Configuration
UniTrack is configured through standard Spring Boot externalised configuration. All
application-specific settings are bound via @ConfigurationProperties under the unitrack.
namespace — so every property can be set in application.yml, as a UNITRACK_ environment
variable, or as a JVM system property.
1. Database & server
These use the standard Spring keys; the defaults target a local PostgreSQL:
| Property (env var) | Default |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
Flyway runs the migrations on startup (spring.flyway.enabled=true).
2. unitrack.security
| Property | Default | Meaning |
|---|---|---|
|
|
Permit all endpoints (except |
|
|
Require a token on |
|
|
Username of the bootstrap admin. |
|
generated |
Admin password; logged if not set. |
3. unitrack.quality-gate
See Quality Gate.
| Property | Default | Meaning |
|---|---|---|
|
|
Branch whose latest run is the baseline. |
|
unset |
Absolute minimum line-coverage percentage. |
|
|
Largest allowed coverage drop, in percentage points. |
|
|
Fail the gate on any test failure. |
4. unitrack.github
See GitHub PR Checks.
| Property | Default | Meaning |
|---|---|---|
|
|
Enable commit-status publishing. |
|
unset |
GitHub token with commit-status scope. |
|
API base (change for GHE). |
|
|
Public URL used for run links. |
|
|
|
Status context label. |
|
|
Also post/update a results-table comment on the PR. |
5. unitrack.branches (branch cleanup)
Branches are derived from run history, so removing a branch means deleting its runs. Two triggers, both of which never touch protected or default branches:
| Property | Default | Meaning |
|---|---|---|
|
|
Glob patterns for long-lived branches that are always kept and shown. |
|
|
Branches whose latest run is older than this collapse behind "show all" in the UI (display only — no deletion). |
|
|
Hard-delete a non-protected branch’s runs once its latest run is older than this many days (a daily job). |
|
|
Schedule for the expiry job. |
6. unitrack.webhooks (SCM branch-delete)
For immediate cleanup, point a GitHub or GitLab webhook at UniTrack so a branch deleted
upstream is removed at once (instead of waiting for retain-days). The endpoints are
disabled until a secret is set.
| Property | Default | Meaning |
|---|---|---|
|
unset |
Shared secret: GitHub |
-
GitHub: add a webhook for the Delete branch/tag event to
POST /api/v1/webhooks/githubwith this secret. The signature is verified; only branch deletes act. -
GitLab: add a Push events webhook to
POST /api/v1/webhooks/gitlabwith the secret as the token. A branch delete (push with an all-zeroafter) removes that branch.
UniTrack never writes back to the SCM — it only consumes the event.
7. unitrack.performance
See Unit-test Performance — thresholds for slow-test regression detection.
| Property | Default | Meaning |
|---|---|---|
|
|
Branch whose latest run is the duration/perf baseline. |
|
|
Minimum unit-test slowdown vs baseline to flag, in percent. |
|
|
Minimum absolute unit-test slowdown to flag, in milliseconds. |
|
|
Max allowed p95 latency increase for a load-test run vs baseline. |
|
|
Max allowed throughput drop for a load-test run vs baseline. |
|
|
Max allowed error rate for a load-test run. |
8. spring.ai.anthropic (AI analysis)
See AI Root-Cause Analysis. Off unless an API key is set.
| Property | Default | Meaning |
|---|---|---|
|
unset |
Anthropic key; unset ⇒ AI disabled. |
|
|
Analysis model. |
9. unitrack.demo
| Property | Default | Meaning |
|---|---|---|
|
|
Seed sample projects and a demo user. |
|
|
Demo user’s username. |
|
|
Demo user’s password. |
Enable unitrack.demo only on throwaway evaluation instances.
|
10. Example application.yml
unitrack:
security:
open-mode: true
require-ingest-token: true
admin-password: ${UNITRACK_ADMIN_PASSWORD}
quality-gate:
base-branch: main
min-line-coverage: 70
max-coverage-drop-pct: 0.5
github:
enabled: true
token: ${GITHUB_TOKEN}
server-base-url: https://unitrack.example.com