# Fetch ML Configuration Schema (JSON Schema expressed as YAML) $schema: "http://json-schema.org/draft-07/schema#" title: "Fetch ML API Server Configuration" type: object additionalProperties: false required: - auth - server properties: base_path: type: string description: Base path for experiment data default: "/tmp/ml-experiments" auth: type: object additionalProperties: false required: - enabled properties: enabled: type: boolean description: Enable or disable authentication api_keys: type: object description: API key registry additionalProperties: type: object additionalProperties: false required: - hash properties: hash: type: string description: SHA256 hash of the API key admin: type: boolean default: false roles: type: array items: type: string enum: [admin, data_scientist, data_engineer, viewer, operator] permissions: type: object additionalProperties: type: boolean server: type: object additionalProperties: false required: [address] properties: address: type: string description: Listen address, e.g. ":9101" tls: type: object additionalProperties: false properties: enabled: type: boolean default: false cert_file: type: string key_file: type: string min_version: type: string description: Minimum TLS version (e.g. "1.3") database: type: object additionalProperties: false properties: type: type: string enum: [sqlite, postgres, mysql] default: sqlite connection: type: string host: type: string port: type: integer minimum: 1 maximum: 65535 username: type: string password: type: string database: type: string redis: type: object additionalProperties: false properties: url: type: string pattern: "^redis://" addr: type: string description: Optional host:port shorthand for Redis host: type: string default: "localhost" port: type: integer minimum: 1 maximum: 65535 default: 6379 password: type: string db: type: integer minimum: 0 default: 0 pool_size: type: integer minimum: 1 default: 10 max_retries: type: integer minimum: 0 default: 3 logging: type: object additionalProperties: false properties: level: type: string enum: [debug, info, warn, error, fatal] default: "info" file: type: string audit_log: type: string format: type: string enum: [text, json] default: "text" console: type: boolean default: true security: type: object additionalProperties: false properties: secret_key: type: string minLength: 16 jwt_expiry: type: string pattern: "^\\d+[smhd]$" default: "24h" ip_whitelist: type: array items: type: string failed_login_lockout: type: object additionalProperties: false properties: enabled: type: boolean max_attempts: type: integer minimum: 1 lockout_duration: type: string description: Duration string, e.g. "15m" rate_limit: type: object additionalProperties: false properties: enabled: type: boolean default: false requests_per_minute: type: integer minimum: 1 default: 60 burst_size: type: integer minimum: 1 resources: type: object description: Resource configuration defaults additionalProperties: false properties: cpu_limit: type: string description: Default CPU limit (e.g., "2" or "500m") default: "2" memory_limit: type: string description: Default memory limit (e.g., "1Gi" or "512Mi") default: "4Gi" gpu_limit: type: integer description: Default GPU limit minimum: 0 default: 0 disk_limit: type: string description: Default disk limit default: "10Gi"