provisioning/schemas/nested_provisioning/contracts.ncl

# Nested Provisioning Contracts
#
# Type definitions for nested VM provisioning
# Migrated from provisioning/kcl/nested_provisioning.k

{
  VolumeConfig = {
    name | String,
    description | String | optional,
    type | [| 'local, 'nfs, 'cifs, 'cloud, 'host |] | default = 'local,
    size_gb | Number | optional,
    mount_path | String,
    readonly | Bool | optional | default = false,
    mount_mode | String | optional | default = "755",
    host | String | optional,
    path | String | optional,
    username | String | optional,
    password | String | optional,
    bucket | String | optional,
    provider | [| 'aws, 'azure, 'gcp, 'minio |] | optional | default = 'aws,
    region | String | optional,
    iops | Number | optional,
    throughput_mbps | Number | optional,
  },

  NetworkConfig = {
    name | String,
    description | String | optional,
    type | [| 'bridge, 'overlay, 'host, 'vlan |] | default = 'bridge,
    vlan_id | Number | optional,
    subnet | String,
    gateway | String | optional,
    dns_servers | Array String | optional,
    mtu | Number | optional | default = 1500,
    dhcp_enabled | Bool | optional | default = true,
    dhcp_start | String | optional,
    dhcp_end | String | optional,
    allow_outbound | Bool | optional | default = true,
    allow_inbound | Bool | optional | default = false,
    rules | Array { _ | String } | optional,
    bandwidth_limit_mbps | Number | optional,
    latency_ms | Number | optional,
  },

  NestedVmConfig = {
    name | String,
    description | String | optional,
    parent_vm | String,
    cpu | Number | default = 2,
    memory_mb | Number | default = 2048,
    disk_gb | Number | default = 20,
    nested_virt | Bool | optional | default = true,
    base_image | String | optional | default = "ubuntu-22.04",
    from_golden_image | String | optional,
    networks | Array String,
    static_ip | String | optional,
    dns | Array String | optional,
    volumes | Array String | optional,
    extra_disks | Array { _ | Number } | optional,
    auto_start | Bool | optional | default = false,
    start_order | Number | optional | default = 100,
    restart_policy | [| 'no, 'always, 'on_failure |] | optional | default = 'always,
  },

  ContainerConfig = {
    name | String,
    image | String,
    tag | String | optional | default = "latest",
    parent_vm | String,
    runtime | [| 'docker, 'podman, 'containerd |] | default = 'containerd,
    cpu_millicores | Number | optional | default = 1000,
    memory_mb | Number | optional | default = 512,
    disk_gb | Number | optional | default = 10,
    networks | Array String | optional,
    expose_ports | Array { _ | Number } | optional,
    environment | { _ | String } | optional,
    volumes | Array { _ | String } | optional,
    tmpfs | Number | optional,
    auto_start | Bool | optional | default = false,
    restart_policy | [| 'no, 'unless_stopped, 'always |] | optional | default = 'unless_stopped,
    health_check | { _ | String } | optional,
  },

  MultiTierDeployment = {
    name | String,
    version | String | optional | default = "1.0.0",
    description | String | optional,
    networks | Array NetworkConfig,
    volumes | Array VolumeConfig,
    parent_vms | Array String,
    nested_vms | Array NestedVmConfig,
    containers | Array ContainerConfig,
    replicas | Number | optional | default = 1,
    strategy | [| 'rolling, 'blue_green, 'canary |] | optional | default = 'rolling,
    health_check_interval | Number | optional | default = 30,
  },

  NetworkPolicy = {
    name | String,
    description | String | optional,
    direction | [| 'inbound, 'outbound, 'both |] | default = 'both,
    protocol | [| 'tcp, 'udp, 'icmp, 'all |] | default = 'all,
    source | String | optional,
    destination | String | optional,
    port_range | String | optional,
    action | [| 'allow, 'deny, 'log |] | default = 'allow,
    priority | Number | optional | default = 100,
  },

  VolumeSnapshot = {
    name | String,
    volume_name | String,
    created_at | String,
    size_gb | Number,
    checksum | String,
    description | String | optional,
    retention_days | Number | optional | default = 30,
    auto_delete | Bool | optional | default = true,
  },

  NestedProvisioningPolicy = {
    max_nesting_depth | Number | default = 3,
    max_vms_per_parent | Number | default = 10,
    max_containers_per_vm | Number | default = 50,
    max_cpu_per_vm | Number | default = 16,
    max_memory_per_vm | Number | default = 32768,
    max_disk_per_vm | Number | default = 500,
    default_network_type | String | default = "bridge",
    enable_ipv6 | Bool | optional | default = false,
    enable_vlan_tagging | Bool | optional | default = false,
    default_volume_type | String | default = "local",
    snapshot_retention_days | Number | default = 30,
    enable_security_hardening | Bool | optional | default = true,
    enable_network_isolation | Bool | optional | default = true,
    require_auth_between_tiers | Bool | optional | default = false,
  },
}
chore: complete nickel migration and consolidate legacy configs - Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/ 2026-01-08 09:55:37 +00:00			`# Nested Provisioning Contracts`
			`#`
			`# Type definitions for nested VM provisioning`
			`# Migrated from provisioning/kcl/nested_provisioning.k`

			`{`
			`VolumeConfig = {`
			`name \| String,`
			`description \| String \| optional,`
			`type \| [\| 'local, 'nfs, 'cifs, 'cloud, 'host \|] \| default = 'local,`
			`size_gb \| Number \| optional,`
			`mount_path \| String,`
			`readonly \| Bool \| optional \| default = false,`
			`mount_mode \| String \| optional \| default = "755",`
			`host \| String \| optional,`
			`path \| String \| optional,`
			`username \| String \| optional,`
			`password \| String \| optional,`
			`bucket \| String \| optional,`
			`provider \| [\| 'aws, 'azure, 'gcp, 'minio \|] \| optional \| default = 'aws,`
			`region \| String \| optional,`
			`iops \| Number \| optional,`
			`throughput_mbps \| Number \| optional,`
			`},`

			`NetworkConfig = {`
			`name \| String,`
			`description \| String \| optional,`
			`type \| [\| 'bridge, 'overlay, 'host, 'vlan \|] \| default = 'bridge,`
			`vlan_id \| Number \| optional,`
			`subnet \| String,`
			`gateway \| String \| optional,`
			`dns_servers \| Array String \| optional,`
			`mtu \| Number \| optional \| default = 1500,`
			`dhcp_enabled \| Bool \| optional \| default = true,`
			`dhcp_start \| String \| optional,`
			`dhcp_end \| String \| optional,`
			`allow_outbound \| Bool \| optional \| default = true,`
			`allow_inbound \| Bool \| optional \| default = false,`
			`rules \| Array { _ \| String } \| optional,`
			`bandwidth_limit_mbps \| Number \| optional,`
			`latency_ms \| Number \| optional,`
			`},`

			`NestedVmConfig = {`
			`name \| String,`
			`description \| String \| optional,`
			`parent_vm \| String,`
			`cpu \| Number \| default = 2,`
			`memory_mb \| Number \| default = 2048,`
			`disk_gb \| Number \| default = 20,`
			`nested_virt \| Bool \| optional \| default = true,`
			`base_image \| String \| optional \| default = "ubuntu-22.04",`
			`from_golden_image \| String \| optional,`
			`networks \| Array String,`
			`static_ip \| String \| optional,`
			`dns \| Array String \| optional,`
			`volumes \| Array String \| optional,`
			`extra_disks \| Array { _ \| Number } \| optional,`
			`auto_start \| Bool \| optional \| default = false,`
			`start_order \| Number \| optional \| default = 100,`
			`restart_policy \| [\| 'no, 'always, 'on_failure \|] \| optional \| default = 'always,`
			`},`

			`ContainerConfig = {`
			`name \| String,`
			`image \| String,`
			`tag \| String \| optional \| default = "latest",`
			`parent_vm \| String,`
			`runtime \| [\| 'docker, 'podman, 'containerd \|] \| default = 'containerd,`
			`cpu_millicores \| Number \| optional \| default = 1000,`
			`memory_mb \| Number \| optional \| default = 512,`
			`disk_gb \| Number \| optional \| default = 10,`
			`networks \| Array String \| optional,`
			`expose_ports \| Array { _ \| Number } \| optional,`
			`environment \| { _ \| String } \| optional,`
			`volumes \| Array { _ \| String } \| optional,`
			`tmpfs \| Number \| optional,`
			`auto_start \| Bool \| optional \| default = false,`
			`restart_policy \| [\| 'no, 'unless_stopped, 'always \|] \| optional \| default = 'unless_stopped,`
			`health_check \| { _ \| String } \| optional,`
			`},`

			`MultiTierDeployment = {`
			`name \| String,`
			`version \| String \| optional \| default = "1.0.0",`
			`description \| String \| optional,`
			`networks \| Array NetworkConfig,`
			`volumes \| Array VolumeConfig,`
			`parent_vms \| Array String,`
			`nested_vms \| Array NestedVmConfig,`
			`containers \| Array ContainerConfig,`
			`replicas \| Number \| optional \| default = 1,`
			`strategy \| [\| 'rolling, 'blue_green, 'canary \|] \| optional \| default = 'rolling,`
			`health_check_interval \| Number \| optional \| default = 30,`
			`},`

			`NetworkPolicy = {`
			`name \| String,`
			`description \| String \| optional,`
			`direction \| [\| 'inbound, 'outbound, 'both \|] \| default = 'both,`
			`protocol \| [\| 'tcp, 'udp, 'icmp, 'all \|] \| default = 'all,`
			`source \| String \| optional,`
			`destination \| String \| optional,`
			`port_range \| String \| optional,`
			`action \| [\| 'allow, 'deny, 'log \|] \| default = 'allow,`
			`priority \| Number \| optional \| default = 100,`
			`},`

			`VolumeSnapshot = {`
			`name \| String,`
			`volume_name \| String,`
			`created_at \| String,`
			`size_gb \| Number,`
			`checksum \| String,`
			`description \| String \| optional,`
			`retention_days \| Number \| optional \| default = 30,`
			`auto_delete \| Bool \| optional \| default = true,`
			`},`

			`NestedProvisioningPolicy = {`
			`max_nesting_depth \| Number \| default = 3,`
			`max_vms_per_parent \| Number \| default = 10,`
			`max_containers_per_vm \| Number \| default = 50,`
			`max_cpu_per_vm \| Number \| default = 16,`
			`max_memory_per_vm \| Number \| default = 32768,`
			`max_disk_per_vm \| Number \| default = 500,`
			`default_network_type \| String \| default = "bridge",`
			`enable_ipv6 \| Bool \| optional \| default = false,`
			`enable_vlan_tagging \| Bool \| optional \| default = false,`
			`default_volume_type \| String \| default = "local",`
			`snapshot_retention_days \| Number \| default = 30,`
			`enable_security_hardening \| Bool \| optional \| default = true,`
			`enable_network_isolation \| Bool \| optional \| default = true,`
			`require_auth_between_tiers \| Bool \| optional \| default = false,`
			`},`
			`}`