provisioning/schemas/lib/verify_policy.ncl

# Verify policy contracts — backup verification as parallel provisioning.
# Drill-as-recipe: instead of a boolean flag, declare a sandbox infra recipe
# the daemon coordinator spins up, restores into, and runs an integration
# test suite against. The only credible verification is one that actually
# restores and exercises the data.

let bp = import "backup_policy.ncl" in

{
  # Test step discriminated union. The manager runs each step in order,
  # collecting pass/fail/skip; an optional step does not abort on failure.
  TestStep = {
    kind   | [| 'http_check, 'sql_query, 'file_exists, 'cmd, 'integration |],
    name   | String,
    optional | Bool | default = false,
    timeout  | bp.Duration | default = "60s",

    # 'http_check
    url             | String | optional,
    expected_status | Number | optional,

    # 'sql_query
    connection_ref | String | optional | doc "Reference to a connection profile (vault path or alias)",
    query          | String | optional,
    expected       | String | optional,

    # 'file_exists
    path     | String | optional,

    # 'cmd
    run               | String | optional,
    expect_zero_exit  | Bool   | default = true,

    # 'integration — invokes a higher-level scenario by name
    component | String | optional,
    scenario  | String | optional,
  },

  # Reference to a parallel provisioning recipe that materialises the sandbox.
  # The recipe lives under infra/<workspace>/verify-recipes/ and is itself
  # declarative Nickel exported to the orchestrator.
  ProvisioningRecipeRef = {
    name | String | doc "Recipe identifier (looked up in infra/<workspace>/verify-recipes/)",
    args | { _ | String } | doc "Per-invocation parameters passed to the recipe" | default = {},
  },

  # Drill specification consumed by the daemon coordinator on a verify schedule.
  DrillSpec = {
    name           | String,
    parallel_infra | ProvisioningRecipeRef,
    test_suite     | Array TestStep,
    cleanup        | [| 'always, 'on_success, 'never |] | default = 'on_success,
    timeout        | bp.Duration | default = "30m",
    schedule       | bp.Schedule | optional | doc "Drill cadence; defaults to manual invocation when omitted",
  },

  # Top-level verify policy: a level (cheapest → costliest) plus an optional
  # drill spec for 'restore_drill / 'full_dr levels.
  VerifyPolicy = {
    level    | [| 'quick, 'deep, 'restore_drill, 'full_dr |] | default = 'quick,
    schedule | bp.Schedule | optional,
    drill    | DrillSpec | optional,
  },
}
docs: update README and CHANGELOG for nickel branch (2026-05-12) 2026-05-12 02:23:01 +01:00			`# Verify policy contracts — backup verification as parallel provisioning.`
			`# Drill-as-recipe: instead of a boolean flag, declare a sandbox infra recipe`
			`# the daemon coordinator spins up, restores into, and runs an integration`
			`# test suite against. The only credible verification is one that actually`
			`# restores and exercises the data.`

			`let bp = import "backup_policy.ncl" in`

			`{`
			`# Test step discriminated union. The manager runs each step in order,`
			`# collecting pass/fail/skip; an optional step does not abort on failure.`
			`TestStep = {`
			`kind \| [\| 'http_check, 'sql_query, 'file_exists, 'cmd, 'integration \|],`
			`name \| String,`
			`optional \| Bool \| default = false,`
			`timeout \| bp.Duration \| default = "60s",`

			`# 'http_check`
			`url \| String \| optional,`
			`expected_status \| Number \| optional,`

			`# 'sql_query`
			`connection_ref \| String \| optional \| doc "Reference to a connection profile (vault path or alias)",`
			`query \| String \| optional,`
			`expected \| String \| optional,`

			`# 'file_exists`
			`path \| String \| optional,`

			`# 'cmd`
			`run \| String \| optional,`
			`expect_zero_exit \| Bool \| default = true,`

			`# 'integration — invokes a higher-level scenario by name`
			`component \| String \| optional,`
			`scenario \| String \| optional,`
			`},`

			`# Reference to a parallel provisioning recipe that materialises the sandbox.`
			`# The recipe lives under infra/<workspace>/verify-recipes/ and is itself`
			`# declarative Nickel exported to the orchestrator.`
			`ProvisioningRecipeRef = {`
			`name \| String \| doc "Recipe identifier (looked up in infra/<workspace>/verify-recipes/)",`
			`args \| { _ \| String } \| doc "Per-invocation parameters passed to the recipe" \| default = {},`
			`},`

			`# Drill specification consumed by the daemon coordinator on a verify schedule.`
			`DrillSpec = {`
			`name \| String,`
			`parallel_infra \| ProvisioningRecipeRef,`
			`test_suite \| Array TestStep,`
			`cleanup \| [\| 'always, 'on_success, 'never \|] \| default = 'on_success,`
			`timeout \| bp.Duration \| default = "30m",`
			`schedule \| bp.Schedule \| optional \| doc "Drill cadence; defaults to manual invocation when omitted",`
			`},`

			`# Top-level verify policy: a level (cheapest → costliest) plus an optional`
			`# drill spec for 'restore_drill / 'full_dr levels.`
			`VerifyPolicy = {`
			`level \| [\| 'quick, 'deep, 'restore_drill, 'full_dr \|] \| default = 'quick,`
			`schedule \| bp.Schedule \| optional,`
			`drill \| DrillSpec \| optional,`
			`},`
			`}`