66import type { AgenticProvider } from ' @red-hat-developer-hub/backstage-plugin-boost-common' ;
77import { BackendFeature } from ' @backstage/backend-plugin-api' ;
88import { BasicPermission } from ' @backstage/plugin-permission-common' ;
9+ import type { CacheService } from ' @backstage/backend-plugin-api' ;
10+ import type { DatabaseService } from ' @backstage/backend-plugin-api' ;
911import type { HttpAuthService } from ' @backstage/backend-plugin-api' ;
1012import type { LoggerService } from ' @backstage/backend-plugin-api' ;
1113import type { PermissionsService } from ' @backstage/backend-plugin-api' ;
1214import type { ProviderDescriptor } from ' @red-hat-developer-hub/backstage-plugin-boost-common' ;
1315import type { Request as Request_2 } from ' express' ;
1416import type { RequestHandler } from ' express' ;
17+ import type { RootConfigService } from ' @backstage/backend-plugin-api' ;
1518import { ServiceFactory } from ' @backstage/backend-plugin-api' ;
19+ import { z } from ' zod' ;
20+
21+ // @public
22+ export class AdminConfigService {
23+ constructor (options : AdminConfigServiceOptions );
24+ getAllOverrides(): Promise <Map <string , unknown >>;
25+ getOverride(key : BoostConfigKey ): Promise <unknown | undefined >;
26+ removeOverride(key : BoostConfigKey ): Promise <void >;
27+ setOverride(key : BoostConfigKey , value : unknown ): Promise <void >;
28+ validateStoredValues(): Promise <string []>;
29+ }
30+
31+ // @public
32+ export interface AdminConfigServiceOptions {
33+ // (undocumented)
34+ database: DatabaseService ;
35+ encryptionSecret? : string ;
36+ // (undocumented)
37+ logger: LoggerService ;
38+ }
1639
1740// @public
1841export function authorizeLifecycleAction(
@@ -27,23 +50,129 @@ export interface AuthorizeLifecycleActionOptions {
2750 permissions: PermissionsService ;
2851}
2952
53+ // @public
54+ export const BOOST_CONFIG_SCHEMA_VERSION = 1 ;
55+
3056// @public
3157export const boostAiProviderServiceFactory: ServiceFactory <
3258 AgenticProvider ,
3359 ' plugin' ,
3460 ' singleton'
3561>;
3662
63+ // @public
64+ export const boostConfigFields: {
65+ readonly ' boost.model.baseUrl' : {
66+ readonly schema: z .ZodString ;
67+ readonly configScope: ConfigScope ;
68+ readonly description: ' Base URL for the AI model endpoint' ;
69+ };
70+ readonly ' boost.model.name' : {
71+ readonly schema: z .ZodString ;
72+ readonly configScope: ConfigScope ;
73+ readonly description: ' Name of the AI model to use' ;
74+ };
75+ readonly ' boost.systemPrompt' : {
76+ readonly schema: z .ZodOptional <z .ZodString >;
77+ readonly configScope: ConfigScope ;
78+ readonly description: ' System prompt for AI conversations' ;
79+ };
80+ readonly ' boost.security.mode' : {
81+ readonly schema: z .ZodEnum <
82+ [' development-only-no-auth' , ' plugin-only' , ' full' ]
83+ >;
84+ readonly configScope: ConfigScope ;
85+ readonly description: ' Security mode for the boost plugin' ;
86+ };
87+ readonly ' boost.features.agentCreation' : {
88+ readonly schema: z .ZodOptional <z .ZodBoolean >;
89+ readonly configScope: ConfigScope ;
90+ readonly description: ' Enable agent creation feature' ;
91+ };
92+ readonly ' boost.features.skillsMarketplace' : {
93+ readonly schema: z .ZodOptional <z .ZodBoolean >;
94+ readonly configScope: ConfigScope ;
95+ readonly description: ' Enable skills marketplace feature' ;
96+ };
97+ readonly ' boost.agentApproval.mode' : {
98+ readonly schema: z .ZodOptional <z .ZodEnum <[' built-in' , ' sonataflow' ]>>;
99+ readonly configScope: ConfigScope ;
100+ readonly description: ' Agent approval mode: built-in or SonataFlow-managed' ;
101+ };
102+ readonly ' boost.agentApproval.sonataflow.endpoint' : {
103+ readonly schema: z .ZodOptional <z .ZodString >;
104+ readonly configScope: ConfigScope ;
105+ readonly description: ' SonataFlow workflow endpoint for agent approval' ;
106+ };
107+ readonly ' boost.skillsMarketplace.endpoint' : {
108+ readonly schema: z .ZodOptional <z .ZodString >;
109+ readonly configScope: ConfigScope ;
110+ readonly description: ' Skills catalog backend URL' ;
111+ };
112+ readonly ' boost.skillsMarketplace.enabled' : {
113+ readonly schema: z .ZodOptional <z .ZodBoolean >;
114+ readonly configScope: ConfigScope ;
115+ readonly description: ' Enable or disable skills marketplace' ;
116+ };
117+ readonly ' boost.kagenti.auth.tokenExchange.enabled' : {
118+ readonly schema: z .ZodOptional <z .ZodBoolean >;
119+ readonly configScope: ConfigScope ;
120+ readonly description: ' Enable RFC 8693 token exchange for Kagenti' ;
121+ };
122+ readonly ' boost.kagenti.auth.tokenExchange.audience' : {
123+ readonly schema: z .ZodOptional <z .ZodString >;
124+ readonly configScope: ConfigScope ;
125+ readonly description: ' Target audience for exchanged token' ;
126+ };
127+ readonly ' boost.kagenti.auth.tokenExchange.userTokenHeader' : {
128+ readonly schema: z .ZodOptional <z .ZodString >;
129+ readonly configScope: ConfigScope ;
130+ readonly description: ' Header containing user OIDC token' ;
131+ };
132+ readonly ' boost.devSpaces.credentials' : {
133+ readonly schema: z .ZodOptional <z .ZodString >;
134+ readonly configScope: ConfigScope ;
135+ readonly description: ' DevSpaces integration credentials' ;
136+ readonly sensitive: true ;
137+ };
138+ };
139+
140+ // @public
141+ export type BoostConfigKey = keyof typeof boostConfigFields ;
142+
37143// @public
38144const boostPlugin: BackendFeature ;
39145export default boostPlugin ;
40146
147+ // @public
148+ export interface ConfigFieldMeta <T extends z .ZodTypeAny = z .ZodTypeAny > {
149+ configScope: ConfigScope ;
150+ description: string ;
151+ schema: T ;
152+ sensitive? : boolean ;
153+ }
154+
155+ // @public
156+ export type ConfigScope = ' yaml-only' | ' db-overridable' | ' db-only' ;
157+
41158// @public
42159export function createAgentResourceLoader(): ResourceLoader ;
43160
44161// @public
45162export function createToolResourceLoader(): ResourceLoader ;
46163
164+ // @public
165+ export function decryptValue(encrypted : string , secret : string ): string ;
166+
167+ // @public
168+ export function encryptValue(plaintext : string , secret : string ): string ;
169+
170+ // @public
171+ export function isDbWritable(key : BoostConfigKey ): boolean ;
172+
173+ // @public
174+ export function isSensitiveField(key : BoostConfigKey ): boolean ;
175+
47176// @public
48177export class ProviderManager {
49178 getActiveProvider(): AgenticProvider ;
@@ -62,9 +191,37 @@ export type ResourceLoader = (req: Request_2) => Promise<
62191 | undefined
63192>;
64193
194+ // @public
195+ export class RuntimeConfigResolver {
196+ constructor (options : RuntimeConfigResolverOptions );
197+ invalidate(): Promise <void >;
198+ remove(key : BoostConfigKey ): Promise <void >;
199+ resolve(key : BoostConfigKey ): Promise <unknown | undefined >;
200+ resolveAll(): Promise <Map <string , unknown >>;
201+ set(key : BoostConfigKey , value : unknown ): Promise <void >;
202+ }
203+
204+ // @public
205+ export interface RuntimeConfigResolverOptions {
206+ // (undocumented)
207+ adminConfigService: AdminConfigService ;
208+ // (undocumented)
209+ cache: CacheService ;
210+ // (undocumented)
211+ config: RootConfigService ;
212+ // (undocumented)
213+ logger: LoggerService ;
214+ }
215+
65216// @public
66217export type SecurityMode = ' development-only-no-auth' | ' plugin-only' | ' full' ;
67218
219+ // @public
220+ export function validateConfigValue(
221+ key : BoostConfigKey ,
222+ value : unknown ,
223+ ): unknown ;
224+
68225// @public
69226export function validateSecurityMode(
70227 mode : string | undefined ,
0 commit comments