provisioning/schemas/platform/deployment/cicd.ncl

# CI/CD Mode Schema
# Pipeline-driven, ephemeral workspaces for automated testing and deployment
# Resources: 8 CPU, 16GB RAM, 200GB disk (often with auto-scaling)

{
  CicdModeConfig = {
    # Deployment mode identifier
    mode  | String = 'cicd,

    # Resource allocation (may be elastic)
    resources = {
      cpu_cores | String,
      memory_mb | String,
      disk_gb | String,
      max_connections | String | optional,
      auto_scaling | String | optional,
      min_replicas | String | optional,
      max_replicas | String | optional,
    },

    # Service enablement (API-centric)
    services = {
      orchestrator = {
        enabled | String,
        storage_backend | String,
        workers | String | optional,
        queue_max_concurrent_tasks | String | optional,
        batch_parallel_limit | Number | optional,
        api_only_mode | String | optional,
        ui_enabled | String | optional,
      },
      control_center = {
        enabled | String,
        database | String,
        api_only_mode | String | optional,
        ui_enabled | String | optional,
        audit_logging | String | optional,
      },
      mcp_server = {
        enabled | String,
        protocol | String | optional,
        max_concurrent_tools | String | optional,
      },
      installer = {
        enabled | String | optional,
      },
      api_gateway = {
        enabled | String | optional,
        port | Number | optional,
      },
    },

    # Workspace management (ephemeral)
    workspaces = {
      ephemeral | String,
      auto_cleanup | String | optional,
      cleanup_after_minutes | Number | optional,
      max_workspace_lifetime_minutes | Number | optional,
    },

    # Security configuration (token-based)
    security = {
      auto_generate_secrets | String,
      kms_backend | String,
      audit_logging | String,
      tls_enabled | String,
      rbac_enabled | String,
      mfa_enabled | String | optional,
      api_token_auth_only | String | optional,
      api_token_expiration_hours | Number | optional,
    },

    # Pipeline integration
    pipeline = {
      webhook_enabled | String | optional,
      github_actions_enabled | String | optional,
      gitlab_ci_enabled | String | optional,
      jenkins_enabled | String | optional,
      webhook_secret_rotation_days | Number | optional,
    },

    # Networking (container/cloud-native)
    networking = {
      bind_localhost_only | String | optional,
      expose_services | String,
      load_balancer | String | optional,
      service_mesh_enabled | String | optional,
    },

    # High Availability (managed by orchestration)
    ha = {
      enabled | String,
      replicas | String | optional,
      auto_failover | String | optional,
    },

    # Monitoring and observability (metrics-heavy)
    monitoring = {
      enabled | String,
      metrics_enabled | String,
      metrics_scrape_interval_seconds | Number | optional,
      health_checks_enabled | String,
      health_check_interval_seconds | Number | optional,
      logging_level | String | optional,
      distributed_tracing_enabled | String | optional,
    },

    # Performance and optimization
    performance = {
      cache_enabled | String | optional,
      cache_ttl_seconds | Number | optional,
      batch_size | Number | optional,
    },
  },
}
chore: complete nickel migration and consolidate legacy configs - Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/ 2026-01-08 09:55:37 +00:00			`# CI/CD Mode Schema`
			`# Pipeline-driven, ephemeral workspaces for automated testing and deployment`
			`# Resources: 8 CPU, 16GB RAM, 200GB disk (often with auto-scaling)`

			`{`
			`CicdModeConfig = {`
			`# Deployment mode identifier`
			`mode \| String = 'cicd,`

			`# Resource allocation (may be elastic)`
			`resources = {`
			`cpu_cores \| String,`
			`memory_mb \| String,`
			`disk_gb \| String,`
			`max_connections \| String \| optional,`
			`auto_scaling \| String \| optional,`
			`min_replicas \| String \| optional,`
			`max_replicas \| String \| optional,`
			`},`

			`# Service enablement (API-centric)`
			`services = {`
			`orchestrator = {`
			`enabled \| String,`
			`storage_backend \| String,`
			`workers \| String \| optional,`
			`queue_max_concurrent_tasks \| String \| optional,`
			`batch_parallel_limit \| Number \| optional,`
			`api_only_mode \| String \| optional,`
			`ui_enabled \| String \| optional,`
			`},`
			`control_center = {`
			`enabled \| String,`
			`database \| String,`
			`api_only_mode \| String \| optional,`
			`ui_enabled \| String \| optional,`
			`audit_logging \| String \| optional,`
			`},`
			`mcp_server = {`
			`enabled \| String,`
			`protocol \| String \| optional,`
			`max_concurrent_tools \| String \| optional,`
			`},`
			`installer = {`
			`enabled \| String \| optional,`
			`},`
			`api_gateway = {`
			`enabled \| String \| optional,`
			`port \| Number \| optional,`
			`},`
			`},`

			`# Workspace management (ephemeral)`
			`workspaces = {`
			`ephemeral \| String,`
			`auto_cleanup \| String \| optional,`
			`cleanup_after_minutes \| Number \| optional,`
			`max_workspace_lifetime_minutes \| Number \| optional,`
			`},`

			`# Security configuration (token-based)`
			`security = {`
			`auto_generate_secrets \| String,`
			`kms_backend \| String,`
			`audit_logging \| String,`
			`tls_enabled \| String,`
			`rbac_enabled \| String,`
			`mfa_enabled \| String \| optional,`
			`api_token_auth_only \| String \| optional,`
			`api_token_expiration_hours \| Number \| optional,`
			`},`

			`# Pipeline integration`
			`pipeline = {`
			`webhook_enabled \| String \| optional,`
			`github_actions_enabled \| String \| optional,`
			`gitlab_ci_enabled \| String \| optional,`
			`jenkins_enabled \| String \| optional,`
			`webhook_secret_rotation_days \| Number \| optional,`
			`},`

			`# Networking (container/cloud-native)`
			`networking = {`
			`bind_localhost_only \| String \| optional,`
			`expose_services \| String,`
			`load_balancer \| String \| optional,`
			`service_mesh_enabled \| String \| optional,`
			`},`

			`# High Availability (managed by orchestration)`
			`ha = {`
			`enabled \| String,`
			`replicas \| String \| optional,`
			`auto_failover \| String \| optional,`
			`},`

			`# Monitoring and observability (metrics-heavy)`
			`monitoring = {`
			`enabled \| String,`
			`metrics_enabled \| String,`
			`metrics_scrape_interval_seconds \| Number \| optional,`
			`health_checks_enabled \| String,`
			`health_check_interval_seconds \| Number \| optional,`
			`logging_level \| String \| optional,`
			`distributed_tracing_enabled \| String \| optional,`
			`},`

			`# Performance and optimization`
			`performance = {`
			`cache_enabled \| String \| optional,`
			`cache_ttl_seconds \| Number \| optional,`
			`batch_size \| Number \| optional,`
			`},`
			`},`
			`}`