# Nested Provisioning Contracts
#
# Type definitions for nested VM provisioning
# Migrated from provisioning/kcl/nested_provisioning.k

{
  VolumeConfig = {
    name | String,
    description | String | optional,
    type | [| 'local, 'nfs, 'cifs, 'cloud, 'host |] | default = 'local,
    size_gb | Number | optional,
    mount_path | String,
    readonly | Bool | optional | default = false,
    mount_mode | String | optional | default = "755",
    host | String | optional,
    path | String | optional,
    username | String | optional,
    password | String | optional,
    bucket | String | optional,
    provider | [| 'aws, 'azure, 'gcp, 'minio |] | optional | default = 'aws,
    region | String | optional,
    iops | Number | optional,
    throughput_mbps | Number | optional,
  },

  NetworkConfig = {
    name | String,
    description | String | optional,
    type | [| 'bridge, 'overlay, 'host, 'vlan |] | default = 'bridge,
    vlan_id | Number | optional,
    subnet | String,
    gateway | String | optional,
    dns_servers | Array String | optional,
    mtu | Number | optional | default = 1500,
    dhcp_enabled | Bool | optional | default = true,
    dhcp_start | String | optional,
    dhcp_end | String | optional,
    allow_outbound | Bool | optional | default = true,
    allow_inbound | Bool | optional | default = false,
    rules | Array { _ | String } | optional,
    bandwidth_limit_mbps | Number | optional,
    latency_ms | Number | optional,
  },

  NestedVmConfig = {
    name | String,
    description | String | optional,
    parent_vm | String,
    cpu | Number | default = 2,
    memory_mb | Number | default = 2048,
    disk_gb | Number | default = 20,
    nested_virt | Bool | optional | default = true,
    base_image | String | optional | default = "ubuntu-22.04",
    from_golden_image | String | optional,
    networks | Array String,
    static_ip | String | optional,
    dns | Array String | optional,
    volumes | Array String | optional,
    extra_disks | Array { _ | Number } | optional,
    auto_start | Bool | optional | default = false,
    start_order | Number | optional | default = 100,
    restart_policy | [| 'no, 'always, 'on_failure |] | optional | default = 'always,
  },

  ContainerConfig = {
    name | String,
    image | String,
    tag | String | optional | default = "latest",
    parent_vm | String,
    runtime | [| 'docker, 'podman, 'containerd |] | default = 'containerd,
    cpu_millicores | Number | optional | default = 1000,
    memory_mb | Number | optional | default = 512,
    disk_gb | Number | optional | default = 10,
    networks | Array String | optional,
    expose_ports | Array { _ | Number } | optional,
    environment | { _ | String } | optional,
    volumes | Array { _ | String } | optional,
    tmpfs | Number | optional,
    auto_start | Bool | optional | default = false,
    restart_policy | [| 'no, 'unless_stopped, 'always |] | optional | default = 'unless_stopped,
    health_check | { _ | String } | optional,
  },

  MultiTierDeployment = {
    name | String,
    version | String | optional | default = "1.0.0",
    description | String | optional,
    networks | Array NetworkConfig,
    volumes | Array VolumeConfig,
    parent_vms | Array String,
    nested_vms | Array NestedVmConfig,
    containers | Array ContainerConfig,
    replicas | Number | optional | default = 1,
    strategy | [| 'rolling, 'blue_green, 'canary |] | optional | default = 'rolling,
    health_check_interval | Number | optional | default = 30,
  },

  NetworkPolicy = {
    name | String,
    description | String | optional,
    direction | [| 'inbound, 'outbound, 'both |] | default = 'both,
    protocol | [| 'tcp, 'udp, 'icmp, 'all |] | default = 'all,
    source | String | optional,
    destination | String | optional,
    port_range | String | optional,
    action | [| 'allow, 'deny, 'log |] | default = 'allow,
    priority | Number | optional | default = 100,
  },

  VolumeSnapshot = {
    name | String,
    volume_name | String,
    created_at | String,
    size_gb | Number,
    checksum | String,
    description | String | optional,
    retention_days | Number | optional | default = 30,
    auto_delete | Bool | optional | default = true,
  },

  NestedProvisioningPolicy = {
    max_nesting_depth | Number | default = 3,
    max_vms_per_parent | Number | default = 10,
    max_containers_per_vm | Number | default = 50,
    max_cpu_per_vm | Number | default = 16,
    max_memory_per_vm | Number | default = 32768,
    max_disk_per_vm | Number | default = 500,
    default_network_type | String | default = "bridge",
    enable_ipv6 | Bool | optional | default = false,
    enable_vlan_tagging | Bool | optional | default = false,
    default_volume_type | String | default = "local",
    snapshot_retention_days | Number | default = 30,
    enable_security_hardening | Bool | optional | default = true,
    enable_network_isolation | Bool | optional | default = true,
    require_auth_between_tiers | Bool | optional | default = false,
  },
}