# Provisioning Platform Glossary **Last Updated**: 2025-10-10 **Version**: 1.0.0 This glossary defines key terminology used throughout the Provisioning Platform documentation. Terms are listed alphabetically with definitions, usage context, and cross-references to related documentation. --- ## A ### ADR (Architecture Decision Record) **Definition**: Documentation of significant architectural decisions, including context, decision, and consequences. **Where Used**: - Architecture planning and review - Technical decision-making process - System design documentation **Related Concepts**: Architecture, Design Patterns, Technical Debt **Examples**: - ADR-001: Project Structure - ADR-006: CLI Refactoring - ADR-009: Complete Security System **See Also**: Architecture Documentation --- ### Agent **Definition**: A specialized component that performs a specific task in the system orchestration (for example, autonomous execution units in the orchestrator). **Where Used**: - Task orchestration - Workflow management - Parallel execution patterns **Related Concepts**: Orchestrator, Workflow, Task **See Also**: [Orchestrator Architecture](../architecture/orchestrator-integration-model.md) --- ### Anchor Link **Definition**: An internal document link to a specific section within the same or different markdown file using the `#` symbol. **Where Used**: - Cross-referencing documentation sections - Table of contents generation - Navigation within long documents **Related Concepts**: Internal Link, Cross-Reference, Documentation **Examples**: - `[See Installation](#installation)` - Same document - `[Configuration Guide](config.md#setup)` - Different document --- ### API Gateway **Definition**: Platform service that provides unified REST API access to provisioning operations. **Where Used**: - External system integration - Web Control Center backend - MCP server communication **Related Concepts**: REST API, Platform Service, Orchestrator **Location**: `provisioning/platform/api-gateway/` **See Also**: REST API Documentation --- ### Auth (Authentication) **Definition**: The process of verifying user identity using JWT tokens, MFA, and secure session management. **Where Used**: - User login flows - API access control - CLI session management **Related Concepts**: Authorization, JWT, MFA, Security **See Also**: - Authentication Layer Guide - Auth Quick Reference --- ### Authorization **Definition**: The process of determining user permissions using Cedar policy language. **Where Used**: - Access control decisions - Resource permission checks - Multi-tenant security **Related Concepts**: Auth, Cedar, Policies, RBAC **See Also**: Cedar Authorization Implementation --- ## B ### Batch Operation **Definition**: A collection of related infrastructure operations executed as a single workflow unit. **Where Used**: - Multi-server deployments - Cluster creation - Bulk taskserv installation **Related Concepts**: Workflow, Operation, Orchestrator **Commands**: ```bash provisioning batch submit workflow.ncl provisioning batch list provisioning batch status ``` **See Also**: [Batch Workflow System](../guides/from-scratch.md) --- ### Break-Glass **Definition**: Emergency access mechanism requiring multi-party approval for critical operations. **Where Used**: - Emergency system access - Incident response - Security override scenarios **Related Concepts**: Security, Compliance, Audit **Commands**: ```bash provisioning break-glass request "reason" provisioning break-glass approve ``` **See Also**: Break-Glass Training Guide --- ## C ### Cedar **Definition**: Amazon's policy language used for fine-grained authorization decisions. **Where Used**: - Authorization policies - Access control rules - Resource permissions **Related Concepts**: Authorization, Policies, Security **See Also**: Cedar Authorization Implementation --- ### Checkpoint **Definition**: A saved state of a workflow allowing resume from point of failure. **Where Used**: - Workflow recovery - Long-running operations - Batch processing **Related Concepts**: Workflow, State Management, Recovery **See Also**: [Batch Workflow System](../guides/from-scratch.md) --- ### CLI (Command-Line Interface) **Definition**: The `provisioning` command-line tool providing access to all platform operations. **Where Used**: - Daily operations - Script automation - CI/CD pipelines **Related Concepts**: Command, Shortcut, Module **Location**: `provisioning/core/cli/provisioning` **Examples**: ```bash provisioning server create provisioning taskserv install kubernetes provisioning workspace switch prod ``` **See Also**: - [CLI Reference](../infrastructure/cli-reference.md) - CLI Reference --- ### Cluster **Definition**: A complete, pre-configured deployment of multiple servers and taskservs working together. **Where Used**: - Kubernetes deployments - Database clusters - Complete infrastructure stacks **Related Concepts**: Infrastructure, Server, Taskserv **Location**: `provisioning/extensions/clusters/{name}/` **Commands**: ```bash provisioning cluster create provisioning cluster list provisioning cluster delete ``` **See Also**: Infrastructure Management --- ### Compliance **Definition**: System capabilities ensuring adherence to regulatory requirements (GDPR, SOC2, ISO 27001). **Where Used**: - Audit logging - Data retention policies - Incident response **Related Concepts**: Audit, Security, GDPR **See Also**: Compliance Implementation Summary --- ### Config (Configuration) **Definition**: System settings stored in TOML files with hierarchical loading and variable interpolation. **Where Used**: - System initialization - User preferences - Environment-specific settings **Related Concepts**: Settings, Environment, Workspace **Files**: - `provisioning/config/config.defaults.toml` - System defaults - `workspace/config/local-overrides.toml` - User settings **See Also**: [Configuration Guide](../infrastructure/configuration-guide.md) --- ### Control Center **Definition**: Web-based UI for managing provisioning operations built with Ratatui/Crossterm. **Where Used**: - Visual infrastructure management - Real-time monitoring - Guided workflows **Related Concepts**: UI, Platform Service, Orchestrator **Location**: `provisioning/platform/control-center/` **See Also**: Platform Services --- ### CoreDNS **Definition**: DNS server taskserv providing service discovery and DNS management. **Where Used**: - Kubernetes DNS - Service discovery - Internal DNS resolution **Related Concepts**: Taskserv, Kubernetes, Networking **See Also**: - CoreDNS Guide - CoreDNS Quick Reference --- ### Cross-Reference **Definition**: Links between related documentation sections or concepts. **Where Used**: - Documentation navigation - Related topic discovery - Learning path guidance **Related Concepts**: Documentation, Navigation, See Also **Examples**: "See Also" sections at the end of documentation pages --- ## D ### Dependency **Definition**: A requirement that must be satisfied before installing or running a component. **Where Used**: - Taskserv installation order - Version compatibility checks - Cluster deployment sequencing **Related Concepts**: Version, Taskserv, Workflow **Schema**: `provisioning/schemas/dependencies.ncl` **See Also**: Nickel Dependency Patterns --- ### Diagnostics **Definition**: System health checking and troubleshooting assistance. **Where Used**: - System status verification - Problem identification - Guided troubleshooting **Related Concepts**: Health Check, Monitoring, Troubleshooting **Commands**: ```bash provisioning status provisioning diagnostics run ``` --- ### Dynamic Secrets **Definition**: Temporary credentials generated on-demand with automatic expiration. **Where Used**: - AWS STS tokens - SSH temporary keys - Database credentials **Related Concepts**: Security, KMS, Secrets Management **See Also**: - Dynamic Secrets Implementation - Dynamic Secrets Quick Reference --- ## E ### Environment **Definition**: A deployment context (dev, test, prod) with specific configuration overrides. **Where Used**: - Configuration loading - Resource isolation - Deployment targeting **Related Concepts**: Config, Workspace, Infrastructure **Config Files**: `config.{dev,test,prod}.toml` **Usage**: ```bash PROVISIONING_ENV=prod provisioning server list ``` --- ### Extension **Definition**: A pluggable component adding functionality (provider, taskserv, cluster, or workflow). **Where Used**: - Custom cloud providers - Third-party taskservs - Custom deployment patterns **Related Concepts**: Provider, Taskserv, Cluster, Workflow **Location**: `provisioning/extensions/{type}/{name}/` **See Also**: Extension Development --- ## F ### Feature **Definition**: A major system capability providing key platform functionality. **Where Used**: - Architecture documentation - Feature planning - System capabilities **Related Concepts**: ADR, Architecture, System **Examples**: - Batch Workflow System - Orchestrator Architecture - CLI Architecture - Configuration System **See Also**: [Architecture Overview](../architecture/system-overview.md) --- ## G ### GDPR (General Data Protection Regulation) **Definition**: EU data protection regulation compliance features in the platform. **Where Used**: - Data export requests - Right to erasure - Audit compliance **Related Concepts**: Compliance, Audit, Security **Commands**: ```bash provisioning compliance gdpr export provisioning compliance gdpr delete ``` **See Also**: Compliance Implementation --- ### Glossary **Definition**: This document - a comprehensive terminology reference for the platform. **Where Used**: - Learning the platform - Understanding documentation - Resolving terminology questions **Related Concepts**: Documentation, Reference, Cross-Reference --- ### Guide **Definition**: Step-by-step walkthrough documentation for common workflows. **Where Used**: - Onboarding new users - Learning workflows - Reference implementation **Related Concepts**: Documentation, Workflow, Tutorial **Commands**: ```bash provisioning guide from-scratch provisioning guide update provisioning guide customize ``` **See Also**: [Guides](../guides/README.md) --- ## H ### Health Check **Definition**: Automated verification that a component is running correctly. **Where Used**: - Taskserv validation - System monitoring - Dependency verification **Related Concepts**: Diagnostics, Monitoring, Status **Example**: ```bash health_check = { endpoint = "http://localhost:6443/healthz" timeout = 30 interval = 10 } ``` --- ### Hybrid Architecture **Definition**: System design combining Rust orchestrator with Nushell business logic. **Where Used**: - Core platform architecture - Performance optimization - Call stack management **Related Concepts**: Orchestrator, Architecture, Design **See Also**: - [Orchestrator Architecture](../architecture/orchestrator-integration-model.md) - [ADR-004: Hybrid Architecture](../architecture/adr/adr-004-hybrid-architecture.md) --- ## I ### Infrastructure **Definition**: A named collection of servers, configurations, and deployments managed as a unit. **Where Used**: - Environment isolation - Resource organization - Deployment targeting **Related Concepts**: Workspace, Server, Environment **Location**: `workspace/infra/{name}/` **Commands**: ```bash provisioning infra list provisioning generate infra --new ``` **See Also**: Infrastructure Management --- ### Integration **Definition**: Connection between platform components or external systems. **Where Used**: - API integration - CI/CD pipelines - External tool connectivity **Related Concepts**: API, Extension, Platform **See Also**: - Integration Patterns - Integration Examples --- ### Internal Link **Definition**: A markdown link to another documentation file or section within the platform docs. **Where Used**: - Cross-referencing documentation - Navigation between topics - Related content discovery **Related Concepts**: Anchor Link, Cross-Reference, Documentation **Examples**: - `[See Configuration](configuration.md)` - `[Architecture Overview](../architecture/README.md)` --- ## J ### JWT (JSON Web Token) **Definition**: Token-based authentication mechanism using RS256 signatures. **Where Used**: - User authentication - API authorization - Session management **Related Concepts**: Auth, Security, Token **See Also**: JWT Auth Implementation --- ## K ### Nickel (Nickel Configuration Language) **Definition**: Declarative configuration language with type safety and lazy evaluation for infrastructure definitions. **Where Used**: - Infrastructure schemas - Workflow definitions - Configuration validation **Related Concepts**: Schema, Configuration, Validation **Version**: 1.15.0+ **Location**: `provisioning/schemas/*.ncl` **See Also**: Nickel Quick Reference --- ### KMS (Key Management Service) **Definition**: Encryption key management system supporting multiple backends (RustyVault, Age, AWS, Vault). **Where Used**: - Configuration encryption - Secret management - Data protection **Related Concepts**: Security, Encryption, Secrets **See Also**: RustyVault KMS Guide --- ### Kubernetes **Definition**: Container orchestration platform available as a taskserv. **Where Used**: - Container deployments - Cluster management - Production workloads **Related Concepts**: Taskserv, Cluster, Container **Commands**: ```bash provisioning taskserv create kubernetes provisioning test quick kubernetes ``` --- ## L ### Layer **Definition**: A level in the configuration hierarchy (Core → Workspace → Infrastructure). **Where Used**: - Configuration inheritance - Customization patterns - Settings override **Related Concepts**: Config, Workspace, Infrastructure **See Also**: [Configuration Guide](../infrastructure/configuration-guide.md) --- ## M ### MCP (Model Context Protocol) **Definition**: AI-powered server providing intelligent configuration assistance. **Where Used**: - Configuration validation - Troubleshooting guidance - Documentation search **Related Concepts**: Platform Service, AI, Guidance **Location**: `provisioning/platform/mcp-server/` **See Also**: Platform Services --- ### MFA (Multi-Factor Authentication) **Definition**: Additional authentication layer using TOTP or WebAuthn/FIDO2. **Where Used**: - Enhanced security - Compliance requirements - Production access **Related Concepts**: Auth, Security, TOTP, WebAuthn **Commands**: ```bash provisioning mfa totp enroll provisioning mfa webauthn enroll provisioning mfa verify ``` **See Also**: MFA Implementation Summary --- ### Migration **Definition**: Process of updating existing infrastructure or moving between system versions. **Where Used**: - System upgrades - Configuration changes - Infrastructure evolution **Related Concepts**: Update, Upgrade, Version **See Also**: Migration Guide --- ### Module **Definition**: A reusable component (provider, taskserv, cluster) loaded into a workspace. **Where Used**: - Extension management - Workspace customization - Component distribution **Related Concepts**: Extension, Workspace, Package **Commands**: ```bash provisioning module discover provider provisioning module load provider provisioning module list taskserv ``` **See Also**: [Module System](../development/extension-development.md) --- ## N ### Nushell **Definition**: Primary shell and scripting language (v0.107.1) used throughout the platform. **Where Used**: - CLI implementation - Automation scripts - Business logic **Related Concepts**: CLI, Script, Automation **Version**: 0.107.1 **See Also**: [Nushell Guidelines](../development/README.md) --- ## O ### OCI (Open Container Initiative) **Definition**: Standard format for packaging and distributing extensions. **Where Used**: - Extension distribution - Package registry - Version management **Related Concepts**: Registry, Package, Distribution **See Also**: OCI Registry Guide --- ### Operation **Definition**: A single infrastructure action (create server, install taskserv, etc.). **Where Used**: - Workflow steps - Batch processing - Orchestrator tasks **Related Concepts**: Workflow, Task, Action --- ### Orchestrator **Definition**: Hybrid Rust/Nushell service coordinating complex infrastructure operations. **Where Used**: - Workflow execution - Task coordination - State management **Related Concepts**: Hybrid Architecture, Workflow, Platform Service **Location**: `provisioning/platform/orchestrator/` **Commands**: ```bash cd provisioning/platform/orchestrator ./scripts/start-orchestrator.nu --background ``` **See Also**: [Orchestrator Architecture](../architecture/orchestrator-integration-model.md) --- ## P ### PAP (Project Architecture Principles) **Definition**: Core architectural rules and patterns that must be followed. **Where Used**: - Code review - Architecture decisions - Design validation **Related Concepts**: Architecture, ADR, Best Practices **See Also**: Architecture Overview --- ### Platform Service **Definition**: A core service providing platform-level functionality (Orchestrator, Control Center, MCP, API Gateway). **Where Used**: - System infrastructure - Core capabilities - Service integration **Related Concepts**: Service, Architecture, Infrastructure **Location**: `provisioning/platform/{service}/` --- ### Plugin **Definition**: Native Nushell plugin providing performance-optimized operations. **Where Used**: - Auth operations (10-50x faster) - KMS encryption - Orchestrator queries **Related Concepts**: Nushell, Performance, Native **Commands**: ```bash provisioning plugin list provisioning plugin install ``` **See Also**: Nushell Plugins Guide --- ### Provider **Definition**: Cloud platform integration (AWS, UpCloud, local) handling infrastructure provisioning. **Where Used**: - Server creation - Resource management - Cloud operations **Related Concepts**: Extension, Infrastructure, Cloud **Location**: `provisioning/extensions/providers/{name}/` **Examples**: aws, upcloud, local **Commands**: ```bash provisioning module discover provider provisioning providers list ``` **See Also**: Quick Provider Guide --- ## Q ### Quick Reference **Definition**: Condensed command and configuration reference for rapid lookup. **Where Used**: - Daily operations - Quick reminders - Command syntax **Related Concepts**: Guide, Documentation, Cheatsheet **Commands**: ```bash provisioning sc # Fastest provisioning guide quickstart ``` **See Also**: Quickstart Cheatsheet --- ## R ### RBAC (Role-Based Access Control) **Definition**: Permission system with 5 roles (admin, operator, developer, viewer, auditor). **Where Used**: - User permissions - Access control - Security policies **Related Concepts**: Authorization, Cedar, Security **Roles**: Admin, Operator, Developer, Viewer, Auditor --- ### Registry **Definition**: OCI-compliant repository for storing and distributing extensions. **Where Used**: - Extension publishing - Version management - Package distribution **Related Concepts**: OCI, Package, Distribution **See Also**: OCI Registry Guide --- ### REST API **Definition**: HTTP endpoints exposing platform operations to external systems. **Where Used**: - External integration - Web UI backend - Programmatic access **Related Concepts**: API, Integration, HTTP **Endpoint**: `http://localhost:9090` **See Also**: REST API Documentation --- ### Rollback **Definition**: Reverting a failed workflow or operation to previous stable state. **Where Used**: - Failure recovery - Deployment safety - State restoration **Related Concepts**: Workflow, Checkpoint, Recovery **Commands**: ```bash provisioning batch rollback ``` --- ### RustyVault **Definition**: Rust-based secrets management backend for KMS. **Where Used**: - Key storage - Secret encryption - Configuration protection **Related Concepts**: KMS, Security, Encryption **See Also**: RustyVault KMS Guide --- ## S ### Schema **Definition**: Nickel type definition specifying structure and validation rules. **Where Used**: - Configuration validation - Type safety - Documentation **Related Concepts**: Nickel, Validation, Type **Example**: ```javascript let ServerConfig = { hostname | string, cores | number, memory | number, } in ServerConfig ``` **See Also**: Nickel Development --- ### Secrets Management **Definition**: System for secure storage and retrieval of sensitive data. **Where Used**: - Password storage - API keys - Certificates **Related Concepts**: KMS, Security, Encryption **See Also**: Dynamic Secrets Implementation --- ### Security System **Definition**: Comprehensive enterprise-grade security with 12 components (Auth, Cedar, MFA, KMS, Secrets, Compliance, etc.). **Where Used**: - User authentication - Access control - Data protection **Related Concepts**: Auth, Authorization, MFA, KMS, Audit **See Also**: Security System Implementation --- ### Server **Definition**: Virtual machine or physical host managed by the platform. **Where Used**: - Infrastructure provisioning - Compute resources - Deployment targets **Related Concepts**: Infrastructure, Provider, Taskserv **Commands**: ```bash provisioning server create provisioning server list provisioning server ssh ``` **See Also**: Infrastructure Management --- ### Service **Definition**: A running application or daemon (interchangeable with Taskserv in many contexts). **Where Used**: - Service management - Application deployment - System administration **Related Concepts**: Taskserv, Daemon, Application **See Also**: Service Management Guide --- ### Shortcut **Definition**: Abbreviated command alias for faster CLI operations. **Where Used**: - Daily operations - Quick commands - Productivity enhancement **Related Concepts**: CLI, Command, Alias **Examples**: - `provisioning s create` → `provisioning server create` - `provisioning ws list` → `provisioning workspace list` - `provisioning sc` → Quick reference **See Also**: [CLI Reference](../infrastructure/cli-reference.md) --- ### SOPS (Secrets OPerationS) **Definition**: Encryption tool for managing secrets in version control. **Where Used**: - Configuration encryption - Secret management - Secure storage **Related Concepts**: Encryption, Security, Age **Version**: 3.10.2 **Commands**: ```bash provisioning sops edit ``` --- ### SSH (Secure Shell) **Definition**: Encrypted remote access protocol with temporal key support. **Where Used**: - Server administration - Remote commands - Secure file transfer **Related Concepts**: Security, Server, Remote Access **Commands**: ```bash provisioning server ssh provisioning ssh connect ``` **See Also**: SSH Temporal Keys User Guide --- ### State Management **Definition**: Tracking and persisting workflow execution state. **Where Used**: - Workflow recovery - Progress tracking - Failure handling **Related Concepts**: Workflow, Checkpoint, Orchestrator --- ## T ### Task **Definition**: A unit of work submitted to the orchestrator for execution. **Where Used**: - Workflow execution - Job processing - Operation tracking **Related Concepts**: Operation, Workflow, Orchestrator --- ### Taskserv **Definition**: An installable infrastructure service (Kubernetes, PostgreSQL, Redis, etc.). **Where Used**: - Service installation - Application deployment - Infrastructure components **Related Concepts**: Service, Extension, Package **Location**: `provisioning/extensions/taskservs/{category}/{name}/` **Commands**: ```bash provisioning taskserv create provisioning taskserv list provisioning test quick ``` **See Also**: Taskserv Developer Guide --- ### Template **Definition**: Parameterized configuration file supporting variable substitution. **Where Used**: - Configuration generation - Infrastructure customization - Deployment automation **Related Concepts**: Config, Generation, Customization **Location**: `provisioning/templates/` --- ### Test Environment **Definition**: Containerized isolated environment for testing taskservs and clusters. **Where Used**: - Development testing - CI/CD integration - Pre-deployment validation **Related Concepts**: Container, Testing, Validation **Commands**: ```bash provisioning test quick provisioning test env single provisioning test env cluster ``` **See Also**: [Test Environment Guide](../testing/test-environment-guide.md) --- ### Topology **Definition**: Multi-node cluster configuration template (Kubernetes HA, etcd cluster, etc.). **Where Used**: - Cluster testing - Multi-node deployments - Production simulation **Related Concepts**: Test Environment, Cluster, Configuration **Examples**: kubernetes_3node, etcd_cluster, kubernetes_single --- ### TOTP (Time-based One-Time Password) **Definition**: MFA method generating time-sensitive codes. **Where Used**: - Two-factor authentication - MFA enrollment - Security enhancement **Related Concepts**: MFA, Security, Auth **Commands**: ```bash provisioning mfa totp enroll provisioning mfa totp verify ``` --- ### Troubleshooting **Definition**: System problem diagnosis and resolution guidance. **Where Used**: - Problem solving - Error resolution - System debugging **Related Concepts**: Diagnostics, Guide, Support **See Also**: Troubleshooting Guide --- ## U ### UI (User Interface) **Definition**: Visual interface for platform operations (Control Center, Web UI). **Where Used**: - Visual management - Guided workflows - Monitoring dashboards **Related Concepts**: Control Center, Platform Service, GUI --- ### Update **Definition**: Process of upgrading infrastructure components to newer versions. **Where Used**: - Version management - Security patches - Feature updates **Related Concepts**: Version, Migration, Upgrade **Commands**: ```bash provisioning version check provisioning version apply ``` **See Also**: Update Infrastructure Guide --- ## V ### Validation **Definition**: Verification that configuration or infrastructure meets requirements. **Where Used**: - Configuration checks - Schema validation - Pre-deployment verification **Related Concepts**: Schema, Nickel, Check **Commands**: ```bash provisioning validate config provisioning validate infrastructure ``` **See Also**: [Config Validation](../provisioning/docs/CONFIG_VALIDATION.md) --- ### Version **Definition**: Semantic version identifier for components and compatibility. **Where Used**: - Component versioning - Compatibility checking - Update management **Related Concepts**: Update, Dependency, Compatibility **Commands**: ```bash provisioning version provisioning version check provisioning taskserv check-updates ``` --- ## W ### WebAuthn **Definition**: FIDO2-based passwordless authentication standard. **Where Used**: - Hardware key authentication - Passwordless login - Enhanced MFA **Related Concepts**: MFA, Security, FIDO2 **Commands**: ```bash provisioning mfa webauthn enroll provisioning mfa webauthn verify ``` --- ### Workflow **Definition**: A sequence of related operations with dependency management and state tracking. **Where Used**: - Complex deployments - Multi-step operations - Automated processes **Related Concepts**: Batch Operation, Orchestrator, Task **Commands**: ```bash provisioning workflow list provisioning workflow status provisioning workflow monitor ``` **See Also**: [Batch Workflow System](../guides/from-scratch.md) --- ### Workspace **Definition**: An isolated environment containing infrastructure definitions and configuration. **Where Used**: - Project isolation - Environment separation - Team workspaces **Related Concepts**: Infrastructure, Config, Environment **Location**: `workspace/{name}/` **Commands**: ```bash provisioning workspace list provisioning workspace switch provisioning workspace create ``` **See Also**: Workspace Switching Guide --- ## X-Z ### YAML **Definition**: Data serialization format used for Kubernetes manifests and configuration. **Where Used**: - Kubernetes deployments - Configuration files - Data interchange **Related Concepts**: Config, Kubernetes, Data Format --- ## Symbol and Acronym Index | Symbol/Acronym | Full Term | Category | | ---------------- | ----------- | ---------- | | ADR | Architecture Decision Record | Architecture | | API | Application Programming Interface | Integration | | CLI | Command-Line Interface | User Interface | | GDPR | General Data Protection Regulation | Compliance | | JWT | JSON Web Token | Security | | Nickel | Nickel Configuration Language | Configuration | | KMS | Key Management Service | Security | | MCP | Model Context Protocol | Platform | | MFA | Multi-Factor Authentication | Security | | OCI | Open Container Initiative | Packaging | | PAP | Project Architecture Principles | Architecture | | RBAC | Role-Based Access Control | Security | | REST | Representational State Transfer | API | | SOC2 | Service Organization Control 2 | Compliance | | SOPS | Secrets OPerationS | Security | | SSH | Secure Shell | Remote Access | | TOTP | Time-based One-Time Password | Security | | UI | User Interface | User Interface | --- ## Cross-Reference Map ### By Topic Area **Infrastructure**: - Infrastructure, Server, Cluster, Provider, Taskserv, Module **Security**: - Auth, Authorization, JWT, MFA, TOTP, WebAuthn, Cedar, KMS, Secrets Management, RBAC, Break-Glass **Configuration**: - Config, Nickel, Schema, Validation, Environment, Layer, Workspace **Workflow & Operations**: - Workflow, Batch Operation, Operation, Task, Orchestrator, Checkpoint, Rollback **Platform Services**: - Orchestrator, Control Center, MCP, API Gateway, Platform Service **Documentation**: - Glossary, Guide, ADR, Cross-Reference, Internal Link, Anchor Link **Development**: - Extension, Plugin, Template, Module, Integration **Testing**: - Test Environment, Topology, Validation, Health Check **Compliance**: - Compliance, GDPR, Audit, Security System ### By User Journey **New User**: 1. Glossary (this document) 2. Guide 3. Quick Reference 4. Workspace 5. Infrastructure 6. Server 7. Taskserv **Developer**: 1. Extension 2. Provider 3. Taskserv 4. Nickel 5. Schema 6. Template 7. Plugin **Operations**: 1. Workflow 2. Orchestrator 3. Monitoring 4. Troubleshooting 5. Security 6. Compliance --- ## Terminology Guidelines ### Writing Style **Consistency**: Use the same term throughout documentation (for example, "Taskserv" not "task service" or "task-serv") **Capitalization**: - Proper nouns and acronyms: CAPITALIZE (Nickel, JWT, MFA) - Generic terms: lowercase (server, cluster, workflow) - Platform-specific terms: Title Case (Taskserv, Workspace, Orchestrator) **Pluralization**: - Taskservs (not taskservices) - Workspaces (standard plural) - Topologies (not topologys) ### Avoiding Confusion | Don't Say | Say Instead | Reason | | ----------- | ------------- | -------- | | "Task service" | "Taskserv" | Standard platform term | | "Configuration file" | "Config" or "Settings" | Context-dependent | | "Worker" | "Agent" or "Task" | Clarify context | | "Kubernetes service" | "K8s taskserv" or "K8s Service resource" | Disambiguate | --- ## Contributing to the Glossary ### Adding New Terms 1. Alphabetical placement in appropriate section 2. Include all standard sections: - Definition - Where Used - Related Concepts - Examples (if applicable) - Commands (if applicable) - See Also (links to docs) 3. Cross-reference in related terms 4. Update Symbol and Acronym Index if applicable 5. Update Cross-Reference Map ### Updating Existing Terms 1. Verify changes don't break cross-references 2. Update "Last Updated" date at top 3. Increment version if major changes 4. Review related terms for consistency --- ## Version History | Version | Date | Changes | | --------- | ------ | --------- | | 1.0.0 | 2025-10-10 | Initial comprehensive glossary | --- **Maintained By**: Documentation Team **Review Cycle**: Quarterly or when major features are added **Feedback**: Please report missing or unclear terms via issues