376 lines
12 KiB
Plaintext
376 lines
12 KiB
Plaintext
# ============================================================================
|
|
# Command Metadata Registry
|
|
# Version: 1.0.0
|
|
# Purpose: Declarative classification of all provisioning commands
|
|
#
|
|
# This schema defines metadata for every provisioning command including:
|
|
# - Interactive requirements (FormInquire)
|
|
# - Authentication/Authorization needs
|
|
# - Workspace dependencies
|
|
# - Side effects and destructiveness
|
|
# - Estimated execution time
|
|
# - Form paths for interactive commands
|
|
# ============================================================================
|
|
schema CommandRequirements:
|
|
"""
|
|
Requirements for executing a command
|
|
Defines what validation, auth, and resources are needed
|
|
"""
|
|
# Requires user interaction (FormInquire forms)
|
|
interactive: bool = False
|
|
|
|
# Requires authentication/authorization
|
|
requires_auth: bool = False
|
|
|
|
# Authentication type: jwt, mfa, cedar, none
|
|
auth_type: "none" | "jwt" | "mfa" | "cedar" = "none"
|
|
|
|
# Requires active workspace
|
|
requires_workspace: bool = True
|
|
|
|
# Has side effects (creates/modifies/deletes resources)
|
|
side_effects: bool = False
|
|
|
|
# Side effect type
|
|
side_effect_type: "none" | "create" | "update" | "delete" | "deploy" = "none"
|
|
|
|
# Requires explicit confirmation (for destructive ops)
|
|
requires_confirmation: bool = False
|
|
|
|
# Minimum permission level: read, write, admin, superadmin
|
|
min_permission: "read" | "write" | "admin" | "superadmin" = "read"
|
|
|
|
# Uses slow operations (network, disk I/O, etc)
|
|
slow_operation: bool = False
|
|
|
|
# Can be optimized with Rust plugin
|
|
rust_optimizable: bool = False
|
|
|
|
check:
|
|
# If requires_confirmation, must have side_effects
|
|
not requires_confirmation or side_effects, "Confirmation requires side_effects"
|
|
# If side_effect_type != none, must have side_effects
|
|
side_effect_type == "none" or side_effects, "side_effect_type requires side_effects=true"
|
|
# MFA requires JWT auth first
|
|
auth_type != "mfa" or requires_auth, "MFA requires requires_auth=true"
|
|
# Cedar requires auth
|
|
auth_type != "cedar" or requires_auth, "Cedar requires requires_auth=true"
|
|
|
|
schema CommandMetadata:
|
|
"""
|
|
Complete metadata for a single command
|
|
Defines behavior, requirements, and characteristics
|
|
"""
|
|
# Command canonical name (e.g., "server create", "workspace init")
|
|
name: str
|
|
|
|
# Command domain/group
|
|
domain: "infrastructure" | "orchestration" | "workspace" | "configuration" | "authentication" | "platform" | "utilities" | "development" = "infrastructure"
|
|
|
|
# Short description
|
|
description: str
|
|
|
|
# Command aliases/shortcuts
|
|
aliases: [str] = []
|
|
|
|
# Requirements
|
|
requirements: CommandRequirements
|
|
|
|
# FormInquire form path (if interactive)
|
|
form_path?: str
|
|
# Estimated execution time (seconds)
|
|
estimated_time: int = 1
|
|
|
|
check:
|
|
len(name) > 0, "Name required"
|
|
len(description) > 0, "Description required"
|
|
|
|
schema CommandRegistry:
|
|
"""
|
|
Registry of all provisioning commands with metadata
|
|
Central source of truth for command classification
|
|
"""
|
|
version: str = "1.0.0"
|
|
|
|
# All registered commands (keyed by canonical name)
|
|
commands: {str:CommandMetadata}
|
|
|
|
check:
|
|
len(commands) > 0, "At least one command required"
|
|
|
|
# ============================================================================
|
|
# COMMAND DEFINITIONS - INFRASTRUCTURE
|
|
# ============================================================================
|
|
_server_create: CommandMetadata = {
|
|
name = "server create"
|
|
domain = "infrastructure"
|
|
description = "Create new servers from configuration"
|
|
aliases = ["server c", "create server", "s create"]
|
|
requirements = {
|
|
interactive = False
|
|
requires_auth = False
|
|
requires_workspace = True
|
|
side_effects = True
|
|
side_effect_type = "create"
|
|
requires_confirmation = False
|
|
min_permission = "write"
|
|
slow_operation = True
|
|
rust_optimizable = True
|
|
}
|
|
estimated_time = 120
|
|
}
|
|
|
|
_server_delete: CommandMetadata = {
|
|
name = "server delete"
|
|
domain = "infrastructure"
|
|
description = "Delete existing servers"
|
|
aliases = ["server d", "delete server", "s delete"]
|
|
requirements = {
|
|
interactive = True
|
|
requires_auth = True
|
|
auth_type = "jwt"
|
|
requires_workspace = True
|
|
side_effects = True
|
|
side_effect_type = "delete"
|
|
requires_confirmation = True
|
|
min_permission = "admin"
|
|
slow_operation = True
|
|
}
|
|
form_path = "provisioning/core/shlib/forms/infrastructure/server_delete_confirm.toml"
|
|
estimated_time = 60
|
|
}
|
|
|
|
_server_list: CommandMetadata = {
|
|
name = "server list"
|
|
domain = "infrastructure"
|
|
description = "List all servers"
|
|
aliases = ["server ls", "ls server", "s list"]
|
|
requirements = {
|
|
interactive = False
|
|
requires_auth = False
|
|
requires_workspace = True
|
|
side_effects = False
|
|
min_permission = "read"
|
|
slow_operation = True
|
|
}
|
|
estimated_time = 5
|
|
}
|
|
|
|
_taskserv_create: CommandMetadata = {
|
|
name = "taskserv create"
|
|
domain = "infrastructure"
|
|
description = "Install task service on servers"
|
|
aliases = ["taskserv c", "task create", "t create"]
|
|
requirements = {
|
|
interactive = False
|
|
requires_auth = False
|
|
requires_workspace = True
|
|
side_effects = True
|
|
side_effect_type = "create"
|
|
min_permission = "write"
|
|
slow_operation = True
|
|
}
|
|
estimated_time = 180
|
|
}
|
|
|
|
_taskserv_delete: CommandMetadata = {
|
|
name = "taskserv delete"
|
|
domain = "infrastructure"
|
|
description = "Remove task service from servers"
|
|
aliases = ["taskserv d", "task delete", "t delete"]
|
|
requirements = {
|
|
interactive = True
|
|
requires_auth = True
|
|
auth_type = "jwt"
|
|
requires_workspace = True
|
|
side_effects = True
|
|
side_effect_type = "delete"
|
|
requires_confirmation = True
|
|
min_permission = "admin"
|
|
slow_operation = True
|
|
}
|
|
form_path = "provisioning/core/shlib/forms/infrastructure/taskserv_delete_confirm.toml"
|
|
estimated_time = 60
|
|
}
|
|
|
|
_cluster_create: CommandMetadata = {
|
|
name = "cluster create"
|
|
domain = "infrastructure"
|
|
description = "Create new cluster"
|
|
aliases = ["cluster c", "create cluster", "cl create"]
|
|
requirements = {
|
|
interactive = False
|
|
requires_auth = False
|
|
requires_workspace = True
|
|
side_effects = True
|
|
side_effect_type = "create"
|
|
min_permission = "write"
|
|
slow_operation = True
|
|
}
|
|
estimated_time = 300
|
|
}
|
|
|
|
# ============================================================================
|
|
# COMMAND DEFINITIONS - WORKSPACE
|
|
# ============================================================================
|
|
_workspace_init: CommandMetadata = {
|
|
name = "workspace init"
|
|
domain = "workspace"
|
|
description = "Initialize new workspace interactively"
|
|
aliases = ["workspace create", "ws init", "ws create"]
|
|
requirements = {
|
|
interactive = True
|
|
requires_auth = False
|
|
requires_workspace = False
|
|
side_effects = True
|
|
side_effect_type = "create"
|
|
min_permission = "write"
|
|
}
|
|
form_path = "provisioning/core/forminquire/templates/workspace-init.form.j2"
|
|
estimated_time = 30
|
|
}
|
|
|
|
_workspace_list: CommandMetadata = {
|
|
name = "workspace list"
|
|
domain = "workspace"
|
|
description = "List all registered workspaces"
|
|
aliases = ["workspace ls", "ws list", "ws ls"]
|
|
requirements = {
|
|
interactive = False
|
|
requires_auth = False
|
|
requires_workspace = False
|
|
side_effects = False
|
|
min_permission = "read"
|
|
}
|
|
estimated_time = 1
|
|
}
|
|
|
|
_workspace_switch: CommandMetadata = {
|
|
name = "workspace switch"
|
|
domain = "workspace"
|
|
description = "Switch active workspace"
|
|
aliases = ["workspace activate", "ws switch", "ws activate"]
|
|
requirements = {
|
|
interactive = False
|
|
requires_auth = False
|
|
requires_workspace = False
|
|
side_effects = False
|
|
min_permission = "read"
|
|
}
|
|
estimated_time = 2
|
|
}
|
|
|
|
# ============================================================================
|
|
# COMMAND DEFINITIONS - AUTHENTICATION
|
|
# ============================================================================
|
|
_auth_login: CommandMetadata = {
|
|
name = "auth login"
|
|
domain = "authentication"
|
|
description = "Authenticate user with JWT"
|
|
aliases = ["login"]
|
|
requirements = {
|
|
interactive = True
|
|
requires_auth = False
|
|
requires_workspace = False
|
|
side_effects = True
|
|
side_effect_type = "create"
|
|
min_permission = "read"
|
|
}
|
|
form_path = "provisioning/core/shlib/forms/authentication/auth_login.toml"
|
|
estimated_time = 2
|
|
}
|
|
|
|
_mfa_enroll: CommandMetadata = {
|
|
name = "mfa enroll"
|
|
domain = "authentication"
|
|
description = "Enroll in multi-factor authentication"
|
|
aliases = ["mfa-enroll", "mfa setup"]
|
|
requirements = {
|
|
interactive = True
|
|
requires_auth = True
|
|
auth_type = "jwt"
|
|
requires_workspace = False
|
|
side_effects = True
|
|
side_effect_type = "create"
|
|
min_permission = "write"
|
|
}
|
|
form_path = "provisioning/core/shlib/forms/authentication/mfa_enroll.toml"
|
|
estimated_time = 30
|
|
}
|
|
|
|
# ============================================================================
|
|
# COMMAND DEFINITIONS - CONFIGURATION/SETUP
|
|
# ============================================================================
|
|
_setup_wizard: CommandMetadata = {
|
|
name = "setup"
|
|
domain = "configuration"
|
|
description = "Interactive system setup wizard"
|
|
aliases = ["setup wizard", "st"]
|
|
requirements = {
|
|
interactive = True
|
|
requires_auth = False
|
|
requires_workspace = False
|
|
side_effects = True
|
|
side_effect_type = "create"
|
|
min_permission = "admin"
|
|
}
|
|
form_path = "provisioning/core/forminquire/templates/setup-wizard.form.j2"
|
|
estimated_time = 120
|
|
}
|
|
|
|
# ============================================================================
|
|
# COMMAND DEFINITIONS - READ-ONLY/UTILITIES
|
|
# ============================================================================
|
|
_help_command: CommandMetadata = {
|
|
name = "help"
|
|
domain = "utilities"
|
|
description = "Show help information"
|
|
aliases = ["h", "-h", "--help"]
|
|
requirements = {
|
|
requires_workspace = False
|
|
min_permission = "read"
|
|
}
|
|
estimated_time = 1
|
|
}
|
|
|
|
_version_command: CommandMetadata = {
|
|
name = "version"
|
|
domain = "utilities"
|
|
description = "Show version information"
|
|
aliases = ["v", "-v", "--version"]
|
|
requirements = {
|
|
requires_workspace = False
|
|
min_permission = "read"
|
|
}
|
|
estimated_time = 1
|
|
}
|
|
|
|
# ============================================================================
|
|
# COMMAND REGISTRY INSTANCE
|
|
# ============================================================================
|
|
_command_registry: CommandRegistry = {
|
|
version = "1.0.0"
|
|
commands = {
|
|
# Infrastructure
|
|
"server create": _server_create
|
|
"server delete": _server_delete
|
|
"server list": _server_list
|
|
"taskserv create": _taskserv_create
|
|
"taskserv delete": _taskserv_delete
|
|
"cluster create": _cluster_create
|
|
# Workspace
|
|
"workspace init": _workspace_init
|
|
"workspace list": _workspace_list
|
|
"workspace switch": _workspace_switch
|
|
# Authentication
|
|
"auth login": _auth_login
|
|
"mfa enroll": _mfa_enroll
|
|
# Setup
|
|
"setup": _setup_wizard
|
|
# Utilities
|
|
"help": _help_command
|
|
"version": _version_command
|
|
}
|
|
}
|
|
_command_registry
|