From 1508d9a96b4f35cd66666edae6bd422bed1f1086 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jesu=CC=81s=20Pe=CC=81rez?= Date: Mon, 12 Jan 2026 05:18:28 +0000 Subject: [PATCH] chore: update defs --- .cargo/audit.toml | 2 +- .cargo/config.toml | 36 +-- .clippy.toml | 2 +- .rustfmt.toml | 18 +- deny.toml | 22 +- docs/book.toml | 82 ++--- .../quick-start/local-development/config.toml | 114 +++---- .../workspaces/cost-optimized/config.toml | 186 +++++------ .../multi-provider-web-app/config.toml | 60 ++-- .../workspaces/multi-region-ha/config.toml | 152 ++++----- generators/generate/defs.toml | 16 +- schemas/platform/constraints/constraints.toml | 294 +++++++++--------- 12 files changed, 492 insertions(+), 492 deletions(-) diff --git a/.cargo/audit.toml b/.cargo/audit.toml index b965267..a9b08b3 100644 --- a/.cargo/audit.toml +++ b/.cargo/audit.toml @@ -18,7 +18,7 @@ deny = ["unmaintained", "unsound", "yanked"] # Specific vulnerability IDs to ignore (in case of false positives) # You can use: https://rustsec.org/ ignore = [ - # Example: { id = "RUSTSEC-2023-XXXX", reason = "Not applicable to our use case" } + # Example: { id = "RUSTSEC-2023-XXXX", reason = "Not applicable to our use case" } ] # How to handle vulnerabilities based on severity diff --git a/.cargo/config.toml b/.cargo/config.toml index cb95ce4..7622ef4 100644 --- a/.cargo/config.toml +++ b/.cargo/config.toml @@ -10,51 +10,51 @@ jobs = 4 [profile.dev] # Development profile - fast compilation, debug info -opt-level = 0 debug = true debug-assertions = true -overflow-checks = true -lto = false -panic = "unwind" incremental = true +lto = false +opt-level = 0 +overflow-checks = true +panic = "unwind" [profile.release] # Release profile - slow compilation, optimized binary -opt-level = 3 +codegen-units = 1 debug = false debug-assertions = false -overflow-checks = false -lto = "thin" -codegen-units = 1 -panic = "abort" incremental = false +lto = "thin" +opt-level = 3 +overflow-checks = false +panic = "abort" strip = false [profile.test] # Test profile - inherits from dev but can be optimized -opt-level = 1 debug = true debug-assertions = true -overflow-checks = true -lto = false incremental = true +lto = false +opt-level = 1 +overflow-checks = true [profile.bench] # Benchmark profile - same as release -opt-level = 3 +codegen-units = 1 debug = false debug-assertions = false -overflow-checks = false -lto = "thin" -codegen-units = 1 incremental = false +lto = "thin" +opt-level = 3 +overflow-checks = false [term] # Terminal colors color = "auto" -verbose = false progress.when = "auto" progress.width = 80 +verbose = false [net] # Network settings @@ -68,5 +68,5 @@ offline = false # Custom cargo commands build-all = "build --all-targets" check-all = "check --all-targets --all-features" -test-all = "test --all-features --workspace" doc-all = "doc --all-features --no-deps --open" +test-all = "test --all-features --workspace" diff --git a/.clippy.toml b/.clippy.toml index 5da36da..faa71bc 100644 --- a/.clippy.toml +++ b/.clippy.toml @@ -3,8 +3,8 @@ # Lint level thresholds cognitive-complexity-threshold = 25 -type-complexity-threshold = 500 excessive-nesting-threshold = 5 +type-complexity-threshold = 500 # Allowed patterns (prevent lints on specific code) # allow-expect-in-tests = true diff --git a/.rustfmt.toml b/.rustfmt.toml index 8bd3887..8ebc4d9 100644 --- a/.rustfmt.toml +++ b/.rustfmt.toml @@ -4,19 +4,19 @@ # Basic formatting options edition = "2021" -max_width = 100 hard_tabs = false -tab_spaces = 4 +max_width = 100 newline_style = "Unix" +tab_spaces = 4 # Code structure use_small_heuristics = "Default" # Imports +group_imports = "StdExternalCrate" +remove_nested_parens = true reorder_imports = true reorder_modules = true -remove_nested_parens = true -group_imports = "StdExternalCrate" # Match expressions match_block_trailing_comma = false @@ -26,28 +26,28 @@ chain_width = 60 # Comment formatting (nightly) comment_width = 80 -wrap_comments = true normalize_comments = true normalize_doc_attributes = true +wrap_comments = true # Spaces and indentation (nightly) -fn_single_line = false fn_params_layout = "Tall" +fn_single_line = false where_single_line = false # Formatting (nightly) -format_strings = true format_code_in_doc_comments = false +format_strings = true # Spaces (nightly) -space_before_colon = false space_after_colon = true +space_before_colon = false spaces_around_ranges = false # Line breaks (nightly) -match_arm_blocks = true blank_lines_lower_bound = 0 blank_lines_upper_bound = 1 +match_arm_blocks = true # Enable nightly features unstable_features = true diff --git a/deny.toml b/deny.toml index 279d3b2..d9e28dd 100644 --- a/deny.toml +++ b/deny.toml @@ -6,22 +6,22 @@ db-path = "~/.cargo/advisory-db" db-urls = ["https://github.com/rustsec/advisory-db"] [licenses] -unlicensed = "deny" allow = [ - "MIT", - "MIT-0", - "Apache-2.0", - "Apache-2.0 WITH LLVM-exception", - "BSD-2-Clause", - "BSD-3-Clause", - "ISC", - "Unicode-DFS-2016", + "MIT", + "MIT-0", + "Apache-2.0", + "Apache-2.0 WITH LLVM-exception", + "BSD-2-Clause", + "BSD-3-Clause", + "ISC", + "Unicode-DFS-2016", ] +unlicensed = "deny" [bans] multiple-versions = "warn" [sources] -unknown-registry = "deny" -unknown-git = "deny" allow-registry = ["https://github.com/rust-lang/crates.io-index"] +unknown-git = "deny" +unknown-registry = "deny" diff --git a/docs/book.toml b/docs/book.toml index f1ebdf2..4125abf 100644 --- a/docs/book.toml +++ b/docs/book.toml @@ -1,10 +1,10 @@ [book] -title = "Provisioning Platform Documentation" authors = ["Provisioning Platform Team"] description = "Complete documentation for the Provisioning Platform - Infrastructure automation with Nushell, KCL, and Rust" language = "en" multilingual = false src = "src" +title = "Provisioning Platform Documentation" [build] build-dir = "book" @@ -15,56 +15,56 @@ create-missing = true [output.html] # theme = "theme" # Commented out - using default mdbook theme -default-theme = "ayu" -preferred-dark-theme = "navy" -smart-punctuation = true # Renamed from curly-quotes -mathjax-support = false -copy-fonts = true -no-section-label = false -git-repository-url = "https://github.com/provisioning/provisioning-platform" -git-repository-icon = "fa-github" -edit-url-template = "https://github.com/provisioning/provisioning-platform/edit/main/provisioning/docs/{path}" -site-url = "/docs/" cname = "docs.provisioning.local" +copy-fonts = true +default-theme = "ayu" +edit-url-template = "https://github.com/provisioning/provisioning-platform/edit/main/provisioning/docs/{path}" +git-repository-icon = "fa-github" +git-repository-url = "https://github.com/provisioning/provisioning-platform" +mathjax-support = false +no-section-label = false +preferred-dark-theme = "navy" +site-url = "/docs/" +smart-punctuation = true # Renamed from curly-quotes # input-404 = "404.md" # Commented out - 404.md not created yet -[output.html.print] -enable = true + [output.html.print] + enable = true -[output.html.fold] -enable = true -level = 1 + [output.html.fold] + enable = true + level = 1 -[output.html.playground] -editable = false -copyable = true -copy-js = true -line-numbers = true -runnable = false + [output.html.playground] + copy-js = true + copyable = true + editable = false + line-numbers = true + runnable = false -[output.html.search] -enable = true -limit-results = 30 -teaser-word-count = 30 -use-boolean-and = true -boost-title = 2 -boost-hierarchy = 1 -boost-paragraph = 1 -expand = true -heading-split-level = 3 + [output.html.search] + boost-hierarchy = 1 + boost-paragraph = 1 + boost-title = 2 + enable = true + expand = true + heading-split-level = 3 + limit-results = 30 + teaser-word-count = 30 + use-boolean-and = true -[output.html.code.highlightjs] -additional-languages = ["nushell", "toml", "yaml", "bash", "rust", "kcl"] + [output.html.code.highlightjs] + additional-languages = ["nushell", "toml", "yaml", "bash", "rust", "kcl"] -[output.html.code] -hidelines = {} + [output.html.code] + hidelines = {} -[[output.html.code.highlightjs.theme]] -light = "ayu-light" -dark = "ayu-dark" + [[output.html.code.highlightjs.theme]] + dark = "ayu-dark" + light = "ayu-light" -[output.html.redirect] -# Add redirects for moved pages if needed + [output.html.redirect] + # Add redirects for moved pages if needed [rust] edition = "2021" diff --git a/docs/src/development/examples/quick-start/local-development/config.toml b/docs/src/development/examples/quick-start/local-development/config.toml index 796120c..ed8c842 100644 --- a/docs/src/development/examples/quick-start/local-development/config.toml +++ b/docs/src/development/examples/quick-start/local-development/config.toml @@ -13,41 +13,41 @@ kloud = "." [debug] # Enable debug mode for learning and troubleshooting +check = false enabled = true log_level = "debug" metadata = true -check = false -remote = false no_terminal = false +remote = false [output] # Human-readable output formats for learning -format = "yaml" file_viewer = "less" +format = "yaml" # Provider configuration for local development [providers] default = "local" -[providers.local] -# Local provider settings -interface = "CLI" -container_runtime = "docker" # or "podman" -network_driver = "bridge" + [providers.local] + # Local provider settings + container_runtime = "docker" # or "podman" + interface = "CLI" + network_driver = "bridge" -# Local development network settings -network_cidr = "192.168.100.0/24" -enable_port_forwarding = true + # Local development network settings + enable_port_forwarding = true + network_cidr = "192.168.100.0/24" -# Resource limits for local development -[providers.local.resource_limits] -max_memory_per_server = "1GB" -max_cpu_cores_per_server = 2 -max_storage_per_server = "20GB" + # Resource limits for local development + [providers.local.resource_limits] + max_cpu_cores_per_server = 2 + max_memory_per_server = "1GB" + max_storage_per_server = "20GB" # SOPS configuration (simplified for local development) [sops] -use_sops = false # Disable encryption for local dev to keep things simple +use_sops = false # Disable encryption for local dev to keep things simple # If you want to practice with SOPS locally, set to true and configure keys # Development-specific settings @@ -57,18 +57,18 @@ auto_approve = true # Cleanup settings cleanup_on_error = true -cleanup_on_shutdown = false # Keep resources between sessions +cleanup_on_shutdown = false # Keep resources between sessions # Development helper settings +debug_on_error = true enable_dev_mode = true verbose_logging = true -debug_on_error = true # Cache settings for development [cache] -enabled = false # Disable caching for development to see real-time changes -path = "./.provisioning-cache" +enabled = false # Disable caching for development to see real-time changes max_size = "100MB" +path = "./.provisioning-cache" # Task service runtime paths [taskservs] @@ -79,8 +79,8 @@ run_path = "./run/clusters" # Generation settings [generation] -dir_path = "./generated" defs_file = "defs.toml" +dir_path = "./generated" # Local development notifications (disabled for quiet operation) [notifications] @@ -94,41 +94,41 @@ use_tera_plugin = true # Environment overrides for development [environments.development] +auto_approve = true debug.enabled = true debug.log_level = "debug" providers.default = "local" -auto_approve = true # Validation settings for development [validation] -strict_mode = false # Relaxed validation for learning -warn_on_missing = true fail_on_error = false +strict_mode = false # Relaxed validation for learning +warn_on_missing = true # Development-specific limits and quotas [limits] +max_concurrent_operations = 2 max_servers = 5 max_services_per_server = 10 -max_concurrent_operations = 2 timeout_seconds = 300 # Local development extensions [extensions] -path = "" mode = "development" +path = "" profile = "learning" # Security settings (relaxed for local development) [security] -require_confirmation = false # Speed up development workflow -strict_validation = false log_sensitive_data = false +require_confirmation = false # Speed up development workflow +strict_validation = false # Performance settings for local development [performance] -parallel_operations = 2 # Limit parallelism for local resources cache_enabled = false -timeout_multiplier = 1.5 # Give more time for local operations +parallel_operations = 2 # Limit parallelism for local resources +timeout_multiplier = 1.5 # Give more time for local operations # Local development specific configurations [local_dev] @@ -139,67 +139,67 @@ auto_cleanup_age = "7d" enable_aliases = true enable_shortcuts = true -# Port ranges for development services -[local_dev.port_ranges] -web = "8000-8999" -api = "9000-9999" -database = "5000-5999" -cache = "6000-6999" + # Port ranges for development services + [local_dev.port_ranges] + api = "9000-9999" + cache = "6000-6999" + database = "5000-5999" + web = "8000-8999" -# Development database settings -[local_dev.database_defaults] -auto_create_dev_db = true -enable_query_logging = true -relaxed_security = true # WARNING: Only for local development! + # Development database settings + [local_dev.database_defaults] + auto_create_dev_db = true + enable_query_logging = true + relaxed_security = true # WARNING: Only for local development! # Container settings for local development [containers] -auto_remove = true # Clean up containers automatically +auto_remove = true # Clean up containers automatically enable_debug_mode = true -mount_source_code = true # Mount local directories for development +mount_source_code = true # Mount local directories for development # Network settings for local development [network] -enable_host_networking = true # Allow easy access from host auto_assign_ports = true +enable_host_networking = true # Allow easy access from host enable_service_discovery = true # Monitoring settings (lightweight for local development) [monitoring] +enable_alerts = false # No alerts needed for local development enabled = true -retention_period = "24h" # Short retention for local dev metrics_interval = "30s" -enable_alerts = false # No alerts needed for local development +retention_period = "24h" # Short retention for local dev # Backup settings for local development [backup] -enabled = false # No backups needed for disposable local environment auto_backup = false +enabled = false # No backups needed for disposable local environment # Integration settings [integration] # Enable integrations useful for development enable_git_hooks = false -enable_ide_integration = true enable_hot_reload = true +enable_ide_integration = true # Learning and documentation helpers [learning] +enable_interactive_help = true +include_examples = true show_helpful_tips = true verbose_explanations = true -include_examples = true -enable_interactive_help = true # Example-specific metadata [example] -name = "local-development" description = "Basic local development environment setup" difficulty = "beginner" estimated_time = "15-30 minutes" -requirements = ["docker", "4GB RAM", "10GB disk"] learning_objectives = [ - "Understanding basic provisioning concepts", - "Setting up local infrastructure", - "Managing servers and services", - "Using the provisioning CLI" + "Understanding basic provisioning concepts", + "Setting up local infrastructure", + "Managing servers and services", + "Using the provisioning CLI", ] +name = "local-development" +requirements = ["docker", "4GB RAM", "10GB disk"] diff --git a/examples/workspaces/cost-optimized/config.toml b/examples/workspaces/cost-optimized/config.toml index 08574b4..75ce654 100644 --- a/examples/workspaces/cost-optimized/config.toml +++ b/examples/workspaces/cost-optimized/config.toml @@ -2,174 +2,174 @@ # Multi-provider cost optimization using provider specialization [workspace] -name = "cost-optimized" -environment = "production" -owner = "platform-team" description = "Cost-optimized deployment using Hetzner compute, AWS managed services, and DigitalOcean CDN" +environment = "production" +name = "cost-optimized" +owner = "platform-team" # Hetzner Configuration - Compute Tier (Best price/performance) [providers.hetzner] -enabled = true -token_env = "HCLOUD_TOKEN" -default_location = "nbg1" default_datacenter = "nbg1-dc8" +default_location = "nbg1" +enabled = true provider_type = "primary_compute" +token_env = "HCLOUD_TOKEN" -[providers.hetzner.settings] -enable_automount = false -default_volume_format = "ext4" -server_type_default = "cpx21" -region_name = "eu-central" + [providers.hetzner.settings] + default_volume_format = "ext4" + enable_automount = false + region_name = "eu-central" + server_type_default = "cpx21" # AWS Configuration - Managed Services [providers.aws] -enabled = true -region = "us-east-1" access_key_env = "AWS_ACCESS_KEY_ID" -secret_key_env = "AWS_SECRET_ACCESS_KEY" +enabled = true provider_type = "managed_services" +region = "us-east-1" +secret_key_env = "AWS_SECRET_ACCESS_KEY" -[providers.aws.settings] -multi_az = true -backup_retention_days = 30 -enable_performance_insights = true -enable_enhanced_monitoring = true -region_name = "us-east" + [providers.aws.settings] + backup_retention_days = 30 + enable_enhanced_monitoring = true + enable_performance_insights = true + multi_az = true + region_name = "us-east" # DigitalOcean Configuration - CDN and Storage [providers.digitalocean] -enabled = true -token_env = "DIGITALOCEAN_TOKEN" default_region = "nyc3" +enabled = true provider_type = "cdn_and_storage" +token_env = "DIGITALOCEAN_TOKEN" -[providers.digitalocean.settings] -enable_monitoring = true -enable_backups = false -spaces_region = "nyc3" -region_name = "us-east-cdn" + [providers.digitalocean.settings] + enable_backups = false + enable_monitoring = true + region_name = "us-east-cdn" + spaces_region = "nyc3" # Cost Tracking and Budgets [cost_tracking] +budget_alert_threshold = 280 enabled = true monthly_budget = 300 -budget_alert_threshold = 280 -[cost_tracking.regional_budgets] -hetzner = 75 -aws = 120 -digitalocean = 65 + [cost_tracking.regional_budgets] + aws = 120 + digitalocean = 65 + hetzner = 75 -[cost_tracking.optimization_targets] -hetzner_compute = "€20.90/month per CPX21 (vs €45+ for equivalent AWS)" -aws_managed = "$100/month for all managed services (vs $200+ for self-managed)" -digitalocean_cdn = "$64/month for CDN and storage (vs $150+ for CloudFront)" + [cost_tracking.optimization_targets] + aws_managed = "$100/month for all managed services (vs $200+ for self-managed)" + digitalocean_cdn = "$64/month for CDN and storage (vs $150+ for CloudFront)" + hetzner_compute = "€20.90/month per CPX21 (vs €45+ for equivalent AWS)" # Deployment Configuration [deployment] -strategy = "rolling" batch_size = 1 health_check_wait = 60 -rollback_on_failure = true order = ["hetzner", "aws", "digitalocean"] +rollback_on_failure = true +strategy = "rolling" # Networking Configuration [networking] enable_vpn_tunnels = true -vpn_protocol = "ipsec" -vpn_encryption = "aes-256" vpn_authentication = "sha256" +vpn_encryption = "aes-256" +vpn_protocol = "ipsec" -[networking.cidr_blocks] -hetzner = "10.0.0.0/16" -aws = "10.1.0.0/16" + [networking.cidr_blocks] + aws = "10.1.0.0/16" + hetzner = "10.0.0.0/16" # Monitoring and Alerting [monitoring] +alert_on_threshold_exceeded = true enabled = true metric_collection_interval = 60 -alert_on_threshold_exceeded = true -[monitoring.thresholds] -cpu = 80 -memory = 85 -disk = 90 -queue_depth = 1000 + [monitoring.thresholds] + cpu = 80 + disk = 90 + memory = 85 + queue_depth = 1000 -[monitoring.critical_alerts] -database_cpu_high = { threshold = 75, action = "scale_up", severity = "warning" } -queue_depth_high = { threshold = 1000, action = "alert", severity = "critical" } -cache_eviction_high = { threshold = 10, action = "alert", severity = "warning" } + [monitoring.critical_alerts] + cache_eviction_high = { threshold = 10, action = "alert", severity = "warning" } + database_cpu_high = { threshold = 75, action = "scale_up", severity = "warning" } + queue_depth_high = { threshold = 1000, action = "alert", severity = "critical" } # Backup Configuration [backup] +compression = true enabled = true +encryption = true frequency = "daily" retention_days = 30 -compression = true -encryption = true -[backup.strategies] -rds = "AWS managed, 30-day retention" -application = "Weekly Hetzner snapshots" -cdn = "Weekly Spaces backups to secondary region" + [backup.strategies] + application = "Weekly Hetzner snapshots" + cdn = "Weekly Spaces backups to secondary region" + rds = "AWS managed, 30-day retention" # Performance Configuration [performance] -enable_caching = true cache_ttl = 3600 cdn_cache_ttl = 86400 +enable_caching = true -[performance.optimization] -database = "Use read replicas for read-heavy workloads" -cache = "ElastiCache Redis for session and data caching" -cdn = "Serve static assets from DigitalOcean CDN" -queue = "SQS for async job processing" + [performance.optimization] + cache = "ElastiCache Redis for session and data caching" + cdn = "Serve static assets from DigitalOcean CDN" + database = "Use read replicas for read-heavy workloads" + queue = "SQS for async job processing" # Scaling Configuration [scaling] auto_scale_enabled = true -[scaling.hetzner] -min_instances = 2 -max_instances = 5 -scale_up_cpu_threshold = 80 -scale_down_cpu_threshold = 30 + [scaling.hetzner] + max_instances = 5 + min_instances = 2 + scale_down_cpu_threshold = 30 + scale_up_cpu_threshold = 80 -[scaling.aws] -auto_scaling_enabled = false -note = "RDS handles scaling automatically, SQS scales automatically" + [scaling.aws] + auto_scaling_enabled = false + note = "RDS handles scaling automatically, SQS scales automatically" # Security Configuration [security] +backup_encryption = true enable_encryption = true enable_monitoring = true -backup_encryption = true -[security.vpn_tunnel] -encryption_algorithm = "AES-256" -authentication = "SHA256" -dh_group = "Group 14" -encryption_integrity = "enabled" + [security.vpn_tunnel] + authentication = "SHA256" + dh_group = "Group 14" + encryption_algorithm = "AES-256" + encryption_integrity = "enabled" # Application Settings [application] app_name = "cost-optimized-app" version = "1.0" -[application.database] -engine = "postgresql" -version = "14.6" -connection_pool = 20 -idle_timeout = 900 + [application.database] + connection_pool = 20 + engine = "postgresql" + idle_timeout = 900 + version = "14.6" -[application.cache] -engine = "redis" -version = "7.0" -max_memory = "250MB" -eviction_policy = "allkeys-lru" + [application.cache] + engine = "redis" + eviction_policy = "allkeys-lru" + max_memory = "250MB" + version = "7.0" -[application.queue] -max_message_size = 262144 -default_visibility_timeout = 300 -long_poll_interval = 20 + [application.queue] + default_visibility_timeout = 300 + long_poll_interval = 20 + max_message_size = 262144 diff --git a/examples/workspaces/multi-provider-web-app/config.toml b/examples/workspaces/multi-provider-web-app/config.toml index ec33d29..8266c28 100644 --- a/examples/workspaces/multi-provider-web-app/config.toml +++ b/examples/workspaces/multi-provider-web-app/config.toml @@ -2,81 +2,81 @@ # Credentials and provider-specific settings [workspace] -name = "multi-provider-web-app" -environment = "production" -owner = "platform-team" description = "Web application across DigitalOcean, AWS, and Hetzner" +environment = "production" +name = "multi-provider-web-app" +owner = "platform-team" # DigitalOcean Configuration [providers.digitalocean] +default_region = "nyc3" enabled = true token_env = "DIGITALOCEAN_TOKEN" -default_region = "nyc3" -[providers.digitalocean.settings] -enable_monitoring = true -enable_backups = true -enable_ipv6 = true + [providers.digitalocean.settings] + enable_backups = true + enable_ipv6 = true + enable_monitoring = true # AWS Configuration [providers.aws] +access_key_env = "AWS_ACCESS_KEY_ID" enabled = true region = "us-east-1" -access_key_env = "AWS_ACCESS_KEY_ID" secret_key_env = "AWS_SECRET_ACCESS_KEY" -[providers.aws.settings] -multi_az = true -backup_retention_days = 30 -enable_performance_insights = true -enable_enhanced_monitoring = true + [providers.aws.settings] + backup_retention_days = 30 + enable_enhanced_monitoring = true + enable_performance_insights = true + multi_az = true # Hetzner Configuration [providers.hetzner] +default_datacenter = "nbg1-dc8" +default_location = "nbg1" enabled = true token_env = "HCLOUD_TOKEN" -default_location = "nbg1" -default_datacenter = "nbg1-dc8" -[providers.hetzner.settings] -enable_automount = false -default_volume_format = "ext4" + [providers.hetzner.settings] + default_volume_format = "ext4" + enable_automount = false # Deployment Settings [deployment] -strategy = "rolling" batch_size = 1 health_check_wait = 60 rollback_on_failure = true +strategy = "rolling" # Monitoring Settings [monitoring] +alert_on_threshold_exceeded = true enabled = true metric_collection_interval = 60 -alert_on_threshold_exceeded = true -[monitoring.thresholds] -cpu = 80 -memory = 85 -disk = 90 -network = 1000 + [monitoring.thresholds] + cpu = 80 + disk = 90 + memory = 85 + network = 1000 # Backup Settings [backup] +compression = true enabled = true +encryption = true frequency = "daily" retention_days = 30 -compression = true -encryption = true # Network Settings [networking] enable_vpn_tunnels = true -vpn_protocol = "ipsec" vpn_encryption = "aes-256" +vpn_protocol = "ipsec" # Cost Tracking [cost_tracking] -enabled = true budget_alert_threshold = 200 +enabled = true monthly_budget = 300 diff --git a/examples/workspaces/multi-region-ha/config.toml b/examples/workspaces/multi-region-ha/config.toml index af66055..b4d423e 100644 --- a/examples/workspaces/multi-region-ha/config.toml +++ b/examples/workspaces/multi-region-ha/config.toml @@ -2,150 +2,150 @@ # Global deployment across 3 providers and 3 geographic regions [workspace] -name = "multi-region-ha" -environment = "production" -owner = "platform-team" description = "High availability deployment across DigitalOcean (US), Hetzner (EU), and AWS (APAC)" +environment = "production" +name = "multi-region-ha" +owner = "platform-team" # DigitalOcean Configuration - US East (Primary) [providers.digitalocean] -enabled = true -token_env = "DIGITALOCEAN_TOKEN" default_region = "nyc3" +enabled = true region_name = "us-east" +token_env = "DIGITALOCEAN_TOKEN" -[providers.digitalocean.settings] -enable_monitoring = true -enable_backups = true -enable_ipv6 = true -failover_primary = true + [providers.digitalocean.settings] + enable_backups = true + enable_ipv6 = true + enable_monitoring = true + failover_primary = true # Hetzner Configuration - EU Central (Secondary) [providers.hetzner] -enabled = true -token_env = "HCLOUD_TOKEN" -default_location = "nbg1" default_datacenter = "nbg1-dc8" +default_location = "nbg1" +enabled = true region_name = "eu-central" +token_env = "HCLOUD_TOKEN" -[providers.hetzner.settings] -enable_automount = false -default_volume_format = "ext4" -failover_secondary = true + [providers.hetzner.settings] + default_volume_format = "ext4" + enable_automount = false + failover_secondary = true # AWS Configuration - Asia Pacific (Tertiary) [providers.aws] +access_key_env = "AWS_ACCESS_KEY_ID" enabled = true region = "ap-southeast-1" -access_key_env = "AWS_ACCESS_KEY_ID" -secret_key_env = "AWS_SECRET_ACCESS_KEY" region_name = "asia-southeast" +secret_key_env = "AWS_SECRET_ACCESS_KEY" -[providers.aws.settings] -multi_az = true -backup_retention_days = 30 -enable_performance_insights = true -failover_tertiary = true + [providers.aws.settings] + backup_retention_days = 30 + enable_performance_insights = true + failover_tertiary = true + multi_az = true # Global DNS Configuration [dns] -provider = "route53" domain = "api.example.com" -ttl = 60 health_check_interval = 30 +provider = "route53" +ttl = 60 -# Regional DNS Records -[dns.regions.us_east] -subdomain = "us" -endpoint = "us.api.example.com" -health_check_path = "/health" + # Regional DNS Records + [dns.regions.us_east] + endpoint = "us.api.example.com" + health_check_path = "/health" + subdomain = "us" -[dns.regions.eu_central] -subdomain = "eu" -endpoint = "eu.api.example.com" -health_check_path = "/health" + [dns.regions.eu_central] + endpoint = "eu.api.example.com" + health_check_path = "/health" + subdomain = "eu" -[dns.regions.asia_southeast] -subdomain = "asia" -endpoint = "asia.api.example.com" -health_check_path = "/health" + [dns.regions.asia_southeast] + endpoint = "asia.api.example.com" + health_check_path = "/health" + subdomain = "asia" # Database Replication Configuration [database_replication] +backup_retention_days = 30 +max_replication_slots = 5 +max_wal_senders = 5 mode = "multi-master" primary_region = "us-east" +replication_lag_tolerance_seconds = 300 replication_method = "logical" wal_level = "logical" -max_wal_senders = 5 -max_replication_slots = 5 -replication_lag_tolerance_seconds = 300 -backup_retention_days = 30 # VPN and Networking [networking] enable_vpn_tunnels = true -vpn_protocol = "ipsec" -vpn_encryption = "aes-256" vpn_authentication = "sha256" +vpn_encryption = "aes-256" +vpn_protocol = "ipsec" -[networking.vpn_tunnels] -us_to_eu = { name = "us-eu-vpn", source_network = "10.0.0.0/16", destination_network = "10.1.0.0/16" } -eu_to_asia = { name = "eu-asia-vpn", source_network = "10.1.0.0/16", destination_network = "10.2.0.0/16" } -asia_to_us = { name = "asia-us-vpn", source_network = "10.2.0.0/16", destination_network = "10.0.0.0/16" } + [networking.vpn_tunnels] + asia_to_us = { name = "asia-us-vpn", source_network = "10.2.0.0/16", destination_network = "10.0.0.0/16" } + eu_to_asia = { name = "eu-asia-vpn", source_network = "10.1.0.0/16", destination_network = "10.2.0.0/16" } + us_to_eu = { name = "us-eu-vpn", source_network = "10.0.0.0/16", destination_network = "10.1.0.0/16" } # Deployment Settings [deployment] -strategy = "rolling" batch_size = 1 health_check_wait = 60 -rollback_on_failure = true order = ["us-east", "eu-central", "asia-southeast"] +rollback_on_failure = true +strategy = "rolling" # Regional Monitoring Settings [monitoring] +alert_on_threshold_exceeded = true enabled = true metric_collection_interval = 60 -alert_on_threshold_exceeded = true -[monitoring.thresholds] -cpu = 80 -memory = 85 -disk = 90 -replication_lag = 600 + [monitoring.thresholds] + cpu = 80 + disk = 90 + memory = 85 + replication_lag = 600 -[monitoring.alerts] -high_cpu = { condition = "cpu > 80%", action = "scale-up", severity = "warning" } -high_memory = { condition = "memory > 85%", action = "alert", severity = "warning" } -replication_lag_critical = { condition = "replication_lag > 600s", action = "alert", severity = "critical" } -region_down = { condition = "health_check_failed", action = "failover", severity = "critical" } + [monitoring.alerts] + high_cpu = { condition = "cpu > 80%", action = "scale-up", severity = "warning" } + high_memory = { condition = "memory > 85%", action = "alert", severity = "warning" } + region_down = { condition = "health_check_failed", action = "failover", severity = "critical" } + replication_lag_critical = { condition = "replication_lag > 600s", action = "alert", severity = "critical" } # Backup and Disaster Recovery [backup] +compression = true enabled = true +encryption = true frequency = "daily" retention_days = 30 -compression = true -encryption = true -[backup.regions] -us_east = { strategy = "automated", retention = "30 days" } -eu_central = { strategy = "replica-backup", retention = "30 days" } -asia_southeast = { strategy = "replica-backup", retention = "30 days" } + [backup.regions] + asia_southeast = { strategy = "replica-backup", retention = "30 days" } + eu_central = { strategy = "replica-backup", retention = "30 days" } + us_east = { strategy = "automated", retention = "30 days" } # Health Checks [health_checks] -us_east = { protocol = "HTTPS", port = 443, path = "/health", interval = 30 } -eu_central = { protocol = "HTTPS", port = 443, path = "/health", interval = 30 } asia_southeast = { protocol = "HTTPS", port = 443, path = "/health", interval = 30 } +eu_central = { protocol = "HTTPS", port = 443, path = "/health", interval = 30 } +us_east = { protocol = "HTTPS", port = 443, path = "/health", interval = 30 } # Cost Tracking [cost_tracking] -enabled = true budget_alert_threshold = 300 +enabled = true monthly_budget = 350 -[cost_tracking.regional_budgets] -us_east = 102 -eu_central = 79 -asia_southeast = 130 -total_estimate = 311 + [cost_tracking.regional_budgets] + asia_southeast = 130 + eu_central = 79 + total_estimate = 311 + us_east = 102 diff --git a/generators/generate/defs.toml b/generators/generate/defs.toml index 947e878..2e421f2 100644 --- a/generators/generate/defs.toml +++ b/generators/generate/defs.toml @@ -1,15 +1,15 @@ [[defs_values]] -input_type = "text" -numchar = 0 -msg = "Kloud title" -var = "kloud_title" default_value = "$name" +input_type = "text" +msg = "Kloud title" not_empty = false +numchar = 0 +var = "kloud_title" [[defs_values]] -input_type = "text" -numchar = 3 -msg = "Confirmar" -var = "confirm" default_value = "yes" +input_type = "text" +msg = "Confirmar" not_empty = true +numchar = 3 +var = "confirm" diff --git a/schemas/platform/constraints/constraints.toml b/schemas/platform/constraints/constraints.toml index 21f044d..205ed3c 100644 --- a/schemas/platform/constraints/constraints.toml +++ b/schemas/platform/constraints/constraints.toml @@ -8,325 +8,325 @@ # ============================================================================ [orchestrator.workers] -min = 1 -max = 32 description = "Workflow engine worker thread count" +max = 32 +min = 1 [orchestrator.queue.concurrent_tasks] -min = 1 -max = 100 description = "Maximum concurrent tasks in workflow queue" +max = 100 +min = 1 [orchestrator.queue.retry_attempts] -min = 0 -max = 10 description = "Retry attempts for failed tasks" +max = 10 +min = 0 [orchestrator.queue.retry_delay] -min = 1000 -max = 60000 description = "Delay between retries in milliseconds (1s-60s)" +max = 60000 +min = 1000 [orchestrator.queue.task_timeout] -min = 60000 -max = 86400000 description = "Task execution timeout in milliseconds (1min-24hrs)" +max = 86400000 +min = 60000 [orchestrator.batch.parallel_limit] -min = 1 -max = 50 description = "Batch workflow parallel operation limit" +max = 50 +min = 1 [orchestrator.batch.operation_timeout] -min = 60000 -max = 3600000 description = "Batch operation timeout in milliseconds (1min-1hr)" +max = 3600000 +min = 60000 [orchestrator.extensions.max_concurrent] -min = 1 -max = 20 description = "Max concurrent extension operations" +max = 20 +min = 1 # ============================================================================ # CONTROL CENTER CONSTRAINTS # ============================================================================ [control_center.jwt.token_expiration] -min = 300 -max = 604800 description = "JWT token expiration in seconds (5min-7days)" +max = 604800 +min = 300 [control_center.jwt.refresh_expiration] -min = 3600 -max = 2592000 description = "JWT refresh token expiration in seconds (1hr-30days)" +max = 2592000 +min = 3600 [control_center.rate_limiting.max_requests] -min = 10 -max = 10000 description = "Rate limiting max requests per window" +max = 10000 +min = 10 [control_center.rate_limiting.window_seconds] -min = 1 -max = 3600 description = "Rate limiting window in seconds" +max = 3600 +min = 1 [control_center.session.max_duration] -min = 900 -max = 2592000 description = "Session max duration in seconds (15min-30days)" +max = 2592000 +min = 900 [control_center.mfa.max_attempts] -min = 1 -max = 10 description = "MFA authentication max attempts before lockout" +max = 10 +min = 1 [control_center.audit.retention_days] -min = 1 -max = 3650 description = "Audit log retention in days (1-10 years)" +max = 3650 +min = 1 # ============================================================================ # MCP SERVER CONSTRAINTS # ============================================================================ [mcp_server.tools.max_concurrent] -min = 1 -max = 20 description = "Maximum concurrent tool executions" +max = 20 +min = 1 [mcp_server.tools.timeout] -min = 5000 -max = 600000 description = "Tool execution timeout in milliseconds (5s-10min)" +max = 600000 +min = 5000 [mcp_server.resources.max_size] -min = 1048576 -max = 1073741824 description = "Maximum resource size in bytes (1MB-1GB)" +max = 1073741824 +min = 1048576 [mcp_server.resources.cache_ttl] -min = 60 -max = 3600 description = "Resource cache TTL in seconds (1min-1hr)" +max = 3600 +min = 60 [mcp_server.prompts.max_templates] -min = 1 -max = 100 description = "Maximum custom prompt templates" +max = 100 +min = 1 [mcp_server.sampling.max_tokens] -min = 100 -max = 100000 description = "Max tokens for sampling operations" +max = 100000 +min = 100 # ============================================================================ # COMMON CONSTRAINTS # ============================================================================ [common.server.port] -min = 1024 -max = 65535 description = "Valid port range (avoid system ports < 1024)" +max = 65535 +min = 1024 [common.server.workers] -min = 1 -max = 32 description = "HTTP server worker thread count" +max = 32 +min = 1 [common.server.max_connections] -min = 10 -max = 10000 description = "Maximum concurrent HTTP connections" +max = 10000 +min = 10 [common.server.keep_alive] -min = 0 -max = 600 description = "HTTP keep-alive timeout in seconds (0=disabled)" +max = 600 +min = 0 [common.monitoring.metrics_interval] -min = 10 -max = 300 description = "Metrics collection interval in seconds (10s-5min)" +max = 300 +min = 10 [common.monitoring.health_check_interval] -min = 5 -max = 300 description = "Health check interval in seconds (5s-5min)" +max = 300 +min = 5 [common.monitoring.retention_days] -min = 1 -max = 3650 description = "Metrics retention in days (1-10 years)" +max = 3650 +min = 1 [common.logging.max_file_size] -min = 1048576 -max = 1073741824 description = "Max log file size in bytes (1MB-1GB)" +max = 1073741824 +min = 1048576 [common.logging.max_backups] -min = 1 -max = 100 description = "Maximum log file backups to retain" +max = 100 +min = 1 # ============================================================================ # DEPLOYMENT MODE: SOLO # ============================================================================ [deployment.solo.cpu] -min = 2 -max = 4 description = "Solo mode CPU cores (single developer)" +max = 4 +min = 2 [deployment.solo.memory_mb] -min = 2048 -max = 8192 description = "Solo mode memory allocation in MB (2GB-8GB)" +max = 8192 +min = 2048 [deployment.solo.disk_gb] -min = 10 -max = 100 description = "Solo mode disk allocation in GB (10GB-100GB)" +max = 100 +min = 10 # ============================================================================ # DEPLOYMENT MODE: MULTIUSER # ============================================================================ [deployment.multiuser.cpu] -min = 4 -max = 8 description = "Multi-user mode CPU cores (team servers)" +max = 8 +min = 4 [deployment.multiuser.memory_mb] -min = 4096 -max = 16384 description = "Multi-user mode memory allocation in MB (4GB-16GB)" +max = 16384 +min = 4096 [deployment.multiuser.disk_gb] -min = 50 -max = 500 description = "Multi-user mode disk allocation in GB (50GB-500GB)" +max = 500 +min = 50 [deployment.multiuser.postgres.max_connections] -min = 20 -max = 200 description = "PostgreSQL max connections for multi-user" +max = 200 +min = 20 # ============================================================================ # DEPLOYMENT MODE: CI/CD # ============================================================================ [deployment.cicd.cpu] -min = 8 -max = 16 description = "CI/CD mode CPU cores (pipeline servers)" +max = 16 +min = 8 [deployment.cicd.memory_mb] -min = 8192 -max = 32768 description = "CI/CD mode memory allocation in MB (8GB-32GB)" +max = 32768 +min = 8192 [deployment.cicd.disk_gb] -min = 100 -max = 1000 description = "CI/CD mode disk allocation in GB (100GB-1TB) - ephemeral" +max = 1000 +min = 100 # ============================================================================ # DEPLOYMENT MODE: ENTERPRISE # ============================================================================ [deployment.enterprise.cpu] -min = 16 -max = 128 description = "Enterprise mode CPU cores (production HA)" +max = 128 +min = 16 [deployment.enterprise.memory_mb] -min = 32768 -max = 262144 description = "Enterprise mode memory allocation in MB (32GB-256GB)" +max = 262144 +min = 32768 [deployment.enterprise.disk_gb] -min = 500 -max = 10000 description = "Enterprise mode disk allocation in GB (500GB-10TB)" +max = 10000 +min = 500 [deployment.enterprise.replicas] -min = 3 -max = 10 description = "Enterprise HA replica count (minimum 3 for quorum)" +max = 10 +min = 3 [deployment.enterprise.surrealdb.max_connections] -min = 100 -max = 1000 description = "SurrealDB cluster max connections for enterprise" +max = 1000 +min = 100 # ============================================================================ # WORKSPACE CONSTRAINTS # ============================================================================ [workspace.name] -pattern = "^[a-z0-9_-]{1,64}$" description = "Workspace name: lowercase alphanumeric, underscore, hyphen, max 64 chars" +pattern = "^[a-z0-9_-]{1,64}$" [workspace.path_min_length] -value = 1 description = "Minimum workspace path length" +value = 1 [workspace.path_max_length] -value = 255 description = "Maximum workspace path length" +value = 255 # ============================================================================ # SECURITY CONSTRAINTS # ============================================================================ [security.password_min_length] -min = 8 -max = 128 description = "Password minimum length for local auth" +max = 128 +min = 8 [security.encryption_key_length] -min = 16 -max = 64 description = "Encryption key length in bytes" +max = 64 +min = 16 [security.rate_limit_lockout_minutes] -min = 5 -max = 60 description = "Account lockout duration after max attempts (minutes)" +max = 60 +min = 5 # ============================================================================ # BATCH WORKFLOW CONSTRAINTS # ============================================================================ [batch_workflow.max_tasks_per_batch] -min = 1 -max = 1000 description = "Maximum tasks per batch workflow" +max = 1000 +min = 1 [batch_workflow.max_parallel_operations] -min = 1 -max = 100 description = "Maximum parallel operations in batch" +max = 100 +min = 1 [batch_workflow.checkpoint_interval] -min = 1 -max = 1000 description = "Checkpoint interval in task count" +max = 1000 +min = 1 [batch_workflow.max_checkpoints] -min = 1 -max = 100 description = "Maximum checkpoints to retain per batch" +max = 100 +min = 1 # ============================================================================ # VAULT SERVICE CONSTRAINTS # ============================================================================ [vault_service.port] -min = 1024 -max = 65535 description = "Vault service port number" +max = 65535 +min = 1024 [vault_service.ha_enabled] description = "High availability mode for enterprise deployments" @@ -339,24 +339,24 @@ description = "TLS certificate verification enabled" # ============================================================================ [registry.workers] -min = 1 -max = 32 description = "Extension registry worker thread count" +max = 32 +min = 1 [registry.cache_capacity] -min = 10 -max = 100000 description = "Cache capacity in number of entries" +max = 100000 +min = 10 [registry.cache_ttl] -min = 30 -max = 3600 description = "Cache TTL in seconds (30s-1hr)" +max = 3600 +min = 30 [registry.server_port] -min = 1024 -max = 65535 description = "Extension registry server port" +max = 65535 +min = 1024 # ============================================================================ # RAG SYSTEM CONSTRAINTS @@ -367,84 +367,84 @@ allowed = [384, 768, 1536, 3072] description = "Valid embedding vector dimensions" [rag.chunk_size] -min = 128 -max = 4096 description = "Document chunk size in characters" +max = 4096 +min = 128 [rag.chunk_overlap] -min = 0 -max = 1024 description = "Overlap between chunks in characters" +max = 1024 +min = 0 [rag.top_k] -min = 1 -max = 100 description = "Number of top results to retrieve" +max = 100 +min = 1 [rag.similarity_threshold] -min = 0.0 -max = 1.0 description = "Minimum similarity score (0.0-1.0)" +max = 1.0 +min = 0.0 [rag.batch_size] -min = 1 -max = 500 description = "Batch size for embedding operations" +max = 500 +min = 1 # ============================================================================ # AI SERVICE CONSTRAINTS # ============================================================================ [ai_service.workers] -min = 1 -max = 32 description = "AI service worker thread count" +max = 32 +min = 1 [ai_service.server_port] -min = 1024 -max = 65535 description = "AI service server port" +max = 65535 +min = 1024 [ai_service.max_concurrent_tasks] -min = 1 -max = 100 description = "Maximum concurrent DAG task executions" +max = 100 +min = 1 [ai_service.task_timeout] -min = 10000 -max = 3600000 description = "Task timeout in milliseconds (10s-1hr)" +max = 3600000 +min = 10000 [ai_service.rag_timeout] -min = 5000 -max = 600000 description = "RAG service call timeout in milliseconds (5s-10min)" +max = 600000 +min = 5000 [ai_service.mcp_timeout] -min = 5000 -max = 600000 description = "MCP service call timeout in milliseconds (5s-10min)" +max = 600000 +min = 5000 # ============================================================================ # PROVISIONING DAEMON CONSTRAINTS # ============================================================================ [daemon.poll_interval] -min = 5 -max = 3600 description = "Polling interval in seconds (5s-1hr)" +max = 3600 +min = 5 [daemon.max_workers] -min = 1 -max = 32 description = "Maximum worker threads for daemon operations" +max = 32 +min = 1 [daemon.max_age] -min = 3600 -max = 604800 description = "Maximum age for daemon state data in seconds (1hr-7days)" +max = 604800 +min = 3600 [daemon.health_check_interval] -min = 10 -max = 300 description = "Health check interval in seconds (10s-5min)" +max = 300 +min = 10