Configuration
Harrier is configured through environment variables.
MCP Server
| Variable |
Default |
Purpose |
HARRIER_MCP_TRANSPORT |
streamable-http |
MCP transport. |
HARRIER_MCP_HOST |
127.0.0.1 |
Bind host. Use 0.0.0.0 in containers. |
HARRIER_MCP_PORT |
8000 |
Bind port. |
HARRIER_MCP_PATH |
/mcp |
Streamable HTTP path. |
AWS_REGION |
ap-southeast-2 |
AWS region for collectors. |
AWS_DEFAULT_REGION |
unset |
AWS SDK fallback region. |
Storage
| Variable |
Default |
Purpose |
HARRIER_STORAGE_BACKEND |
local |
local or s3. |
HARRIER_LOCAL_STORE_DIR |
temp directory |
Local investigation report path. |
HARRIER_S3_STORE_BUCKET |
unset |
Required when HARRIER_STORAGE_BACKEND=s3. |
HARRIER_S3_STORE_PREFIX |
investigations |
Prefix for stored reports. |
Reasoning
| Variable |
Default |
Purpose |
HARRIER_ENABLE_BEDROCK_REASONING |
false |
Optional wording refinement. Deterministic rules remain source of truth. |
GitHub PR Flow
| Variable |
Default |
Purpose |
HARRIER_ALLOW_PR_CREATION |
false |
Global write gate for PR creation. |
HARRIER_PR_REPO_ALLOWLIST |
empty |
Comma-separated owner/repo allowlist. |
HARRIER_GITHUB_TOKEN |
unset |
GitHub token. |
GITHUB_TOKEN |
unset |
Fallback GitHub token. |
HARRIER_GITHUB_API_URL |
https://api.github.com |
GitHub API endpoint. |
PR creation also requires the MCP request to set dry_run=false and
allow_pr_creation=true. Without all gates, Harrier returns a blocked or
dry-run response.