fetch_ml/configs/schema/config_schema.yaml

# Fetch ML Configuration Schema (JSON Schema expressed as YAML)

$schema: "http://json-schema.org/draft-07/schema#"
title: "Fetch ML Configuration"
type: object
additionalProperties: false
required:
  - auth
  - server
properties:
  base_path:
    type: string
    description: Base path for experiment data
  auth:
    type: object
    additionalProperties: false
    required:
      - enabled
    properties:
      enabled:
        type: boolean
        description: Enable or disable authentication
      apikeys:
        type: object
        description: API key registry
        additionalProperties:
          type: object
          additionalProperties: false
          required:
            - hash
          properties:
            hash:
              type: string
              description: SHA256 hash of the API key
            admin:
              type: boolean
              default: false
            roles:
              type: array
              items:
                type: string
                enum: [admin, data_scientist, data_engineer, viewer, operator]
            permissions:
              type: object
              additionalProperties:
                type: boolean
  server:
    type: object
    additionalProperties: false
    required: [address]
    properties:
      address:
        type: string
        description: Listen address, e.g. ":9101"
      tls:
        type: object
        additionalProperties: false
        properties:
          enabled:
            type: boolean
            default: false
          cert_file:
            type: string
          key_file:
            type: string
          min_version:
            type: string
            description: Minimum TLS version (e.g. "1.3")
  database:
    type: object
    additionalProperties: false
    properties:
      type:
        type: string
        enum: [sqlite, postgres, mysql]
        default: sqlite
      connection:
        type: string
      host:
        type: string
      port:
        type: integer
        minimum: 1
        maximum: 65535
      username:
        type: string
      password:
        type: string
      database:
        type: string
  redis:
    type: object
    additionalProperties: false
    properties:
      url:
        type: string
        pattern: "^redis://"
      addr:
        type: string
        description: Optional host:port shorthand for Redis
      host:
        type: string
        default: "localhost"
      port:
        type: integer
        minimum: 1
        maximum: 65535
        default: 6379
      password:
        type: string
      db:
        type: integer
        minimum: 0
        default: 0
      pool_size:
        type: integer
        minimum: 1
        default: 10
      max_retries:
        type: integer
        minimum: 0
        default: 3
  logging:
    type: object
    additionalProperties: false
    properties:
      level:
        type: string
        enum: [debug, info, warn, error, fatal]
        default: "info"
      file:
        type: string
      audit_log:
        type: string
      format:
        type: string
        enum: [text, json]
        default: "text"
      console:
        type: boolean
        default: true
  security:
    type: object
    additionalProperties: false
    properties:
      secret_key:
        type: string
        minLength: 16
      jwt_expiry:
        type: string
        pattern: "^\\d+[smhd]$"
        default: "24h"
      ip_whitelist:
        type: array
        items:
          type: string
      failed_login_lockout:
        type: object
        additionalProperties: false
        properties:
          enabled:
            type: boolean
          max_attempts:
            type: integer
            minimum: 1
          lockout_duration:
            type: string
            description: Duration string, e.g. "15m"
      rate_limit:
        type: object
        additionalProperties: false
        properties:
          enabled:
            type: boolean
            default: false
          requests_per_minute:
            type: integer
            minimum: 1
            default: 60
          burst_size:
            type: integer
            minimum: 1
  containers:
    type: object
    additionalProperties: false
    properties:
      runtime:
        type: string
        enum: [podman, docker]
        default: "podman"
      registry:
        type: string
        default: "docker.io"
      pull_policy:
        type: string
        enum: [always, missing, never]
        default: "missing"
      resources:
        type: object
        additionalProperties: false
        properties:
          cpu_limit:
            type: string
            description: CPU limit (e.g., "2" or "500m")
          memory_limit:
            type: string
            description: Memory limit (e.g., "1Gi" or "512Mi")
          gpu_limit:
            type: integer
            minimum: 0
  storage:
    type: object
    additionalProperties: false
    properties:
      data_path:
        type: string
        default: "data"
      results_path:
        type: string
        default: "results"
      temp_path:
        type: string
        default: "/tmp/fetch_ml"
      cleanup:
        type: object
        additionalProperties: false
        properties:
          enabled:
            type: boolean
            default: true
          max_age_hours:
            type: integer
            minimum: 1
            default: 168
          max_size_gb:
            type: integer
            minimum: 1
            default: 10