Configuration

# URL of the Vrata control plane REST API.
controlPlaneUrl: "${CONTROLPLANE_URL:-http://localhost:8080}"

# TLS for the connection to the control plane (optional).
# tls:
#   cert: "${CONTROLLER_TLS_CERT}"   # Client cert for mTLS
#   key: "${CONTROLLER_TLS_KEY}"     # Client private key
#   ca: "${CP_CA}"                   # CA to verify the CP server cert

# API key sent to the control plane on every request (optional).
# apiKey: "${CONTROLLER_API_KEY}"

# Which Kubernetes resources to watch.
watch:
  namespaces: []          # Empty = all namespaces
  httpRoutes: true        # Standard Gateway API HTTPRoutes
  superHttpRoutes: false  # SuperHTTPRoute (no maxItems limits)
  gateways: true          # Gateway resources → Vrata Listeners

# Snapshot batching.
snapshot:
  debounce: "5s"          # Wait after last change before snapshot
  maxBatch: 100           # Force snapshot after this many changes
  batchIdleTimeout: "10s" # Wait after last batch member arrives (vrata.io/batch)
  # What to do when a batch with vrata.io/batch-size times out before all
  # members arrive. Only applies when both annotations are present.
  #   "apply"  — create the snapshot with whatever arrived (default)
  #   "reject" — discard the incomplete batch, don't create a snapshot
  batchIncompletePolicy: "apply"

# Overlap detection.
duplicates:
  mode: "warn"            # off | warn | reject

# Logging.
log:
  format: "console"       # console | json
  level: "info"           # debug | info | warn | error

# Leader election for multiple replicas.
leaderElection:
  enabled: false
  leaseName: "vrata-controller-leader"
  leaseNamespace: "default"
  leaseDuration: "15s"
  renewDeadline: "10s"
  retryPeriod: "2s"

# Prometheus metrics.
metrics:
  enabled: false
  address: ":9090"