jesus/provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update content

Browse Source
This commit is contained in:
Jesús Pérez 2026-01-12 04:15:44 +00:00
parent 700058b264
commit f930ea68f6
Signed by: jesus
GPG Key ID: 9F243E355E0BC939
2 changed files with 105 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
.pre-commit-config.yaml
View File

@ -14,7 +14,7 @@ repos:
language: system language: system
types: [rust] types: [rust]
pass_filenames: false pass_filenames: false
stages: [pre-commit] stages: [pre-push]
- id: rust-clippy - id: rust-clippy
name: Rust linting (cargo clippy) name: Rust linting (cargo clippy)
@ -22,7 +22,7 @@ repos:
language: system language: system
types: [rust] types: [rust]
pass_filenames: false pass_filenames: false
stages: [pre-commit] stages: [pre-push]
- id: rust-test - id: rust-test
name: Rust tests name: Rust tests
@ -87,15 +87,28 @@ repos:
# stages: [commit] # stages: [commit]
# ============================================================================ # ============================================================================
# Markdown Hooks (optional - enable if using Markdown) # Markdown Hooks
# ============================================================================ # ============================================================================
# - repo: local - repo: local
# hooks: hooks:
# - id: markdownlint - id: markdownlint
# name: Markdown linting (markdownlint-cli2) name: Markdown linting (markdownlint-cli2)
# entry: markdownlint-cli2 entry: markdownlint-cli2 --config .markdownlint-cli2.jsonc docs/
language: system
types: [markdown]
pass_filenames: false
stages: [pre-commit]
# NOTE: Malformed closing fences check disabled
# All 4,043 instances were fixed in 2025-01-09
# Markdownlint doesn't catch this natively (see config comments)
# Requires Python for proper state tracking, which is not desired
# - id: check-markdown-fences
# name: Check malformed code fences
# entry: .githooks/check-markdown-fences.sh
# language: system # language: system
# types: [markdown] # types: [markdown]
# pass_filenames: true
# stages: [commit] # stages: [commit]
# ============================================================================ # ============================================================================

50
README.md
View File

@ -25,9 +25,15 @@
## What is Provisioning? ## What is Provisioning?
**Provisioning** is a comprehensive **Infrastructure as Code (IaC)** platform designed to manage complete infrastructure lifecycles: cloud providers, infrastructure services, clusters, and isolated workspaces across multiple cloud/local environments. **Provisioning** is a comprehensive **Infrastructure as Code (IaC)** platform designed to manage
complete infrastructure lifecycles: cloud providers, infrastructure services, clusters,
and isolated workspaces across multiple cloud/local environments.
Extensible and customizable by design, it delivers type-safe, configuration-driven workflows with enterprise security (encrypted configuration, Cosmian KMS integration, Cedar policy engine, secrets management, authorization and permissions control, compliance checking, anomaly detection) and adaptable deployment modes (interactive UI, CLI automation, unattended CI/CD) suitable for any scale from development to production. Extensible and customizable by design, it delivers type-safe, configuration-driven workflows
with enterprise security (encrypted configuration, Cosmian KMS integration, Cedar policy engine,
secrets management, authorization and permissions control, compliance checking, anomaly detection)
and adaptable deployment modes (interactive UI, CLI automation, unattended CI/CD)
suitable for any scale from development to production.
### Technical Definition ### Technical Definition
@ -116,7 +122,7 @@ Declarative Infrastructure as Code (IaC) platform providing:
```plaintext ```plaintext
Defaults → User → Project → Infrastructure → Environment → Runtime Defaults → User → Project → Infrastructure → Environment → Runtime
```plaintext ```
#### 4. **Imperative Scripts** #### 4. **Imperative Scripts**
@ -209,13 +215,13 @@ workspace_librecloud/ # Production workspace
workspace_dev/ # Development workspace workspace_dev/ # Development workspace
├── infra/ ├── infra/
└── config/ └── config/
```plaintext ```
Switch between workspaces with single command: Switch between workspaces with single command:
```bash ```bash
provisioning workspace switch librecloud provisioning workspace switch librecloud
```plaintext ```
### 5. **Workflows** ### 5. **Workflows**
@ -280,7 +286,7 @@ Coordinated sequences of operations with dependency management.
│ • Kubernetes Clusters │ │ • Kubernetes Clusters │
│ • Running Services │ │ • Running Services │
└─────────────────────────────────────────────────────────────────┘ └─────────────────────────────────────────────────────────────────┘
```plaintext ```
### Directory Structure ### Directory Structure
@ -524,7 +530,7 @@ Enterprise-grade security with 39,699 lines across 12 components.
### Core Technologies ### Core Technologies
| Technology | Version | Purpose | Why | | Technology | Version | Purpose | Why |
|------------|---------|---------|-----| | ------------ | --------- | --------- | ----- |
| **Nickel** | Latest | PRIMARY - Infrastructure-as-code language | Type-safe schemas, lazy evaluation, LSP support, composable records, gradual validation | | **Nickel** | Latest | PRIMARY - Infrastructure-as-code language | Type-safe schemas, lazy evaluation, LSP support, composable records, gradual validation |
| **Nushell** | 0.109.0+ | Scripting and task automation | Structured data pipelines, cross-platform, modern built-in parsers (JSON/YAML/TOML) | | **Nushell** | 0.109.0+ | Scripting and task automation | Structured data pipelines, cross-platform, modern built-in parsers (JSON/YAML/TOML) |
| **Rust** | Latest | Platform services (orchestrator, control-center, installer) | Performance, memory safety, concurrency, reliability | | **Rust** | Latest | Platform services (orchestrator, control-center, installer) | Performance, memory safety, concurrency, reliability |
@ -533,13 +539,13 @@ Enterprise-grade security with 39,699 lines across 12 components.
### Data & State Management ### Data & State Management
| Technology | Version | Purpose | Features | | Technology | Version | Purpose | Features |
|------------|---------|---------|----------| | ------------ | --------- | --------- | ---------- |
| **SurrealDB** | Latest | High-performance graph database backend | Multi-model (document, graph, relational), real-time queries, distributed architecture, complex relationship tracking | | **SurrealDB** | Latest | High-performance graph database backend | Multi-model (document, graph, relational), real-time queries, distributed architecture, complex relationship tracking |
### Platform Services (Rust-based) ### Platform Services (Rust-based)
| Service | Purpose | Security Features | | Service | Purpose | Security Features |
|---------|---------|-------------------| | --------- | --------- | ------------------- |
| **Orchestrator** | Workflow execution, task scheduling, state management | File-based persistence, retry logic, checkpoint recovery | | **Orchestrator** | Workflow execution, task scheduling, state management | File-based persistence, retry logic, checkpoint recovery |
| **Control Center** | Web-based infrastructure management | **Authorization and permissions control**, RBAC, audit logging | | **Control Center** | Web-based infrastructure management | **Authorization and permissions control**, RBAC, audit logging |
| **Installer** | Platform installation (TUI + CLI modes) | Secure configuration generation, validation | | **Installer** | Platform installation (TUI + CLI modes) | Secure configuration generation, validation |
@ -550,7 +556,7 @@ Enterprise-grade security with 39,699 lines across 12 components.
### Security & Secrets ### Security & Secrets
| Technology | Version | Purpose | Enterprise Features | | Technology | Version | Purpose | Enterprise Features |
|------------|---------|---------|---------------------| | ------------ | --------- | --------- | --------------------- |
| **SOPS** | 3.10.2+ | Secrets management | Encrypted configuration files | | **SOPS** | 3.10.2+ | Secrets management | Encrypted configuration files |
| **Age** | 1.2.1+ | Encryption | Secure key-based encryption | | **Age** | 1.2.1+ | Encryption | Secure key-based encryption |
| **Cosmian KMS** | Latest | Key Management System | Confidential computing, secure key storage, cloud-native KMS | | **Cosmian KMS** | Latest | Key Management System | Confidential computing, secure key storage, cloud-native KMS |
@ -562,7 +568,7 @@ Enterprise-grade security with 39,699 lines across 12 components.
### Version Management ### Version Management
| Component | Purpose | Format | | Component | Purpose | Format |
|-----------|---------|--------| | ----------- | --------- | -------- |
| **versions.ncl** | Core tool versions (Nickel primary) | Nickel schema | | **versions.ncl** | Core tool versions (Nickel primary) | Nickel schema |
| **provider version.ncl** | Provider-specific versions | Nickel schema | | **provider version.ncl** | Provider-specific versions | Nickel schema |
| **provisioning setup versions** | Version file generator | Nushell command | | **provisioning setup versions** | Version file generator | Nushell command |
@ -581,7 +587,7 @@ echo $NU_VERSION $PROVIDER_AWS_VERSION
### Optional Tools ### Optional Tools
| Tool | Purpose | | Tool | Purpose |
|------|---------| | ------ | --------- |
| **K9s** | Kubernetes management interface | | **K9s** | Kubernetes management interface |
| **nu_plugin_tera** | Nushell plugin for Tera template rendering | | **nu_plugin_tera** | Nushell plugin for Tera template rendering |
| **nu_plugin_kcl** | Nushell plugin for KCL integration (CLI required, plugin optional) | | **nu_plugin_kcl** | Nushell plugin for KCL integration (CLI required, plugin optional) |
@ -652,7 +658,7 @@ echo $NU_VERSION $PROVIDER_AWS_VERSION
```bash ```bash
provisioning server create --infra my-cluster provisioning server create --infra my-cluster
```plaintext ```
**Step 3**: Provisioning executes workflow **Step 3**: Provisioning executes workflow
@ -677,13 +683,13 @@ provisioning server create --infra my-cluster
4. Checkpoint after each step 4. Checkpoint after each step
5. Monitor health checks 5. Monitor health checks
6. Report completion 6. Report completion
```plaintext ```
**Step 4**: Verify deployment **Step 4**: Verify deployment
```bash ```bash
provisioning cluster status my-cluster provisioning cluster status my-cluster
```plaintext ```
### Configuration Hierarchy ### Configuration Hierarchy
@ -701,7 +707,7 @@ Configuration values are resolved through a hierarchy:
5. Environment Config (workspace/config/prod-defaults.toml) 5. Environment Config (workspace/config/prod-defaults.toml)
↓ (overridden by) ↓ (overridden by)
6. Runtime Flags (--flag value) 6. Runtime Flags (--flag value)
```plaintext ```
**Example**: **Example**:
@ -720,7 +726,7 @@ default_plan = "large" # Overrides user preference
# Runtime # Runtime
provisioning server create --plan xlarge # Overrides everything provisioning server create --plan xlarge # Overrides everything
```plaintext ```
--- ---
@ -736,7 +742,7 @@ provisioning cluster create k8s-prod --provider upcloud
# AWS cluster (same config) # AWS cluster (same config)
provisioning cluster create k8s-prod --provider aws provisioning cluster create k8s-prod --provider aws
```plaintext ```
### 2. **Development → Staging → Production Pipeline** ### 2. **Development → Staging → Production Pipeline**
@ -754,7 +760,7 @@ provisioning cluster create app-stack
# Production (HA, larger resources) # Production (HA, larger resources)
provisioning workspace switch prod provisioning workspace switch prod
provisioning cluster create app-stack provisioning cluster create app-stack
```plaintext ```
### 3. **Infrastructure as Code Testing** ### 3. **Infrastructure as Code Testing**
@ -770,7 +776,7 @@ provisioning test env run <env-id>
# Cleanup # Cleanup
provisioning test env cleanup <env-id> provisioning test env cleanup <env-id>
```plaintext ```
### 4. **Batch Multi-Region Deployment** ### 4. **Batch Multi-Region Deployment**
@ -822,7 +828,7 @@ provisioning workspace switch prod
provisioning cluster create --infra backup-restore --wait provisioning cluster create --infra backup-restore --wait
# All services restored with same configuration # All services restored with same configuration
```plaintext ```
### 6. **CI/CD Integration** ### 6. **CI/CD Integration**
@ -846,7 +852,7 @@ deploy-production:
script: script:
- provisioning workspace switch prod - provisioning workspace switch prod
- provisioning cluster create app-stack --yes - provisioning cluster create app-stack --yes
```plaintext ```
--- ---