provisioning/docs/src/development/glossary.md

# Provisioning Platform Glossary

**Last Updated**: 2025-10-10
**Version**: 1.0.0

This glossary defines key terminology used throughout the Provisioning Platform documentation. Terms are listed alphabetically with definitions, usage
context, and cross-references to related documentation.

---

## A

### ADR (Architecture Decision Record)

**Definition**: Documentation of significant architectural decisions, including context, decision, and consequences.

**Where Used**:

- Architecture planning and review
- Technical decision-making process
- System design documentation

**Related Concepts**: Architecture, Design Patterns, Technical Debt

**Examples**:

- ADR-001: Project Structure
- ADR-006: CLI Refactoring
- ADR-009: Complete Security System

**See Also**: Architecture Documentation

---

### Agent

**Definition**: A specialized component that performs a specific task in the system orchestration (for example, autonomous execution units in the
orchestrator).

**Where Used**:

- Task orchestration
- Workflow management
- Parallel execution patterns

**Related Concepts**: Orchestrator, Workflow, Task

**See Also**: [Orchestrator Architecture](../architecture/orchestrator-integration-model.md)

---

### Anchor Link

**Definition**: An internal document link to a specific section within the same or different markdown file using the `#` symbol.

**Where Used**:

- Cross-referencing documentation sections
- Table of contents generation
- Navigation within long documents

**Related Concepts**: Internal Link, Cross-Reference, Documentation

**Examples**:

- `[See Installation](#installation)` - Same document
- `[Configuration Guide](config.md#setup)` - Different document

---

### API Gateway

**Definition**: Platform service that provides unified REST API access to provisioning operations.

**Where Used**:

- External system integration
- Web Control Center backend
- MCP server communication

**Related Concepts**: REST API, Platform Service, Orchestrator

**Location**: `provisioning/platform/api-gateway/`

**See Also**: REST API Documentation

---

### Auth (Authentication)

**Definition**: The process of verifying user identity using JWT tokens, MFA, and secure session management.

**Where Used**:

- User login flows
- API access control
- CLI session management

**Related Concepts**: Authorization, JWT, MFA, Security

**See Also**:

- Authentication Layer Guide
- Auth Quick Reference

---

### Authorization

**Definition**: The process of determining user permissions using Cedar policy language.

**Where Used**:

- Access control decisions
- Resource permission checks
- Multi-tenant security

**Related Concepts**: Auth, Cedar, Policies, RBAC

**See Also**: Cedar Authorization Implementation

---

## B

### Batch Operation

**Definition**: A collection of related infrastructure operations executed as a single workflow unit.

**Where Used**:

- Multi-server deployments
- Cluster creation
- Bulk taskserv installation

**Related Concepts**: Workflow, Operation, Orchestrator

**Commands**:

```bash
provisioning batch submit workflow.ncl
provisioning batch list
provisioning batch status <id>
```

**See Also**: [Batch Workflow System](../guides/from-scratch.md)

---

### Break-Glass

**Definition**: Emergency access mechanism requiring multi-party approval for critical operations.

**Where Used**:

- Emergency system access
- Incident response
- Security override scenarios

**Related Concepts**: Security, Compliance, Audit

**Commands**:

```bash
provisioning break-glass request "reason"
provisioning break-glass approve <id>
```

**See Also**: Break-Glass Training Guide

---

## C

### Cedar

**Definition**: Amazon's policy language used for fine-grained authorization decisions.

**Where Used**:

- Authorization policies
- Access control rules
- Resource permissions

**Related Concepts**: Authorization, Policies, Security

**See Also**: Cedar Authorization Implementation

---

### Checkpoint

**Definition**: A saved state of a workflow allowing resume from point of failure.

**Where Used**:

- Workflow recovery
- Long-running operations
- Batch processing

**Related Concepts**: Workflow, State Management, Recovery

**See Also**: [Batch Workflow System](../guides/from-scratch.md)

---

### CLI (Command-Line Interface)

**Definition**: The `provisioning` command-line tool providing access to all platform operations.

**Where Used**:

- Daily operations
- Script automation
- CI/CD pipelines

**Related Concepts**: Command, Shortcut, Module

**Location**: `provisioning/core/cli/provisioning`

**Examples**:

```bash
provisioning server create
provisioning taskserv install kubernetes
provisioning workspace switch prod
```

**See Also**:

- [CLI Reference](../infrastructure/cli-reference.md)
- CLI Reference

---

### Cluster

**Definition**: A complete, pre-configured deployment of multiple servers and taskservs working together.

**Where Used**:

- Kubernetes deployments
- Database clusters
- Complete infrastructure stacks

**Related Concepts**: Infrastructure, Server, Taskserv

**Location**: `provisioning/extensions/clusters/{name}/`

**Commands**:

```bash
provisioning cluster create <name>
provisioning cluster list
provisioning cluster delete <name>
```

**See Also**: Infrastructure Management

---

### Compliance

**Definition**: System capabilities ensuring adherence to regulatory requirements (GDPR, SOC2, ISO 27001).

**Where Used**:

- Audit logging
- Data retention policies
- Incident response

**Related Concepts**: Audit, Security, GDPR

**See Also**: Compliance Implementation Summary

---

### Config (Configuration)

**Definition**: System settings stored in TOML files with hierarchical loading and variable interpolation.

**Where Used**:

- System initialization
- User preferences
- Environment-specific settings

**Related Concepts**: Settings, Environment, Workspace

**Files**:

- `provisioning/config/config.defaults.toml` - System defaults
- `workspace/config/local-overrides.toml` - User settings

**See Also**: [Configuration Guide](../infrastructure/configuration-guide.md)

---

### Control Center

**Definition**: Web-based UI for managing provisioning operations built with Ratatui/Crossterm.

**Where Used**:

- Visual infrastructure management
- Real-time monitoring
- Guided workflows

**Related Concepts**: UI, Platform Service, Orchestrator

**Location**: `provisioning/platform/control-center/`

**See Also**: Platform Services

---

### CoreDNS

**Definition**: DNS server taskserv providing service discovery and DNS management.

**Where Used**:

- Kubernetes DNS
- Service discovery
- Internal DNS resolution

**Related Concepts**: Taskserv, Kubernetes, Networking

**See Also**:

- CoreDNS Guide
- CoreDNS Quick Reference

---

### Cross-Reference

**Definition**: Links between related documentation sections or concepts.

**Where Used**:

- Documentation navigation
- Related topic discovery
- Learning path guidance

**Related Concepts**: Documentation, Navigation, See Also

**Examples**: "See Also" sections at the end of documentation pages

---

## D

### Dependency

**Definition**: A requirement that must be satisfied before installing or running a component.

**Where Used**:

- Taskserv installation order
- Version compatibility checks
- Cluster deployment sequencing

**Related Concepts**: Version, Taskserv, Workflow

**Schema**: `provisioning/schemas/dependencies.ncl`

**See Also**: Nickel Dependency Patterns

---

### Diagnostics

**Definition**: System health checking and troubleshooting assistance.

**Where Used**:

- System status verification
- Problem identification
- Guided troubleshooting

**Related Concepts**: Health Check, Monitoring, Troubleshooting

**Commands**:

```bash
provisioning status
provisioning diagnostics run
```

---

### Dynamic Secrets

**Definition**: Temporary credentials generated on-demand with automatic expiration.

**Where Used**:

- AWS STS tokens
- SSH temporary keys
- Database credentials

**Related Concepts**: Security, KMS, Secrets Management

**See Also**:

- Dynamic Secrets Implementation
- Dynamic Secrets Quick Reference

---

## E

### Environment

**Definition**: A deployment context (dev, test, prod) with specific configuration overrides.

**Where Used**:

- Configuration loading
- Resource isolation
- Deployment targeting

**Related Concepts**: Config, Workspace, Infrastructure

**Config Files**: `config.{dev,test,prod}.toml`

**Usage**:

```bash
PROVISIONING_ENV=prod provisioning server list
```

---

### Extension

**Definition**: A pluggable component adding functionality (provider, taskserv, cluster, or workflow).

**Where Used**:

- Custom cloud providers
- Third-party taskservs
- Custom deployment patterns

**Related Concepts**: Provider, Taskserv, Cluster, Workflow

**Location**: `provisioning/extensions/{type}/{name}/`

**See Also**: Extension Development

---

## F

### Feature

**Definition**: A major system capability providing key platform functionality.

**Where Used**:

- Architecture documentation
- Feature planning
- System capabilities

**Related Concepts**: ADR, Architecture, System

**Examples**:

- Batch Workflow System
- Orchestrator Architecture
- CLI Architecture
- Configuration System

**See Also**: [Architecture Overview](../architecture/system-overview.md)

---

## G

### GDPR (General Data Protection Regulation)

**Definition**: EU data protection regulation compliance features in the platform.

**Where Used**:

- Data export requests
- Right to erasure
- Audit compliance

**Related Concepts**: Compliance, Audit, Security

**Commands**:

```bash
provisioning compliance gdpr export <user>
provisioning compliance gdpr delete <user>
```

**See Also**: Compliance Implementation

---

### Glossary

**Definition**: This document - a comprehensive terminology reference for the platform.

**Where Used**:

- Learning the platform
- Understanding documentation
- Resolving terminology questions

**Related Concepts**: Documentation, Reference, Cross-Reference

---

### Guide

**Definition**: Step-by-step walkthrough documentation for common workflows.

**Where Used**:

- Onboarding new users
- Learning workflows
- Reference implementation

**Related Concepts**: Documentation, Workflow, Tutorial

**Commands**:

```bash
provisioning guide from-scratch
provisioning guide update
provisioning guide customize
```

**See Also**: [Guides](../guides/README.md)

---

## H

### Health Check

**Definition**: Automated verification that a component is running correctly.

**Where Used**:

- Taskserv validation
- System monitoring
- Dependency verification

**Related Concepts**: Diagnostics, Monitoring, Status

**Example**:

```kcl
health_check = {
    endpoint = "http://localhost:6443/healthz"
    timeout = 30
    interval = 10
}
```

---

### Hybrid Architecture

**Definition**: System design combining Rust orchestrator with Nushell business logic.

**Where Used**:

- Core platform architecture
- Performance optimization
- Call stack management

**Related Concepts**: Orchestrator, Architecture, Design

**See Also**:

- [Orchestrator Architecture](../architecture/orchestrator-integration-model.md)
- [ADR-004: Hybrid Architecture](../architecture/adr/adr-004-hybrid-architecture.md)

---

## I

### Infrastructure

**Definition**: A named collection of servers, configurations, and deployments managed as a unit.

**Where Used**:

- Environment isolation
- Resource organization
- Deployment targeting

**Related Concepts**: Workspace, Server, Environment

**Location**: `workspace/infra/{name}/`

**Commands**:

```bash
provisioning infra list
provisioning generate infra --new <name>
```

**See Also**: Infrastructure Management

---

### Integration

**Definition**: Connection between platform components or external systems.

**Where Used**:

- API integration
- CI/CD pipelines
- External tool connectivity

**Related Concepts**: API, Extension, Platform

**See Also**:

- Integration Patterns
- Integration Examples

---

### Internal Link

**Definition**: A markdown link to another documentation file or section within the platform docs.

**Where Used**:

- Cross-referencing documentation
- Navigation between topics
- Related content discovery

**Related Concepts**: Anchor Link, Cross-Reference, Documentation

**Examples**:

- `[See Configuration](configuration.md)`
- `[Architecture Overview](../architecture/README.md)`

---

## J

### JWT (JSON Web Token)

**Definition**: Token-based authentication mechanism using RS256 signatures.

**Where Used**:

- User authentication
- API authorization
- Session management

**Related Concepts**: Auth, Security, Token

**See Also**: JWT Auth Implementation

---

## K

### Nickel (Nickel Configuration Language)

**Definition**: Declarative configuration language with type safety and lazy evaluation for infrastructure definitions.

**Where Used**:

- Infrastructure schemas
- Workflow definitions
- Configuration validation

**Related Concepts**: Schema, Configuration, Validation

**Version**: 1.15.0+

**Location**: `provisioning/schemas/*.ncl`

**See Also**: Nickel Quick Reference

---

### KMS (Key Management Service)

**Definition**: Encryption key management system supporting multiple backends (RustyVault, Age, AWS, Vault).

**Where Used**:

- Configuration encryption
- Secret management
- Data protection

**Related Concepts**: Security, Encryption, Secrets

**See Also**: RustyVault KMS Guide

---

### Kubernetes

**Definition**: Container orchestration platform available as a taskserv.

**Where Used**:

- Container deployments
- Cluster management
- Production workloads

**Related Concepts**: Taskserv, Cluster, Container

**Commands**:

```bash
provisioning taskserv create kubernetes
provisioning test quick kubernetes
```

---

## L

### Layer

**Definition**: A level in the configuration hierarchy (Core → Workspace → Infrastructure).

**Where Used**:

- Configuration inheritance
- Customization patterns
- Settings override

**Related Concepts**: Config, Workspace, Infrastructure

**See Also**: [Configuration Guide](../infrastructure/configuration-guide.md)

---

## M

### MCP (Model Context Protocol)

**Definition**: AI-powered server providing intelligent configuration assistance.

**Where Used**:

- Configuration validation
- Troubleshooting guidance
- Documentation search

**Related Concepts**: Platform Service, AI, Guidance

**Location**: `provisioning/platform/mcp-server/`

**See Also**: Platform Services

---

### MFA (Multi-Factor Authentication)

**Definition**: Additional authentication layer using TOTP or WebAuthn/FIDO2.

**Where Used**:

- Enhanced security
- Compliance requirements
- Production access

**Related Concepts**: Auth, Security, TOTP, WebAuthn

**Commands**:

```bash
provisioning mfa totp enroll
provisioning mfa webauthn enroll
provisioning mfa verify <code>
```

**See Also**: MFA Implementation Summary

---

### Migration

**Definition**: Process of updating existing infrastructure or moving between system versions.

**Where Used**:

- System upgrades
- Configuration changes
- Infrastructure evolution

**Related Concepts**: Update, Upgrade, Version

**See Also**: Migration Guide

---

### Module

**Definition**: A reusable component (provider, taskserv, cluster) loaded into a workspace.

**Where Used**:

- Extension management
- Workspace customization
- Component distribution

**Related Concepts**: Extension, Workspace, Package

**Commands**:

```bash
provisioning module discover provider
provisioning module load provider <ws> <name>
provisioning module list taskserv
```

**See Also**: [Module System](../development/extension-development.md)

---

## N

### Nushell

**Definition**: Primary shell and scripting language (v0.107.1) used throughout the platform.

**Where Used**:

- CLI implementation
- Automation scripts
- Business logic

**Related Concepts**: CLI, Script, Automation

**Version**: 0.107.1

**See Also**: [Nushell Guidelines](../development/README.md)

---

## O

### OCI (Open Container Initiative)

**Definition**: Standard format for packaging and distributing extensions.

**Where Used**:

- Extension distribution
- Package registry
- Version management

**Related Concepts**: Registry, Package, Distribution

**See Also**: OCI Registry Guide

---

### Operation

**Definition**: A single infrastructure action (create server, install taskserv, etc.).

**Where Used**:

- Workflow steps
- Batch processing
- Orchestrator tasks

**Related Concepts**: Workflow, Task, Action

---

### Orchestrator

**Definition**: Hybrid Rust/Nushell service coordinating complex infrastructure operations.

**Where Used**:

- Workflow execution
- Task coordination
- State management

**Related Concepts**: Hybrid Architecture, Workflow, Platform Service

**Location**: `provisioning/platform/orchestrator/`

**Commands**:

```bash
cd provisioning/platform/orchestrator
./scripts/start-orchestrator.nu --background
```

**See Also**: [Orchestrator Architecture](../architecture/orchestrator-integration-model.md)

---

## P

### PAP (Project Architecture Principles)

**Definition**: Core architectural rules and patterns that must be followed.

**Where Used**:

- Code review
- Architecture decisions
- Design validation

**Related Concepts**: Architecture, ADR, Best Practices

**See Also**: Architecture Overview

---

### Platform Service

**Definition**: A core service providing platform-level functionality (Orchestrator, Control Center, MCP, API Gateway).

**Where Used**:

- System infrastructure
- Core capabilities
- Service integration

**Related Concepts**: Service, Architecture, Infrastructure

**Location**: `provisioning/platform/{service}/`

---

### Plugin

**Definition**: Native Nushell plugin providing performance-optimized operations.

**Where Used**:

- Auth operations (10-50x faster)
- KMS encryption
- Orchestrator queries

**Related Concepts**: Nushell, Performance, Native

**Commands**:

```bash
provisioning plugin list
provisioning plugin install
```

**See Also**: Nushell Plugins Guide

---

### Provider

**Definition**: Cloud platform integration (AWS, UpCloud, local) handling infrastructure provisioning.

**Where Used**:

- Server creation
- Resource management
- Cloud operations

**Related Concepts**: Extension, Infrastructure, Cloud

**Location**: `provisioning/extensions/providers/{name}/`

**Examples**: aws, upcloud, local

**Commands**:

```bash
provisioning module discover provider
provisioning providers list
```

**See Also**: Quick Provider Guide

---

## Q

### Quick Reference

**Definition**: Condensed command and configuration reference for rapid lookup.

**Where Used**:

- Daily operations
- Quick reminders
- Command syntax

**Related Concepts**: Guide, Documentation, Cheatsheet

**Commands**:

```bash
provisioning sc  # Fastest
provisioning guide quickstart
```

**See Also**: Quickstart Cheatsheet

---

## R

### RBAC (Role-Based Access Control)

**Definition**: Permission system with 5 roles (admin, operator, developer, viewer, auditor).

**Where Used**:

- User permissions
- Access control
- Security policies

**Related Concepts**: Authorization, Cedar, Security

**Roles**: Admin, Operator, Developer, Viewer, Auditor

---

### Registry

**Definition**: OCI-compliant repository for storing and distributing extensions.

**Where Used**:

- Extension publishing
- Version management
- Package distribution

**Related Concepts**: OCI, Package, Distribution

**See Also**: OCI Registry Guide

---

### REST API

**Definition**: HTTP endpoints exposing platform operations to external systems.

**Where Used**:

- External integration
- Web UI backend
- Programmatic access

**Related Concepts**: API, Integration, HTTP

**Endpoint**: `http://localhost:9090`

**See Also**: REST API Documentation

---

### Rollback

**Definition**: Reverting a failed workflow or operation to previous stable state.

**Where Used**:

- Failure recovery
- Deployment safety
- State restoration

**Related Concepts**: Workflow, Checkpoint, Recovery

**Commands**:

```bash
provisioning batch rollback <workflow-id>
```

---

### RustyVault

**Definition**: Rust-based secrets management backend for KMS.

**Where Used**:

- Key storage
- Secret encryption
- Configuration protection

**Related Concepts**: KMS, Security, Encryption

**See Also**: RustyVault KMS Guide

---

## S

### Schema

**Definition**: Nickel type definition specifying structure and validation rules.

**Where Used**:

- Configuration validation
- Type safety
- Documentation

**Related Concepts**: Nickel, Validation, Type

**Example**:

```nickel
let ServerConfig = {
    hostname | string,
    cores | number,
    memory | number,
} in
ServerConfig
```

**See Also**: Nickel Development

---

### Secrets Management

**Definition**: System for secure storage and retrieval of sensitive data.

**Where Used**:

- Password storage
- API keys
- Certificates

**Related Concepts**: KMS, Security, Encryption

**See Also**: Dynamic Secrets Implementation

---

### Security System

**Definition**: Comprehensive enterprise-grade security with 12 components (Auth, Cedar, MFA, KMS, Secrets, Compliance, etc.).

**Where Used**:

- User authentication
- Access control
- Data protection

**Related Concepts**: Auth, Authorization, MFA, KMS, Audit

**See Also**: Security System Implementation

---

### Server

**Definition**: Virtual machine or physical host managed by the platform.

**Where Used**:

- Infrastructure provisioning
- Compute resources
- Deployment targets

**Related Concepts**: Infrastructure, Provider, Taskserv

**Commands**:

```bash
provisioning server create
provisioning server list
provisioning server ssh <hostname>
```

**See Also**: Infrastructure Management

---

### Service

**Definition**: A running application or daemon (interchangeable with Taskserv in many contexts).

**Where Used**:

- Service management
- Application deployment
- System administration

**Related Concepts**: Taskserv, Daemon, Application

**See Also**: Service Management Guide

---

### Shortcut

**Definition**: Abbreviated command alias for faster CLI operations.

**Where Used**:

- Daily operations
- Quick commands
- Productivity enhancement

**Related Concepts**: CLI, Command, Alias

**Examples**:

- `provisioning s create` → `provisioning server create`
- `provisioning ws list` → `provisioning workspace list`
- `provisioning sc` → Quick reference

**See Also**: [CLI Reference](../infrastructure/cli-reference.md)

---

### SOPS (Secrets OPerationS)

**Definition**: Encryption tool for managing secrets in version control.

**Where Used**:

- Configuration encryption
- Secret management
- Secure storage

**Related Concepts**: Encryption, Security, Age

**Version**: 3.10.2

**Commands**:

```bash
provisioning sops edit <file>
```

---

### SSH (Secure Shell)

**Definition**: Encrypted remote access protocol with temporal key support.

**Where Used**:

- Server administration
- Remote commands
- Secure file transfer

**Related Concepts**: Security, Server, Remote Access

**Commands**:

```bash
provisioning server ssh <hostname>
provisioning ssh connect <server>
```

**See Also**: SSH Temporal Keys User Guide

---

### State Management

**Definition**: Tracking and persisting workflow execution state.

**Where Used**:

- Workflow recovery
- Progress tracking
- Failure handling

**Related Concepts**: Workflow, Checkpoint, Orchestrator

---

## T

### Task

**Definition**: A unit of work submitted to the orchestrator for execution.

**Where Used**:

- Workflow execution
- Job processing
- Operation tracking

**Related Concepts**: Operation, Workflow, Orchestrator

---

### Taskserv

**Definition**: An installable infrastructure service (Kubernetes, PostgreSQL, Redis, etc.).

**Where Used**:

- Service installation
- Application deployment
- Infrastructure components

**Related Concepts**: Service, Extension, Package

**Location**: `provisioning/extensions/taskservs/{category}/{name}/`

**Commands**:

```bash
provisioning taskserv create <name>
provisioning taskserv list
provisioning test quick <taskserv>
```

**See Also**: Taskserv Developer Guide

---

### Template

**Definition**: Parameterized configuration file supporting variable substitution.

**Where Used**:

- Configuration generation
- Infrastructure customization
- Deployment automation

**Related Concepts**: Config, Generation, Customization

**Location**: `provisioning/templates/`

---

### Test Environment

**Definition**: Containerized isolated environment for testing taskservs and clusters.

**Where Used**:

- Development testing
- CI/CD integration
- Pre-deployment validation

**Related Concepts**: Container, Testing, Validation

**Commands**:

```bash
provisioning test quick <taskserv>
provisioning test env single <taskserv>
provisioning test env cluster <cluster>
```

**See Also**: [Test Environment Guide](../testing/test-environment-guide.md)

---

### Topology

**Definition**: Multi-node cluster configuration template (Kubernetes HA, etcd cluster, etc.).

**Where Used**:

- Cluster testing
- Multi-node deployments
- Production simulation

**Related Concepts**: Test Environment, Cluster, Configuration

**Examples**: kubernetes_3node, etcd_cluster, kubernetes_single

---

### TOTP (Time-based One-Time Password)

**Definition**: MFA method generating time-sensitive codes.

**Where Used**:

- Two-factor authentication
- MFA enrollment
- Security enhancement

**Related Concepts**: MFA, Security, Auth

**Commands**:

```bash
provisioning mfa totp enroll
provisioning mfa totp verify <code>
```

---

### Troubleshooting

**Definition**: System problem diagnosis and resolution guidance.

**Where Used**:

- Problem solving
- Error resolution
- System debugging

**Related Concepts**: Diagnostics, Guide, Support

**See Also**: Troubleshooting Guide

---

## U

### UI (User Interface)

**Definition**: Visual interface for platform operations (Control Center, Web UI).

**Where Used**:

- Visual management
- Guided workflows
- Monitoring dashboards

**Related Concepts**: Control Center, Platform Service, GUI

---

### Update

**Definition**: Process of upgrading infrastructure components to newer versions.

**Where Used**:

- Version management
- Security patches
- Feature updates

**Related Concepts**: Version, Migration, Upgrade

**Commands**:

```bash
provisioning version check
provisioning version apply
```

**See Also**: Update Infrastructure Guide

---

## V

### Validation

**Definition**: Verification that configuration or infrastructure meets requirements.

**Where Used**:

- Configuration checks
- Schema validation
- Pre-deployment verification

**Related Concepts**: Schema, Nickel, Check

**Commands**:

```bash
provisioning validate config
provisioning validate infrastructure
```

**See Also**: [Config Validation](../provisioning/docs/CONFIG_VALIDATION.md)

---

### Version

**Definition**: Semantic version identifier for components and compatibility.

**Where Used**:

- Component versioning
- Compatibility checking
- Update management

**Related Concepts**: Update, Dependency, Compatibility

**Commands**:

```bash
provisioning version
provisioning version check
provisioning taskserv check-updates
```

---

## W

### WebAuthn

**Definition**: FIDO2-based passwordless authentication standard.

**Where Used**:

- Hardware key authentication
- Passwordless login
- Enhanced MFA

**Related Concepts**: MFA, Security, FIDO2

**Commands**:

```bash
provisioning mfa webauthn enroll
provisioning mfa webauthn verify
```

---

### Workflow

**Definition**: A sequence of related operations with dependency management and state tracking.

**Where Used**:

- Complex deployments
- Multi-step operations
- Automated processes

**Related Concepts**: Batch Operation, Orchestrator, Task

**Commands**:

```bash
provisioning workflow list
provisioning workflow status <id>
provisioning workflow monitor <id>
```

**See Also**: [Batch Workflow System](../guides/from-scratch.md)

---

### Workspace

**Definition**: An isolated environment containing infrastructure definitions and configuration.

**Where Used**:

- Project isolation
- Environment separation
- Team workspaces

**Related Concepts**: Infrastructure, Config, Environment

**Location**: `workspace/{name}/`

**Commands**:

```bash
provisioning workspace list
provisioning workspace switch <name>
provisioning workspace create <name>
```

**See Also**: Workspace Switching Guide

---

## X-Z

### YAML

**Definition**: Data serialization format used for Kubernetes manifests and configuration.

**Where Used**:

- Kubernetes deployments
- Configuration files
- Data interchange

**Related Concepts**: Config, Kubernetes, Data Format

---

## Symbol and Acronym Index

| Symbol/Acronym | Full Term | Category |
| ---------------- | ----------- | ---------- |
| ADR | Architecture Decision Record | Architecture |
| API | Application Programming Interface | Integration |
| CLI | Command-Line Interface | User Interface |
| GDPR | General Data Protection Regulation | Compliance |
| JWT | JSON Web Token | Security |
| Nickel | Nickel Configuration Language | Configuration |
| KMS | Key Management Service | Security |
| MCP | Model Context Protocol | Platform |
| MFA | Multi-Factor Authentication | Security |
| OCI | Open Container Initiative | Packaging |
| PAP | Project Architecture Principles | Architecture |
| RBAC | Role-Based Access Control | Security |
| REST | Representational State Transfer | API |
| SOC2 | Service Organization Control 2 | Compliance |
| SOPS | Secrets OPerationS | Security |
| SSH | Secure Shell | Remote Access |
| TOTP | Time-based One-Time Password | Security |
| UI | User Interface | User Interface |

---

## Cross-Reference Map

### By Topic Area

**Infrastructure**:

- Infrastructure, Server, Cluster, Provider, Taskserv, Module

**Security**:

- Auth, Authorization, JWT, MFA, TOTP, WebAuthn, Cedar, KMS, Secrets Management, RBAC, Break-Glass

**Configuration**:

- Config, Nickel, Schema, Validation, Environment, Layer, Workspace

**Workflow & Operations**:

- Workflow, Batch Operation, Operation, Task, Orchestrator, Checkpoint, Rollback

**Platform Services**:

- Orchestrator, Control Center, MCP, API Gateway, Platform Service

**Documentation**:

- Glossary, Guide, ADR, Cross-Reference, Internal Link, Anchor Link

**Development**:

- Extension, Plugin, Template, Module, Integration

**Testing**:

- Test Environment, Topology, Validation, Health Check

**Compliance**:

- Compliance, GDPR, Audit, Security System

### By User Journey

**New User**:

1. Glossary (this document)
2. Guide
3. Quick Reference
4. Workspace
5. Infrastructure
6. Server
7. Taskserv

**Developer**:

1. Extension
2. Provider
3. Taskserv
4. Nickel
5. Schema
6. Template
7. Plugin

**Operations**:

1. Workflow
2. Orchestrator
3. Monitoring
4. Troubleshooting
5. Security
6. Compliance

---

## Terminology Guidelines

### Writing Style

**Consistency**: Use the same term throughout documentation (for example, "Taskserv" not "task service" or "task-serv")

**Capitalization**:

- Proper nouns and acronyms: CAPITALIZE (Nickel, JWT, MFA)
- Generic terms: lowercase (server, cluster, workflow)
- Platform-specific terms: Title Case (Taskserv, Workspace, Orchestrator)

**Pluralization**:

- Taskservs (not taskservices)
- Workspaces (standard plural)
- Topologies (not topologys)

### Avoiding Confusion

| Don't Say | Say Instead | Reason |
| ----------- | ------------- | -------- |
| "Task service" | "Taskserv" | Standard platform term |
| "Configuration file" | "Config" or "Settings" | Context-dependent |
| "Worker" | "Agent" or "Task" | Clarify context |
| "Kubernetes service" | "K8s taskserv" or "K8s Service resource" | Disambiguate |

---

## Contributing to the Glossary

### Adding New Terms

1. Alphabetical placement in appropriate section
2. Include all standard sections:
   - Definition
   - Where Used
   - Related Concepts
   - Examples (if applicable)
   - Commands (if applicable)
   - See Also (links to docs)

3. Cross-reference in related terms
4. Update Symbol and Acronym Index if applicable
5. Update Cross-Reference Map

### Updating Existing Terms

1. Verify changes don't break cross-references
2. Update "Last Updated" date at top
3. Increment version if major changes
4. Review related terms for consistency

---

## Version History

| Version | Date | Changes |
| --------- | ------ | --------- |
| 1.0.0 | 2025-10-10 | Initial comprehensive glossary |

---

**Maintained By**: Documentation Team
**Review Cycle**: Quarterly or when major features are added
**Feedback**: Please report missing or unclear terms via issues