provisioning/schemas/platform/configs/vault-service.cicd.ncl

# Vault Service - CI/CD Mode Configuration
# Pipeline integration, ephemeral in-memory storage

let vault_schema = import "../schemas/vault-service.ncl" in

{
  vault | vault_schema.VaultServiceConfig = {
    server = {
      host = "0.0.0.0",
      port = 8200,
      workers = 8,
      keep_alive = 75,
      max_connections = 200,
    },

    storage = {
      backend = "memory",
      path = "/tmp/provisioning-vault-cicd",
      encryption_key_path = "/tmp/provisioning-vault-cicd/master.key",
    },

    vault = {
      server_url = "http://vault-cicd:8200",
      storage_backend = "memory",
      deployment_mode = "Service",
      mount_point = "transit-cicd",
      key_name = "provisioning-cicd",
      tls_verify = false,
    },

    ha = {
      enabled = false,
      mode = "raft",
    },

    security = {
      encryption_algorithm = "aes-256-gcm",
      key_rotation_days = 90,
    },

    monitoring = {
      enabled = false,
      metrics_interval = 60,
    },

    logging = {
      level = "warn",
      format = "json",
    },
  },
}
chore: complete nickel migration and consolidate legacy configs - Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/ 2026-01-08 09:55:37 +00:00			`# Vault Service - CI/CD Mode Configuration`
			`# Pipeline integration, ephemeral in-memory storage`

			`let vault_schema = import "../schemas/vault-service.ncl" in`

			`{`
			`vault \| vault_schema.VaultServiceConfig = {`
			`server = {`
			`host = "0.0.0.0",`
			`port = 8200,`
			`workers = 8,`
			`keep_alive = 75,`
			`max_connections = 200,`
			`},`

			`storage = {`
			`backend = "memory",`
			`path = "/tmp/provisioning-vault-cicd",`
			`encryption_key_path = "/tmp/provisioning-vault-cicd/master.key",`
			`},`

			`vault = {`
			`server_url = "http://vault-cicd:8200",`
			`storage_backend = "memory",`
			`deployment_mode = "Service",`
			`mount_point = "transit-cicd",`
			`key_name = "provisioning-cicd",`
			`tls_verify = false,`
			`},`

			`ha = {`
			`enabled = false,`
			`mode = "raft",`
			`},`

			`security = {`
			`encryption_algorithm = "aes-256-gcm",`
			`key_rotation_days = 90,`
			`},`

			`monitoring = {`
			`enabled = false,`
			`metrics_interval = 60,`
			`},`

			`logging = {`
			`level = "warn",`
			`format = "json",`
			`},`
			`},`
			`}`