uri}}'
            scope: '{{scopes}} {{existing_scopes}}'
        token_request:
          endpoint: 'https://example.com/oauth/token'
          auth_method: client_secret_basic # Optional
          parameters:
            grant_type: authorization_code
            client_id: '{{client_id}}'
            client_secret: '{{client_secret}}'
            redirect_uri: '{{redirect_uri}}'
          response_content_type: application/json # Optional
          response_map: # Optional
            access_token: '$.access_token'
            refresh_token: '$.refresh_token'
            expires_in: '$.expires_in'
            scope: '$.scope'
        refresh_request: # Optional
          endpoint: 'https://example.com/oauth/token'
          auth_method: client_secret_basic # Optional
          parameters:
            grant_type: refresh_token
            client_id: '{{client_id}}'
            client_secret: '{{client_secret}}'
            refresh_token: '{{refresh_token}}'
          response_content_type: application/json # Optional
          response_map: # Optional
            access_token: '$.access_token'
            refresh_token: '$.refresh_token'
            expires_in: '$.expires_in'
            scope: '$.scope'
        user_info_request: # Optional
          endpoint: 'https://example.com/oauth/userinfo'
          auth_method: bearer_access_token
          response_content_type: application/json
          triggers:
            on_token_grant: true
            on_token_refresh: true

cache:
  api_key_ttl: 10s
  redis:
    addr: 'localhost:6379'
    password: ''
    db: 0

llm:
  models:
    - id: primary
      openai:
        api_key: ${env:OPENAI_API_KEY}
    - id: secondary
      anthropic:
        api_key: ${env:ANTHROPIC_API_KEY}
        api_version: '2023-06-01'

security:
  root_keys:
    - id: key1
      default: true
      value: ${env:ROOT_KEY_1}
    - id: key2
      value: ${env:ROOT_KEY_2}

storage:
  postgres:
    user: ${env:POSTGRES_USER}
    password: ${env:POSTGRES_PASSWORD}
    host: ${env:POSTGRES_HOST}
    port: ${env:POSTGRES_PORT}
    db: ${env:POSTGRES_DB}
    sslmode: require

telemetry:
  environment: prod
  logging:
    level: info
    encoding: console

tools:
  directors:
    - id: default
      enabled: true
      workers:
        - id: local_worker
          enabled: true
          http:
            uri: 'http://localhost:8002'
            timeout: 30
            retry: 3
            secret: ${env:ARCADE_WORKER_SECRET}