Schema Reference
Title: GitProxy configuration file
| Type | object |
| Required | No |
| Additional properties | Not allowed |
Description: Configuration for customizing git-proxy
1. [Optional] Property GitProxy configuration file > proxyUrl
Type stringRequired No Description: Deprecated: Used in early versions of git proxy to configure the remote host that traffic is proxied to. In later versions, the repository URL is used to determine the domain proxied, allowing multiple hosts to be proxied by one instance.
4. [Optional] Property GitProxy configuration file > api
Type objectRequired No Additional properties Not allowed Description: Third party APIs
4.1. [Optional] Property GitProxy configuration file > api > ls
Type objectRequired No Additional properties Not allowed Description: Configuration used in conjunction with ActiveDirectory auth, which relates to a REST API used to check user group membership, as opposed to direct querying via LDAP.
If this configuration is set direct querying of group membership via LDAP will be disabled.4.1.1. [Optional] Property GitProxy configuration file > api > ls > userInADGroup
Type stringRequired No Description: URL template for a GET request that confirms a user's membership of a specific group. Should respond with a non-empty 200 status if the user is a member of the group, an empty response or non-200 status indicates that the user is not a group member. If set, this URL will be queried and direct queries via LDAP will be disabled. The template should contain the following string placeholders, which will be replaced to produce the final URL:
- "<domain>": AD domain,
- "<name>": The group name to check membership of.
- "<id>": The username to check group membership for.
Example:
"https://somedomain.com/some/path/checkUserGroups?domain=<domain>&name=<name>&id=<id>"4.2. [Optional] Property GitProxy configuration file > api > gitleaks
Type objectRequired No Additional properties Any type allowed Description: Configuration for the gitleaks (https://github.com/gitleaks/gitleaks) plugin
4.2.1. [Optional] Property GitProxy configuration file > api > gitleaks > enabled
Type booleanRequired No 4.2.2. [Optional] Property GitProxy configuration file > api > gitleaks > ignoreGitleaksAllow
Type booleanRequired No
5. [Optional] Property GitProxy configuration file > commitConfig
Title: CommitConfig
Type objectRequired No Additional properties Not allowed Description: Block commits based on rules defined over author/committer e-mail addresses, commit message content and diff content
5.1. [Optional] Property GitProxy configuration file > commitConfig > author
Title: Author
Type objectRequired No Additional properties Not allowed Description: Rules applied to commit authors
5.1.1. [Optional] Property GitProxy configuration file > commitConfig > author > email
Title: Email
Type objectRequired No Additional properties Not allowed Description: Rules applied to author email addresses
5.1.1.1. [Optional] Property GitProxy configuration file > commitConfig > author > email > local
Title: Local
Type objectRequired No Additional properties Not allowed Description: Rules applied to the local portion of the email address (i.e. section before the @ symbol)
5.2. [Optional] Property GitProxy configuration file > commitConfig > message
Title: Message
Type objectRequired No Additional properties Not allowed Description: Rules applied to commit messages
5.2.1. [Optional] Property GitProxy configuration file > commitConfig > message > block
Title: MessageBlock
Type objectRequired No Additional properties Not allowed Description: Block commits where the commit message matches any of the given patterns
5.2.1.1. [Optional] Property GitProxy configuration file > commitConfig > message > block > literals
Title: MessageBlockLiteral
Type array of stringRequired No Description: Block commits where the commit message contains any of the given string literals
Each item of this array must be Description literals items - 5.2.1.1.1. GitProxy configuration file > commitConfig > message > block > literals > literals items
Type stringRequired No 5.2.1.2. [Optional] Property GitProxy configuration file > commitConfig > message > block > patterns
Title: MessageBlockLiteral
Type array of stringRequired No Description: Block commits where the commit message matches any of the given regular expressions
Each item of this array must be Description patterns items - 5.2.1.2.1. GitProxy configuration file > commitConfig > message > block > patterns > patterns items
Type stringRequired No 5.3. [Optional] Property GitProxy configuration file > commitConfig > diff
Title: Diff
Type objectRequired No Additional properties Not allowed Description: Rules applied to commit diff content
5.3.1. [Optional] Property GitProxy configuration file > commitConfig > diff > block
Title: DiffBlock
Type objectRequired No Additional properties Not allowed Description: Block commits where the commit diff matches any of the given patterns
5.3.1.1. [Optional] Property GitProxy configuration file > commitConfig > diff > block > literals
Title: DiffBlockLiteral
Type array of stringRequired No Description: Block commits where the commit diff content contains any of the given string literals
Each item of this array must be Description literals items - 5.3.1.1.1. GitProxy configuration file > commitConfig > diff > block > literals > literals items
Type stringRequired No 5.3.1.2. [Optional] Property GitProxy configuration file > commitConfig > diff > block > patterns
Title: MessageBlockPatterns
Type arrayRequired No Description: Block commits where the commit diff content matches any of the given regular expressions
Each item of this array must be Description patterns items - 5.3.1.2.1. GitProxy configuration file > commitConfig > diff > block > patterns > patterns items
Type objectRequired No Additional properties Any type allowed 5.3.1.3. [Optional] Property GitProxy configuration file > commitConfig > diff > block > providers
Title: MessageBlockProviders
Type objectRequired No Additional properties Each additional property must conform to the schema Description: Block commits where the commit diff content matches any of the given regular expressions, except where the repository path (project/organisation) matches one of the listed privateOrganisations. The keys in this array are listed as the block type in logs.
6. [Optional] Property GitProxy configuration file > attestationConfig
Title: AttestationConfig
Type objectRequired No Additional properties Not allowed Description: Configuration for the attestation form displayed to reviewers. Reviewers will need to check the box next to each question in order to complete the review attestation.
6.1. [Optional] Property GitProxy configuration file > attestationConfig > questions
Title: AttestationQuestions
Type array of objectRequired No Description: Customisable attestation questions to add to attestation form.
Each item of this array must be Description Question - 6.1.1. GitProxy configuration file > attestationConfig > questions > Question
Title: Question
Type objectRequired No Additional properties Not allowed 6.1.1.1. [Required] Property GitProxy configuration file > attestationConfig > questions > Question > label
Title: QuestionLabel
Type stringRequired Yes Description: The text of the question that will be displayed to the reviewer
6.1.1.2. [Required] Property GitProxy configuration file > attestationConfig > questions > Question > tooltip
Title: QuestionTooltip
Type objectRequired Yes Additional properties Not allowed Description: A tooltip and optional set of links that will be displayed on mouseover of the question and used to provide additional guidance to the reviewer.
6.1.1.2.1. [Required] Property GitProxy configuration file > attestationConfig > questions > Question > tooltip > text
Type stringRequired Yes 6.1.1.2.2. [Optional] Property GitProxy configuration file > attestationConfig > questions > Question > tooltip > links
Type array of stringRequired No
Each item of this array must be Description links items - 6.1.1.2.2.1. GitProxy configuration file > attestationConfig > questions > Question > tooltip > links > links items
Type stringRequired No Format url
7. [Optional] Property GitProxy configuration file > domains
Type objectRequired No Additional properties Any type allowed Description: Provide custom URLs for the git proxy interfaces in case it cannot determine its own URL
8. [Optional] Property GitProxy configuration file > rateLimit
Type objectRequired No Additional properties Not allowed Description: API Rate limiting configuration.
8.1. [Required] Property GitProxy configuration file > rateLimit > windowMs
Type numberRequired Yes Description: How long to remember requests for, in milliseconds (default 10 mins).
8.2. [Required] Property GitProxy configuration file > rateLimit > limit
Type numberRequired Yes Description: How many requests to allow (default 150).
9. [Optional] Property GitProxy configuration file > privateOrganizations
Type arrayRequired No Description: Provider searches for listed private organizations are disabled, see commitConfig.diff.block.providers
10. [Optional] Property GitProxy configuration file > urlShortener
Type stringRequired No Description: Customisable URL shortener to share in proxy responses and warnings
11. [Optional] Property GitProxy configuration file > contactEmail
Type stringRequired No Description: Customisable e-mail address to share in proxy responses and warnings
12. [Optional] Property GitProxy configuration file > csrfProtection
Type booleanRequired No Description: Flag to enable CSRF protections for UI
13. [Optional] Property GitProxy configuration file > plugins
Type array of stringRequired No Description: List of plugins to integrate on GitProxy's push or pull actions. Each value is either a file path or a module name.
Each item of this array must be Description plugins items - 13.1. GitProxy configuration file > plugins > plugins items
Type stringRequired No
14. [Optional] Property GitProxy configuration file > authorisedList
Type arrayRequired No Description: List of repositories that are authorised to be pushed to through the proxy.
Each item of this array must be Description authorisedRepo - 14.1. GitProxy configuration file > authorisedList > authorisedRepo
Type objectRequired No Additional properties Any type allowed Defined in #/definitions/authorisedRepo 14.1.1. [Required] Property GitProxy configuration file > authorisedList > authorisedList items > project
Type stringRequired Yes
15. [Optional] Property GitProxy configuration file > sink
Type arrayRequired No Description: List of database sources. The first source in the configuration with enabled=true will be used.
Each item of this array must be Description database - 15.1. GitProxy configuration file > sink > database
Type objectRequired No Additional properties Any type allowed Defined in #/definitions/database 15.1.1. [Required] Property GitProxy configuration file > sink > sink items > type
Type stringRequired Yes 15.1.2. [Required] Property GitProxy configuration file > sink > sink items > enabled
Type booleanRequired Yes 15.1.3. [Optional] Property GitProxy configuration file > sink > sink items > connectionString
Type stringRequired No
16. [Optional] Property GitProxy configuration file > authentication
Type arrayRequired No Description: List of authentication sources. The first source in the configuration with enabled=true will be used.
Each item of this array must be Description authenticationElement Configuration for an authentication source 16.1. GitProxy configuration file > authentication > authenticationElement
Type combiningRequired No Additional properties Any type allowed Defined in #/definitions/authenticationElement Description: Configuration for an authentication source
One of(Option) Local Auth Config Active Directory Auth Config Open ID Connect Auth Config JWT Auth Config 16.1.1. Property
GitProxy configuration file > authentication > authentication items > oneOf > Local Auth ConfigTitle: Local Auth Config
Type objectRequired No Additional properties Any type allowed Description: Configuration for the use of the local database as the authentication source.
16.1.2. Property
GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth ConfigTitle: Active Directory Auth Config
Type objectRequired No Additional properties Any type allowed Description: Configuration for Active Directory authentication.
16.1.2.1. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > type
Type constRequired Yes Specific value:
"ActiveDirectory"16.1.2.2. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > enabled
Type booleanRequired Yes 16.1.2.3. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > adminGroup
Type stringRequired Yes Description: Group that indicates that a user is an admin
16.1.2.4. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > userGroup
Type stringRequired Yes Description: Group that indicates that a user should be able to login to the Git Proxy UI and can work as a reviewer
16.1.2.5. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > domain
Type stringRequired Yes Description: Active Directory domain
16.1.2.6. [Optional] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > adConfig
Type objectRequired No Additional properties Any type allowed Description: Additional Active Directory configuration supporting LDAP connection which can be used to confirm group membership. For the full set of available options see the activedirectory 2 NPM module docs at https://www.npmjs.com/package/activedirectory2#activedirectoryoptions
Please note that if the Third Party APIs configapi.ls.userInADGroupis set then the REST API it represents is used in preference to direct querying of group memebership via LDAP.16.1.2.6.1. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > adConfig > url
Type stringRequired Yes Description: Active Directory server to connect to, e.g.
ldap://ad.example.com.16.1.2.6.2. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Active Directory Auth Config > adConfig > baseDN
Type stringRequired Yes Description: The root DN from which all searches will be performed, e.g.
dc=example,dc=com.16.1.3. Property
GitProxy configuration file > authentication > authentication items > oneOf > Open ID Connect Auth ConfigTitle: Open ID Connect Auth Config
Type objectRequired No Additional properties Any type allowed Description: Configuration for Open ID Connect authentication.
16.1.3.1. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Open ID Connect Auth Config > type
Type constRequired Yes Specific value:
"openidconnect"16.1.3.2. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Open ID Connect Auth Config > enabled
Type booleanRequired Yes 16.1.3.3. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Open ID Connect Auth Config > oidcConfig
Type objectRequired Yes Additional properties Any type allowed Description: Additional OIDC configuration.
16.1.3.3.1. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Open ID Connect Auth Config > oidcConfig > issuer
Type stringRequired Yes 16.1.3.3.2. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Open ID Connect Auth Config > oidcConfig > clientID
Type stringRequired Yes 16.1.3.3.3. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > Open ID Connect Auth Config > oidcConfig > clientSecret
Type stringRequired Yes 16.1.4. Property
GitProxy configuration file > authentication > authentication items > oneOf > JWT Auth ConfigTitle: JWT Auth Config
Type objectRequired No Additional properties Any type allowed Description: Configuration for JWT authentication.
16.1.4.1. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > JWT Auth Config > type
Type constRequired Yes Specific value:
"jwt"16.1.4.2. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > JWT Auth Config > enabled
Type booleanRequired Yes 16.1.4.3. [Required] Property GitProxy configuration file > authentication > authentication items > oneOf > JWT Auth Config > jwtConfig
17. [Optional] Property GitProxy configuration file > tempPassword
Type objectRequired No Additional properties Any type allowed Description: Toggle the generation of temporary password for git-proxy admin user
17.1. [Optional] Property GitProxy configuration file > tempPassword > sendEmail
Type booleanRequired No 17.2. [Optional] Property GitProxy configuration file > tempPassword > emailConfig
Type objectRequired No Additional properties Any type allowed Description: Generic object to configure nodemailer. For full type information, please see https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/nodemailer
18. [Optional] Property GitProxy configuration file > apiAuthentication
Type arrayRequired No Description: List of authentication sources for API endpoints. May be empty, in which case all endpoints are public.
Each item of this array must be Description authenticationElement Configuration for an authentication source 18.1. GitProxy configuration file > apiAuthentication > authenticationElement
Type combiningRequired No Additional properties Any type allowed Same definition as authentication_items Description: Configuration for an authentication source
19. [Optional] Property GitProxy configuration file > tls
Type objectRequired No Additional properties Any type allowed Description: TLS configuration for secure connections
20. [Optional] Property GitProxy configuration file > sslKeyPemPath
Type stringRequired No Description: Deprecated: Path to SSL private key file (use tls.key instead)
21. [Optional] Property GitProxy configuration file > sslCertPemPath
Type stringRequired No Description: Deprecated: Path to SSL certificate file (use tls.cert instead)
22. [Optional] Property GitProxy configuration file > configurationSources
Type objectRequired No Additional properties Any type allowed
23. [Optional] Property GitProxy configuration file > uiRouteAuth
Type objectRequired No Additional properties Any type allowed Description: UI routes that require authentication (logged in or admin)
23.2. [Optional] Property GitProxy configuration file > uiRouteAuth > rules
Type arrayRequired No
Each item of this array must be Description routeAuthRule - 23.2.1. GitProxy configuration file > uiRouteAuth > rules > routeAuthRule
Type objectRequired No Additional properties Any type allowed Defined in #/definitions/routeAuthRule 23.2.1.1. [Optional] Property GitProxy configuration file > uiRouteAuth > rules > rules items > pattern
Type stringRequired No
Generated using json-schema-for-humans on 2025-10-08 at 17:43:40 +0100