{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://catalog.lintel.tools/schemas/schemastore/gradle-enterprise/versions/1.0.json", "description": "Gradle Enterprise configuration schema", "x-lintel": { "source": "https://docs.gradle.com/develocity/helm-admin/schema/gradle-enterprise-config-schema-1.json", "sourceSha256": "f3f93404e3f29d54e903c0dcef06860ad9ee5a950e8e9f7f7aa61c70635de971", "fileMatch": [ "*gradle-enterprise.yml", "*gradle-enterprise.yaml" ], "parsers": [ "yaml" ] }, "type": "object", "properties": { "version": { "const": 1, "description": "The version of the config file model (must be 1)." }, "additionalTrust": { "type": [ "string", "null" ], "pattern": "^(?:^^-----BEGIN CERTIFICATE-----(?:\\r?\\n)(?:(?:\\s*[A-Za-z0-9+/]){4})*(?:(?:\\s*[A-Za-z0-9+/]){2}(?:\\s*=){2}|(?:\\s*[A-Za-z0-9+/]){3}(?:\\s*=))?\\s*^-----END CERTIFICATE-----(?:\\r?\\n)?)+$" }, "advanced": { "type": "object", "properties": { "jvmOptions": { "type": "object", "properties": { "admin": { "type": "object", "properties": { "additionalOptions": { "type": [ "string", "null" ], "description": "Extra parameters and configuration for the Java process" }, "heapMemory": { "type": "integer", "description": "The amount of heap memory allocated to the Java process", "minimum": 100 }, "includeBaseOptions": { "type": "boolean" }, "offHeapMemory": { "type": "integer", "description": "The amount of off-heap memory allocated to the Java process", "minimum": 100 } }, "minProperties": 1, "additionalProperties": false }, "buildCache": { "type": "object", "properties": { "additionalOptions": { "type": [ "string", "null" ], "description": "Extra parameters and configuration for the Java process" }, "heapMemory": { "type": "integer", "description": "The amount of heap memory allocated to the Java process", "minimum": 100 }, "includeBaseOptions": { "type": "boolean" }, "offHeapMemory": { "type": "integer", "description": "The amount of off-heap memory allocated to the Java process", "minimum": 100 } }, "minProperties": 1, "additionalProperties": false }, "buildScans": { "type": "object", "properties": { "additionalOptions": { "type": [ "string", "null" ], "description": "Extra parameters and configuration for the Java process" }, "heapMemory": { "type": "integer", "description": "The amount of heap memory allocated to the Java process", "minimum": 100 }, "includeBaseOptions": { "type": "boolean" }, "offHeapMemory": { "type": "integer", "description": "The amount of off-heap memory allocated to the Java process", "minimum": 100 } }, "minProperties": 1, "additionalProperties": false }, "distributionBroker": { "type": "object", "properties": { "additionalOptions": { "type": [ "string", "null" ], "description": "Extra parameters and configuration for the Java process" }, "heapMemory": { "type": "integer", "description": "The amount of heap memory allocated to the Java process", "minimum": 100 }, "includeBaseOptions": { "type": "boolean" }, "offHeapMemory": { "type": "integer", "description": "The amount of off-heap memory allocated to the Java process", "minimum": 100 } }, "minProperties": 1, "additionalProperties": false } }, "minProperties": 1, "additionalProperties": false } }, "minProperties": 1, "additionalProperties": false }, "auth": { "type": "object", "properties": { "anonymousRoles": { "uniqueItems": true, "type": "array", "items": { "type": "string", "enum": [ "buildScanView", "buildScanPublish", "cacheAdministration", "dataExport" ] } }, "external": { "anyOf": [ { "type": "null" }, { "type": "object", "properties": { "type": { "enum": [ "ldap", "saml" ] } }, "required": [ "type" ], "allOf": [ { "if": { "properties": { "type": { "const": "ldap" } } }, "then": { "$ref": "#/$defs/LdapExternalAuth" } }, { "if": { "properties": { "type": { "const": "saml" } } }, "then": { "$ref": "#/$defs/SamlExternalAuth" } } ], "minProperties": 1 } ] }, "timeouts": { "type": "object", "properties": { "accessTokenLifespan": { "type": "integer", "description": "The maximum time before an access token is expired (in minutes), default is 10 minutes" }, "ssoSessionIdleTimeout": { "type": "integer", "description": "The time a login session is allowed to be idle before it expires (in minutes), default is 4 days (5760 minutes)" }, "ssoSessionMaxLifespan": { "type": "integer", "description": "The maximum time before a login session is expired (in minutes), default is 30 days (43200 minutes)" } }, "description": "Timeouts you can specify for user logins in Gradle Enterprise", "minProperties": 1, "additionalProperties": false } }, "description": "Configuration of Gradle Enterprise authentication options", "minProperties": 1, "additionalProperties": false }, "backups": { "type": [ "object", "null" ], "properties": { "backupsToRetain": { "type": "integer", "description": "How many old backups to keep", "minimum": 1 }, "emailNotification": { "type": "boolean", "description": "Send an email when backup is complete" }, "schedule": { "type": "object", "properties": { "type": { "enum": [ "daily", "weekly", "cron" ] } }, "required": [ "type" ], "allOf": [ { "if": { "properties": { "type": { "const": "daily" } } }, "then": { "$ref": "#/$defs/DailyBackupSchedule" } }, { "if": { "properties": { "type": { "const": "weekly" } } }, "then": { "$ref": "#/$defs/WeeklyBackupSchedule" } }, { "if": { "properties": { "type": { "const": "cron" } } }, "then": { "$ref": "#/$defs/CronBackupSchedule" } } ], "minProperties": 1 } }, "required": [ "schedule" ], "description": "Automatic backup configuration", "minProperties": 1, "additionalProperties": false }, "buildCache": { "type": "object", "properties": { "allowUntrustedNodeSsl": { "type": "boolean", "description": "Allow communication with nodes running over untrusted SSL" } }, "description": "Configuration specific to the build cache app", "minProperties": 1, "additionalProperties": false }, "buildScans": { "type": "object", "properties": { "diskSpaceMonitoring": { "type": "object", "properties": { "autoDeleteWhileFreeSpaceLessThanPercentage": { "type": [ "integer", "null" ], "description": "Threshold of free disk space before old scans will be automatically deleted", "maximum": 100, "minimum": 1 }, "rejectIncomingWhileFreeSpaceLessThanPercentage": { "type": [ "integer", "null" ], "description": "Threshold of free disk space before new scans will be rejected", "maximum": 100, "minimum": 1 }, "sendWarningEmailWhenFreeSpaceLessThanPercentage": { "type": [ "integer", "null" ], "description": "Threshold of free disk space before a warning is sent to users publishing a build scan", "maximum": 100, "minimum": 1 } }, "minProperties": 1, "additionalProperties": false }, "keepDays": { "type": [ "integer", "null" ], "description": "How many days of scans should be retained", "minimum": 2 } }, "description": "Configuration specific to the build scans app", "minProperties": 1, "additionalProperties": false }, "dailyMaintenanceTime": { "type": "string", "pattern": "^(?:[01]\\d|2[0-3]):[0-5]\\d$" }, "email": { "type": [ "object", "null" ], "properties": { "administratorAddress": { "type": "string", "pattern": "^\"{0,1}[a-zA-Z0-9_+&*-]+(?:\\.[a-zA-Z0-9_+&*-]+)*\"{0,1}@\\[{0,1}(?:[a-zA-Z0-9-]+\\.)+([a-zA-Z]{2,7}|[0-9]{1,3})\\]{0,1}$" }, "authentication": { "type": [ "object", "null" ], "properties": { "password": { "type": "string", "pattern": "^(?:plain:.+|aes256:(?:\\s*[A-Za-z0-9+/]){16}:(?:\\s*[A-Za-z0-9+/]){16}:(?:(?:\\s*[A-Za-z0-9+/]){4})*(?:(?:\\s*[A-Za-z0-9+/]){2}(?:\\s*=){2}|(?:\\s*[A-Za-z0-9+/]){3}(?:\\s*=))?\\s*)$" }, "type": { "type": "string", "enum": [ "login", "cramMd5", "plain" ] }, "username": { "type": "string" } }, "required": [ "password", "type", "username" ], "description": "SMTP authentication method", "minProperties": 1, "additionalProperties": false }, "fromAddress": { "type": "string", "pattern": "^\"{0,1}[a-zA-Z0-9_+&*-]+(?:\\.[a-zA-Z0-9_+&*-]+)*\"{0,1}@\\[{0,1}(?:[a-zA-Z0-9-]+\\.)+([a-zA-Z]{2,7}|[0-9]{1,3})\\]{0,1}$" }, "smtpServer": { "type": "string", "pattern": "^(?:(?:(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}(?:[0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|(?:(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*(?:[A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])):(?:[1-9][0-9]{0,3}|[1-6][0-5][0-5][0-3][0-5])$" }, "sslProtocol": { "type": [ "string", "null" ], "enum": [ null, "startTls", "implicitTls" ], "description": "SMTP protocol flavour" } }, "required": [ "administratorAddress", "fromAddress", "smtpServer" ], "description": "SMTP configuration for notifications", "minProperties": 1, "additionalProperties": false }, "helpContact": { "type": "object", "properties": { "email": { "type": [ "string", "null" ], "pattern": "^\"{0,1}[a-zA-Z0-9_+&*-]+(?:\\.[a-zA-Z0-9_+&*-]+)*\"{0,1}@\\[{0,1}(?:[a-zA-Z0-9-]+\\.)+([a-zA-Z]{2,7}|[0-9]{1,3})\\]{0,1}$" }, "name": { "type": [ "string", "null" ], "description": "The name of the contact" } }, "description": "Who users should contact if they have a problem", "minProperties": 1, "additionalProperties": false }, "systemPassword": { "type": "string", "pattern": "^(?:\\s*[A-Za-z0-9+/]){43}(?:\\s*=):(?:(?:\\s*[A-Za-z0-9+/]){4})*(?:(?:\\s*[A-Za-z0-9+/]){2}(?:\\s*=){2}|(?:\\s*[A-Za-z0-9+/]){3}(?:\\s*=))?\\s*$" } }, "minProperties": 1, "additionalProperties": false, "$defs": { "CronBackupSchedule": { "type": "object", "required": [ "expression" ], "properties": { "type": { "const": "cron" }, "expression": { "type": "string", "pattern": "^(?:\\*|(?:(?:\\*\\/)?[1-5]?[0-9])) (?:\\*|(?:(?:\\*\\/)?(?:1?[0-9]|2[0-3]))) (?:\\*|(?:(?:\\*\\/)?(?:[1-9]|[12][0-9]|3[0-1]))) (?:\\*|(?:(?:\\*\\/)?(?:[1-9]|1[0-2]))) (?:\\*|(?:(?:\\*\\/)?[0-6]))$" } }, "minProperties": 1, "additionalProperties": false }, "DailyBackupSchedule": { "type": "object", "required": [ "timeOfDay" ], "properties": { "type": { "const": "daily" }, "timeOfDay": { "type": "string", "pattern": "^(?:[01]\\d|2[0-3]):[0-5]\\d$" } }, "minProperties": 1, "additionalProperties": false }, "ExternalAuthRoleMappings": { "type": "object", "properties": { "administration": { "type": "string", "description": "Allows access to installation administrative functions", "not": { "enum": [ "ge-scans-viewing", "ge-data-export", "ge-cache-administration", "ge-scans-publishing", "ge-distributed-testing" ] } }, "buildScanPublish": { "type": "string", "description": "Allows publishing of build scans", "not": { "enum": [ "ge-administration", "ge-scans-viewing", "ge-data-export", "ge-cache-administration", "ge-distributed-testing" ] } }, "buildScanView": { "type": "string", "description": "Allows viewing of build scans", "not": { "enum": [ "ge-administration", "ge-data-export", "ge-cache-administration", "ge-scans-publishing", "ge-distributed-testing" ] } }, "cacheAdministration": { "type": "string", "description": "Allows access to build cache administration functions", "not": { "enum": [ "ge-administration", "ge-scans-viewing", "ge-data-export", "ge-scans-publishing", "ge-distributed-testing" ] } }, "dataExport": { "type": "string", "description": "Allows use of Export API", "not": { "enum": [ "ge-administration", "ge-scans-viewing", "ge-cache-administration", "ge-scans-publishing", "ge-distributed-testing" ] } }, "testDistribution": { "type": "string", "description": "Allows use of test distribution", "not": { "enum": [ "ge-administration", "ge-scans-viewing", "ge-data-export", "ge-cache-administration", "ge-scans-publishing" ] } } }, "minProperties": 1, "additionalProperties": false }, "ExternalLdapRoles": { "type": "object", "required": [ "baseDn", "membershipAttribute", "membershipAttributeType", "nameAttribute", "objectClass" ], "properties": { "type": { "const": "external" }, "baseDn": { "type": "string", "description": "Base DN for the subtree holding roles" }, "mappings": { "allOf": [ { "$ref": "#/$defs/ExternalAuthRoleMappings" }, { "description": "Mappings between predefined Gradle Enterprise roles and identity provider role names" } ] }, "membershipAttribute": { "type": "string", "description": "Name of the LDAP attribute holding role membership" }, "membershipAttributeType": { "type": "string", "enum": [ "dn", "uid" ], "description": "Type of the membership-ldap-attribute" }, "nameAttribute": { "type": "string", "description": "Name of the LDAP attribute holding the role name" }, "objectClass": { "type": "string", "description": "LDAP object classes for roles" }, "recursive": { "type": "boolean", "description": "Whether to retrieve roles recursively by traversing a tree (defaults to false)" } }, "minProperties": 1, "additionalProperties": false }, "ExternalSamlRoles": { "type": "object", "required": [ "attribute" ], "properties": { "type": { "const": "external" }, "attribute": { "type": "string", "description": "Name of the SAML attribute holding role names" }, "mappings": { "allOf": [ { "$ref": "#/$defs/ExternalAuthRoleMappings" }, { "description": "Mappings between predefined Gradle Enterprise roles and identity provider role names" } ] } }, "minProperties": 1, "additionalProperties": false }, "LdapExternalAuth": { "type": "object", "required": [ "connectionUrl", "displayName", "roles", "users" ], "properties": { "type": { "const": "ldap" }, "bindUser": { "type": [ "object", "null" ], "properties": { "dn": { "type": "string", "description": "Distinguished name for the LDAP user account" }, "password": { "type": "string", "pattern": "^(?:plain:.+|aes256:(?:\\s*[A-Za-z0-9+/]){16}:(?:\\s*[A-Za-z0-9+/]){16}:(?:(?:\\s*[A-Za-z0-9+/]){4})*(?:(?:\\s*[A-Za-z0-9+/]){2}(?:\\s*=){2}|(?:\\s*[A-Za-z0-9+/]){3}(?:\\s*=))?\\s*)$" } }, "required": [ "dn", "password" ], "description": "Binding information used when LDAP requires authentication", "minProperties": 1, "additionalProperties": false }, "connectionUrl": { "type": "string", "description": "URL used to connect to LDAP server" }, "displayName": { "type": "string", "description": "Name of this identity provider configuration" }, "roles": { "type": "object", "properties": { "type": { "enum": [ "external", "local" ] } }, "required": [ "type" ], "allOf": [ { "if": { "properties": { "type": { "const": "external" } } }, "then": { "$ref": "#/$defs/ExternalLdapRoles" } }, { "if": { "properties": { "type": { "const": "local" } } }, "then": { "$ref": "#/$defs/LocalLdapRoles" } } ], "minProperties": 1 }, "users": { "type": "object", "properties": { "attributes": { "type": "object", "properties": { "email": { "type": "string", "description": "Name of the LDAP attribute holding email address" }, "firstName": { "type": "string", "description": "Name of the LDAP attribute holding first name" }, "lastName": { "type": "string", "description": "Name of the LDAP attribute holding last name" }, "userName": { "type": "string", "description": "Name of the LDAP attribute holding user name" }, "uuid": { "type": "string", "description": "Name of the LDAP attribute holding a unique id" } }, "required": [ "email", "firstName", "lastName", "userName", "uuid" ], "description": "Describes how user attributes are mapped", "minProperties": 1, "additionalProperties": false }, "baseDn": { "type": "string", "description": "Base DN for the subtree holding users" } }, "required": [ "attributes", "baseDn" ], "minProperties": 1, "additionalProperties": false } }, "minProperties": 1, "additionalProperties": false }, "LocalLdapRoles": { "type": "object", "properties": { "type": { "const": "local" }, "defaults": { "uniqueItems": true, "type": "array", "items": { "type": "string", "enum": [ "buildScanView", "buildScanPublish", "testDistribution", "cacheAdministration", "administration", "dataExport" ] } } }, "minProperties": 1, "additionalProperties": false }, "LocalSamlRoles": { "type": "object", "properties": { "type": { "const": "local" }, "defaults": { "uniqueItems": true, "type": "array", "items": { "type": "string", "enum": [ "buildScanView", "buildScanPublish", "testDistribution", "cacheAdministration", "administration", "dataExport" ] } } }, "minProperties": 1, "additionalProperties": false }, "SamlExternalAuth": { "type": "object", "required": [ "displayName", "idpMetadata", "roles" ], "properties": { "type": { "const": "saml" }, "displayName": { "type": "string", "description": "Name of this identity provider configuration" }, "idpMetadata": { "type": "string", "pattern": "^(?:(?:\\s*[A-Za-z0-9+/]){4})*(?:(?:\\s*[A-Za-z0-9+/]){2}(?:\\s*=){2}|(?:\\s*[A-Za-z0-9+/]){3}(?:\\s*=))?\\s*$" }, "options": { "type": "object", "properties": { "requireEncryptedAssertion": { "type": "boolean", "description": "Encrypt SAML assertions?" }, "signAuthenticationRequests": { "type": "boolean", "description": "Sign authentication requests?" }, "validateAssertionSignature": { "type": "boolean", "description": "Enable signature validation of SAML assertions?" }, "validateResponseSignature": { "type": "boolean", "description": "Enable signature validation of SAML responses?" } }, "description": "Groups all options and is only necessary when one or more needs to be enabled", "minProperties": 1, "additionalProperties": false }, "roles": { "type": "object", "properties": { "type": { "enum": [ "external", "local" ] } }, "required": [ "type" ], "allOf": [ { "if": { "properties": { "type": { "const": "external" } } }, "then": { "$ref": "#/$defs/ExternalSamlRoles" } }, { "if": { "properties": { "type": { "const": "local" } } }, "then": { "$ref": "#/$defs/LocalSamlRoles" } } ], "minProperties": 1 }, "userAttributes": { "type": "object", "properties": { "email": { "type": [ "string", "null" ], "description": "Name of the SAML attribute holding email address" }, "firstName": { "type": [ "string", "null" ], "description": "Name of the SAML attribute holding first name" }, "lastName": { "type": [ "string", "null" ], "description": "Name of the SAML attribute holding last name" } }, "description": "Describes how user attributes are mapped", "minProperties": 1, "additionalProperties": false } }, "minProperties": 1, "additionalProperties": false }, "WeeklyBackupSchedule": { "type": "object", "required": [ "dayOfWeek", "timeOfDay" ], "properties": { "type": { "const": "weekly" }, "dayOfWeek": { "type": "string", "enum": [ "monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday" ], "description": "Day (in UTC) to perform the backup" }, "timeOfDay": { "type": "string", "pattern": "^(?:[01]\\d|2[0-3]):[0-5]\\d$" } }, "minProperties": 1, "additionalProperties": false } }, "required": [ "systemPassword", "version" ] }