chore: lint update

.typedialog/README.md

@@ -5,12 +5,13 @@ TypeDialog enables interactive form-based configuration from Nickel schemas.
 ## Status
 
 - **TypeDialog Binary**: Not yet installed (planned: `typedialog` command)
-- **Alternative**: FormInquire (Jinja2 templates + interactive forms) - **ACTIVE**
-- **Plan**: Full TypeDialog migration when available
+- **TypeDialog Forms**: Created and ready (setup wizard, auth login, MFA enrollment)
+- **Bash Wrappers**: Implemented to handle TTY input properly
+- **ForminQuire**: DEPRECATED - Archived to `.coder/archive/forminquire/`
 
 ## Directory Structure
 
-```
+```plaintext
 .typedialog/
 └── provisioning/platform/
     ├── README.md                    # This file
@@ -24,7 +25,7 @@ TypeDialog enables interactive form-based configuration from Nickel schemas.
     │   └── platform/schemas/ → ../../../schemas/platform/schemas/
     └── constraints/                 # Validation constraints
         └── constraints.toml         # Shared validation rules
-```
+```text
 
 ## How TypeDialog Would Work
 
@@ -34,7 +35,7 @@ TypeDialog enables interactive form-based configuration from Nickel schemas.
 # Auto-generate form from Nickel schema
 typedialog generate-form --schema orchestrator.ncl \
   --output forms/orchestrator.form.toml
-```
+```text
 
 ### 2. Interactive Configuration
 
@@ -42,7 +43,7 @@ typedialog generate-form --schema orchestrator.ncl \
 # Run interactive form
 typedialog run-form --form forms/orchestrator.form.toml \
   --output orchestrator-configured.ncl
-```
+```text
 
 ### 3. Validation
 
@@ -50,28 +51,38 @@ typedialog run-form --form forms/orchestrator.form.toml \
 # Validate user input against schema
 typedialog validate --form forms/orchestrator.form.toml \
   --data user-config.ncl
-```
+```text
 
-## Current Alternative: FormInquire
+## Current Status: TypeDialog Forms Ready
 
-While TypeDialog is not yet available, FormInquire provides form-based configuration:
+TypeDialog forms have been created and are ready to use:
 
-**Location**: `provisioning/core/forminquire/`
+**Form Locations**:
+- Setup wizard: `provisioning/.typedialog/core/forms/setup-wizard.toml`
+- Auth login: `provisioning/.typedialog/core/forms/auth-login.toml`
+- MFA enrollment: `provisioning/.typedialog/core/forms/mfa-enroll.toml`
 
-**How it works**:
-1. Define form in Jinja2 template (`.form.j2`)
-2. Use `nu_plugin_tera` to render templates
-3. Collect user input via FormInquire CLI
-4. Process results with Nushell scripts
+**Bash Wrappers** (TTY-safe, handle input properly):
+- `provisioning/core/shlib/setup-wizard-tty.sh`
+- `provisioning/core/shlib/auth-login-tty.sh`
+- `provisioning/core/shlib/mfa-enroll-tty.sh`
+
+**Usage Pattern**:
+1. Bash wrapper calls TypeDialog (handles TTY input)
+2. TypeDialog generates Nickel config file
+3. Nushell scripts read the generated config (no input issues)
 
 **Example**:
-```nushell
-# Load Jinja2 template and show form
-let form_data = forminquire load provisioning/core/forminquire/templates/orchestrator.form.j2
 
-# Process user input
-let config = process_form_input $form_data
-```
+```bash
+# Run TypeDialog setup wizard
+./provisioning/core/shlib/setup-wizard-tty.sh
+
+# Nushell reads the generated config
+let config = (open provisioning/.typedialog/core/generated/setup-wizard-result.json | from json)
+```text
+
+**Note**: ForminQuire (Jinja2-based forms) has been archived to `provisioning/.coder/archive/forminquire/` and is no longer in use.
 
 ## Integration Plan (When TypeDialog Available)
 
@@ -80,7 +91,7 @@ let config = process_form_input $form_data
 ```bash
 cargo install --path /Users/Akasha/Development/typedialog
 typedialog --version
-```
+```text
 
 ### Step 2: Generate Forms from Schemas
 
@@ -92,7 +103,7 @@ for schema in provisioning/schemas/platform/schemas/*.ncl; do
     --schema $schema \
     --output provisioning/platform/.typedialog/forms/${service}.form.toml
 done
-```
+```text
 
 ### Step 3: Create Setup Wizard
 
@@ -102,7 +113,7 @@ provisioning setup-platform \
   --mode solo|multiuser|enterprise \
   --provider docker|kubernetes \
   --interactive  # Uses TypeDialog forms
-```
+```text
 
 ### Step 4: Update Platform Setup Script
 
@@ -110,19 +121,18 @@ provisioning setup-platform \
 # provisioning/platform/scripts/setup-platform-config.sh
 
 if command -v typedialog &> /dev/null; then
-  # TypeDialog is installed
-  typedialog run-form \
-    --form .typedialog/forms/orchestrator.form.toml \
-    --output config/runtime/orchestrator.ncl
+  # TypeDialog is installed - use bash wrapper for proper TTY handling
+  ./provisioning/core/shlib/setup-wizard-tty.sh
 
-  # Export to TOML
-  nickel export --format toml config/runtime/orchestrator.ncl \
-    > config/runtime/generated/orchestrator.solo.toml
+  # Read generated JSON config
+  # Nushell scripts can now read the config without input issues
 else
-  # Fallback to FormInquire
-  forminquire setup-wizard
+  # Fallback to basic prompts
+  echo "TypeDialog not available. Using basic interactive prompts..."
+  # Nushell wizard with basic input prompts
+  nu -c "use provisioning/core/nulib/lib_provisioning/setup/wizard.nu *; run-setup-wizard"
 fi
-```
+```text
 
 ## Form Definition Example
 
@@ -164,7 +174,7 @@ label = "Logging Level"
 options = ["debug", "info", "warning", "error"]
 default = "info"
 required = false
-```
+```text
 
 ## Validation Constraints
 
@@ -184,11 +194,11 @@ replicas = "range(1, 10)"
 [nginx]
 worker_processes = "range(1, 32)"
 worker_connections = "range(1, 65536)"
-```
+```text
 
 ## Workflow: Setup to Deployment
 
-```
+```plaintext
 1. User runs setup command
    ↓
 2. TypeDialog displays form
@@ -202,7 +212,7 @@ worker_connections = "range(1, 65536)"
 6. Service reads TOML config
    ↓
 7. Service starts with configured values
-```
+```text
 
 ## Benefits of TypeDialog Integration
 
@@ -211,7 +221,8 @@ worker_connections = "range(1, 65536)"
 - ✅ **Progressive disclosure** - Show advanced options only when needed
 - ✅ **Consistent UX** - Same forms across platforms (CLI, Web, TUI)
 - ✅ **Auto-generated** - Forms stay in sync with schemas automatically
-- ✅ **Fallback support** - FormInquire as alternative if TypeDialog unavailable
+- ✅ **TTY handling** - Bash wrappers solve Nushell input stack issues
+- ✅ **Graceful fallback** - Falls back to basic prompts if TypeDialog unavailable
 
 ## Testing TypeDialog Forms
 
@@ -228,27 +239,36 @@ typedialog run-form \
 typedialog generate-sample \
   --form provisioning/platform/.typedialog/forms/orchestrator.form.toml \
   --output /tmp/orchestrator-sample.ncl
-```
+```text
 
 ## Migration Path
 
-### Phase A: Current (FormInquire)
+### Phase A: Legacy (DEPRECATED)
 
-```
+```plaintext
 FormInquire (Jinja2) → Nushell processing → TOML config
-```
+Status: ARCHIVED to .coder/archive/forminquire/
+```text
 
-### Phase B: TypeDialog Available
+### Phase B: Current Implementation
 
-```
-TypeDialog (Schema-driven) → Nickel config → TOML export
-```
+```plaintext
+Bash wrapper → TypeDialog (TTY input) → Nickel config → JSON export → Nushell reads JSON
+Status: IMPLEMENTED with forms ready
+```text
 
-### Phase C: Unified (Future)
+### Phase C: TypeDialog Binary Available (Future)
 
-```
+```plaintext
+TypeDialog binary installed → Full nickel-roundtrip workflow → Auto-sync with schemas
+Status: PLANNED - awaiting TypeDialog binary release
+```text
+
+### Phase D: Unified (Future)
+
+```plaintext
 ConfigLoader discovers config → Service reads → TypeDialog updates UI
-```
+```text
 
 ## Integration with Infrastructure Schemas
 
@@ -271,21 +291,21 @@ TypeDialog forms work seamlessly with infrastructure schemas:
 - Tools: docker-compose config, kubectl apply --dry-run, nginx -t, promtool check
 - Examples: `examples-solo-deployment.ncl`, `examples-enterprise-deployment.ncl`
 
-**4. Interactive Setup with Forms** (ready for TypeDialog)
+**4. Interactive Setup with Forms** (TypeDialog ready)
 - Script: `provisioning/platform/scripts/setup-with-forms.sh`
-- Auto-detects TypeDialog, falls back to FormInquire
-- Supports batch or single-service configuration
-- Auto-generates forms from schemas (when TypeDialog available)
+- Bash wrappers: `provisioning/core/shlib/*-tty.sh` (handle TTY input)
+- Forms ready: setup-wizard, auth-login, mfa-enroll
+- Fallback: Basic Nushell prompts if TypeDialog unavailable
 
 ### Current Status: Full Infrastructure Support
 
 | Component | Status | Details |
-|-----------|--------|---------|
+| ----------- | -------- | --------- |
 | **Schemas** | ✅ Complete | 6 infrastructure schemas (1,577 lines) |
 | **Examples** | ✅ Complete | 2 deployment examples (solo, enterprise) |
 | **Generation Script** | ✅ Complete | Auto-generates configs for all modes |
 | **Validation Script** | ✅ Complete | Validates Docker, K8s, Nginx, Prometheus |
-| **Setup Wizard** | ✅ Complete | Interactive config + FormInquire active |
+| **Setup Wizard** | ✅ Complete | TypeDialog forms + bash wrappers ready |
 | **TypeDialog Integration** | ⏳ Pending | Structure ready, awaiting binary |
 
 ### Validated Examples
@@ -321,7 +341,7 @@ jq '.docker_compose_services | keys' /tmp/solo.json
 # Compare resource allocation (solo vs enterprise)
 jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/solo.json
 jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/enterprise.json
-```
+```text
 
 ## Next Steps
 
@@ -330,11 +350,11 @@ jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/enterpri
    - Validate with format-specific tools
    - Use interactive setup wizard for configuration
 
-2. **When TypeDialog becomes available**:
+2. **When TypeDialog binary becomes available**:
    - Install TypeDialog binary
-   - Run form generation script from infrastructure schemas
-   - Update setup script to use TypeDialog exclusively
-   - Deprecate FormInquire (keep as fallback)
+   - Forms already created and ready to use
+   - Bash wrappers handle TTY input (no Nushell stack issues)
+   - Full nickel-roundtrip workflow will be enabled
 
 3. **Production Deployment**:
    - Use validated infrastructure configs
@@ -343,8 +363,9 @@ jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/enterpri
 
 ---
 
-**Version**: 1.1.0 (Infrastructure Integration Added)
-**Status**: Ready for Infrastructure Generation; Awaiting TypeDialog Binary
-**Last Updated**: 2025-01-06
-**Current Alternatives**: FormInquire (active), automation scripts (complete)
+**Version**: 1.2.0 (TypeDialog Forms + Bash Wrappers)
+**Status**: TypeDialog forms ready with bash wrappers; Awaiting TypeDialog Binary
+**Last Updated**: 2025-01-09
+**ForminQuire Status**: DEPRECATED - Archived to .coder/archive/forminquire/
+**Fallback**: Basic Nushell prompts if TypeDialog unavailable
 **Tested**: Infrastructure examples (solo + enterprise) validated

.typedialog/provisioning/platform/constraints/constraints.toml

@@ -2,27 +2,27 @@
 # Defines validation rules for form fields generated from Nickel schemas
 
 [orchestrator]
-port = "range(1, 65535)"
+cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"
 db_pool_size = "range(1, 100)"
 log_level = ["debug", "info", "warning", "error"]
-mode = ["solo", "multiuser", "enterprise", "cicd"]
-cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"
 memory = "pattern(^[0-9]+[MG]B$)"
+mode = ["solo", "multiuser", "enterprise", "cicd"]
+port = "range(1, 65535)"
 replicas = "range(1, 10)"
 
 [control-center]
+log_level = ["debug", "info", "warning", "error"]
 port = "range(1, 65535)"
 replicas = "range(1, 10)"
-log_level = ["debug", "info", "warning", "error"]
 
 [vault-service]
-port = "range(1, 65535)"
 cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"
 memory = "pattern(^[0-9]+[MG]B$)"
+port = "range(1, 65535)"
 
 [rag]
-port = "range(1, 65535)"
 max_concurrent_requests = "range(1, 100)"
+port = "range(1, 65535)"
 timeout_seconds = "range(1, 3600)"
 
 [extension-registry]
@@ -30,32 +30,32 @@ port = "range(1, 65535)"
 storage_path = "pattern(^/[a-zA-Z0-9/_-]+$)"
 
 [mcp-server]
-port = "range(1, 65535)"
 max_connections = "range(1, 1000)"
+port = "range(1, 65535)"
 
 [provisioning-daemon]
-port = "range(1, 65535)"
 max_workers = "range(1, 100)"
+port = "range(1, 65535)"
 
 [ai-service]
-port = "range(1, 65535)"
-model_timeout_seconds = "range(1, 3600)"
 max_retries = "range(0, 10)"
+model_timeout_seconds = "range(1, 3600)"
+port = "range(1, 65535)"
 
 [nginx]
-worker_processes = "range(1, 32)"
-worker_connections = "range(1, 65536)"
 client_max_body_size = "pattern(^[0-9]+[MG]B$)"
+worker_connections = "range(1, 65536)"
+worker_processes = "range(1, 32)"
 
 [prometheus]
-scrape_interval = "pattern(^[0-9]+[smh]$)"
 evaluation_interval = "pattern(^[0-9]+[smh]$)"
 retention = "pattern(^[0-9]+[dhw]$)"
+scrape_interval = "pattern(^[0-9]+[smh]$)"
 
 [kubernetes]
-replicas = "range(1, 100)"
 cpu = "pattern(^[0-9]+m$|^[0-9]+(\\.[0-9]+)?$)"
 memory = "pattern(^[0-9]+Mi$|^[0-9]+Gi$)"
+replicas = "range(1, 100)"
 
 [docker-compose]
 cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"

Cargo.toml

@@ -1,267 +1,273 @@
 
 [workspace]
-resolver = "2"
 members = [
-    "crates/platform-config",
-    "crates/service-clients",
-    "crates/ai-service",
-    "crates/extension-registry",
-    "crates/orchestrator",
-    "crates/control-center",
-    "crates/control-center-ui",
-    "crates/vault-service",
-    "crates/rag",
-    "crates/detector",
-    "crates/mcp-server",
-    "crates/provisioning-daemon",
+  "crates/platform-config",
+  "crates/service-clients",
+  "crates/ai-service",
+  "crates/extension-registry",
+  "crates/orchestrator",
+  "crates/control-center",
+  "crates/control-center-ui",
+  "crates/vault-service",
+  "crates/rag",
+  "crates/detector",
+  "crates/mcp-server",
+  "crates/provisioning-daemon",
 ]
+resolver = "2"
 
-[workspace.package]
-version = "0.1.0"
-edition = "2021"
-authors = ["Jesus Perez <jesus@librecloud.online>"]
-license = "MIT"
-repository = "https://github.com/jesusperezlorenzo/provisioning"
+  [workspace.package]
+  authors = ["Jesus Perez <jesus@librecloud.online>"]
+  edition = "2021"
+  license = "MIT"
+  repository = "https://github.com/jesusperezlorenzo/provisioning"
+  version = "0.1.0"
 
-[workspace.dependencies]
-# ============================================================================
-# SHARED ASYNC RUNTIME AND CORE LIBRARIES
-# ============================================================================
-tokio = { version = "1.49", features = ["full"] }
-tokio-util = "0.7"
-futures = "0.3"
-async-trait = "0.1"
+  [workspace.dependencies]
+  # ============================================================================
+  # SHARED ASYNC RUNTIME AND CORE LIBRARIES
+  # ============================================================================
+  async-trait = "0.1"
+  futures = "0.3"
+  tokio = { version = "1.49", features = ["full"] }
+  tokio-util = "0.7"
 
-# ============================================================================
-# SERIALIZATION AND DATA HANDLING
-# ============================================================================
-serde = { version = "1.0", features = ["derive"] }
-serde_json = "1.0"
-toml = "0.9"
-uuid = { version = "1.19", features = ["v4", "serde"] }
-chrono = { version = "0.4", features = ["serde"] }
+  # ============================================================================
+  # SERIALIZATION AND DATA HANDLING
+  # ============================================================================
+  chrono = { version = "0.4", features = ["serde"] }
+  serde = { version = "1.0", features = ["derive"] }
+  serde_json = "1.0"
+  toml = "0.9"
+  uuid = { version = "1.19", features = ["v4", "serde"] }
 
-# ============================================================================
-# ERROR HANDLING
-# ============================================================================
-anyhow = "1.0"
-thiserror = "2.0"
+  # ============================================================================
+  # ERROR HANDLING
+  # ============================================================================
+  anyhow = "1.0"
+  thiserror = "2.0"
 
-# ============================================================================
-# LOGGING AND TRACING
-# ============================================================================
-log = "0.4"
-tracing = "0.1"
-tracing-subscriber = { version = "0.3", features = ["env-filter"] }
-tracing-appender = "0.2"
+  # ============================================================================
+  # LOGGING AND TRACING
+  # ============================================================================
+  log = "0.4"
+  tracing = "0.1"
+  tracing-appender = "0.2"
+  tracing-subscriber = { version = "0.3", features = ["env-filter"] }
 
-# ============================================================================
-# WEB SERVER AND NETWORKING
-# ============================================================================
-axum = { version = "0.8", features = ["ws", "macros"] }
-tower = { version = "0.5", features = ["full"] }
-tower-http = { version = "0.6", features = ["cors", "trace", "fs", "compression-gzip", "timeout"] }
-hyper = "1.8"
-reqwest = { version = "0.13", features = ["json", "rustls"], default-features = false }
+  # ============================================================================
+  # WEB SERVER AND NETWORKING
+  # ============================================================================
+  axum = { version = "0.8", features = ["ws", "macros"] }
+  hyper = "1.8"
+  reqwest = { version = "0.13", features = ["json", "rustls"], default-features = false }
+  tower = { version = "0.5", features = ["full"] }
+  tower-http = { version = "0.6", features = [
+    "cors",
+    "trace",
+    "fs",
+    "compression-gzip",
+    "timeout",
+  ] }
 
-# ============================================================================
-# CLI AND CONFIGURATION
-# ============================================================================
-clap = { version = "4.5", features = ["derive", "env"] }
-config = "0.15"
+  # ============================================================================
+  # CLI AND CONFIGURATION
+  # ============================================================================
+  clap = { version = "4.5", features = ["derive", "env"] }
+  config = "0.15"
 
-# ============================================================================
-# DATABASE AND STORAGE
-# ============================================================================
-surrealdb = { version = "2.4", features = ["kv-mem", "protocol-ws", "protocol-http"] }
-sqlx = { version = "0.8", features = ["runtime-tokio-rustls", "sqlite", "chrono", "uuid"] }
+  # ============================================================================
+  # DATABASE AND STORAGE
+  # ============================================================================
+  sqlx = { version = "0.8", features = ["runtime-tokio-rustls", "sqlite", "chrono", "uuid"] }
+  surrealdb = { version = "2.4", features = ["kv-mem", "protocol-ws", "protocol-http"] }
 
-# ============================================================================
-# SECURITY AND CRYPTOGRAPHY
-# ============================================================================
-ring = "0.17"
-jsonwebtoken = { version = "10.2", features = ["rust_crypto"] }
-argon2 = "0.5"
-base64 = "0.22"
-rand = { version = "0.9", features = ["std_rng", "os_rng"] }
-aes-gcm = "0.10"
-sha2 = "0.10"
-hmac = "0.12"
+  # ============================================================================
+  # SECURITY AND CRYPTOGRAPHY
+  # ============================================================================
+  aes-gcm = "0.10"
+  argon2 = "0.5"
+  base64 = "0.22"
+  hmac = "0.12"
+  jsonwebtoken = { version = "10.2", features = ["rust_crypto"] }
+  rand = { version = "0.9", features = ["std_rng", "os_rng"] }
+  ring = "0.17"
+  sha2 = "0.10"
 
-# AWS SDK for KMS
-aws-sdk-kms = "1"
-aws-config = "1"
-aws-credential-types = "1"
+  # AWS SDK for KMS
+  aws-config = "1"
+  aws-credential-types = "1"
+  aws-sdk-kms = "1"
 
-# ============================================================================
-# VALIDATION AND REGEX
-# ============================================================================
-validator = { version = "0.20", features = ["derive"] }
-regex = "1.12"
+  # ============================================================================
+  # VALIDATION AND REGEX
+  # ============================================================================
+  regex = "1.12"
+  validator = { version = "0.20", features = ["derive"] }
 
-# ============================================================================
-# GRAPH ALGORITHMS AND UTILITIES
-# ============================================================================
-petgraph = "0.8"
+  # ============================================================================
+  # GRAPH ALGORITHMS AND UTILITIES
+  # ============================================================================
+  petgraph = "0.8"
 
-# ============================================================================
-# ADDITIONAL SHARED DEPENDENCIES
-# ============================================================================
+  # ============================================================================
+  # ADDITIONAL SHARED DEPENDENCIES
+  # ============================================================================
 
-# System utilities
-dirs = "6.0"
+  # System utilities
+  dirs = "6.0"
 
-# Filesystem operations
-walkdir = "2.5"
-notify = "8.2"
+  # Filesystem operations
+  notify = "8.2"
+  walkdir = "2.5"
 
-# Statistics and templates
-statistics = "0.4"
-tera = "1.20"
+  # Statistics and templates
+  statistics = "0.4"
+  tera = "1.20"
 
-# Additional cryptography
-hkdf = "0.12"
-rsa = "0.9.9"
-zeroize = { version = "1.8", features = ["derive"] }
+  # Additional cryptography
+  hkdf = "0.12"
+  rsa = "0.9.9"
+  zeroize = { version = "1.8", features = ["derive"] }
 
-# Additional security
-constant_time_eq = "0.4"
-subtle = "2.6"
+  # Additional security
+  constant_time_eq = "0.4"
+  subtle = "2.6"
 
-# Caching and storage
-redis = { version = "1.0", features = ["tokio-comp", "connection-manager"] }
+  # Caching and storage
+  redis = { version = "1.0", features = ["tokio-comp", "connection-manager"] }
 
-# Tower services
-tower-service = "0.3"
-tower_governor = "0.8"
+  # Tower services
+  tower-service = "0.3"
+  tower_governor = "0.8"
 
-# Scheduling
-cron = "0.15"
-tokio-cron-scheduler = "0.15"
+  # Scheduling
+  cron = "0.15"
+  tokio-cron-scheduler = "0.15"
 
-# Policy engine
-cedar-policy = "4.8"
+  # Policy engine
+  cedar-policy = "4.8"
 
-# URL handling
-url = "2.5"
+  # URL handling
+  url = "2.5"
 
-# Icons and UI
-icondata = "0.7"
-leptos_icons = "0.7"
+  # Icons and UI
+  icondata = "0.7"
+  leptos_icons = "0.7"
 
-# Image processing
-image = { version = "0.25", default-features = false, features = ["png"] }
-qrcode = "0.14"
+  # Image processing
+  image = { version = "0.25", default-features = false, features = ["png"] }
+  qrcode = "0.14"
 
-# Authentication
-totp-rs = { version = "5.7", features = ["qr"] }
-webauthn-rs = "0.5"
-webauthn-rs-proto = "0.5"
-hex = "0.4"
-lazy_static = "1.5"
+  # Authentication
+  hex = "0.4"
+  lazy_static = "1.5"
+  totp-rs = { version = "5.7", features = ["qr"] }
+  webauthn-rs = "0.5"
+  webauthn-rs-proto = "0.5"
 
-# Additional serialization
-serde-wasm-bindgen = "0.6"
+  # Additional serialization
+  serde-wasm-bindgen = "0.6"
 
-# Gloo utilities (for WASM)
-gloo-net = { version = "0.6", features = ["http", "websocket"] }
-gloo-storage = "0.3"
-gloo-utils = { version = "0.2", features = ["serde"] }
-gloo-timers = "0.3"
+  # Gloo utilities (for WASM)
+  gloo-net = { version = "0.6", features = ["http", "websocket"] }
+  gloo-storage = "0.3"
+  gloo-timers = "0.3"
+  gloo-utils = { version = "0.2", features = ["serde"] }
 
-# Plotting and canvas
-plotters = "0.3"
-plotters-canvas = "0.3"
+  # Plotting and canvas
+  plotters = "0.3"
+  plotters-canvas = "0.3"
 
-# WASM utilities
-wasm-bindgen-futures = "0.4"
-js-sys = "0.3"
-tracing-wasm = "0.2"
-console_error_panic_hook = "0.1"
+  # WASM utilities
+  console_error_panic_hook = "0.1"
+  js-sys = "0.3"
+  tracing-wasm = "0.2"
+  wasm-bindgen-futures = "0.4"
 
-# Random number generation
-getrandom = { version = "0.3" }
+  # Random number generation
+  getrandom = { version = "0.3" }
 
-# ============================================================================
-# TUI (Terminal User Interface)
-# ============================================================================
-ratatui = { version = "0.30", features = ["all-widgets", "serde"] }
-crossterm = "0.29"
+  # ============================================================================
+  # TUI (Terminal User Interface)
+  # ============================================================================
+  crossterm = "0.29"
+  ratatui = { version = "0.30", features = ["all-widgets", "serde"] }
 
-# ============================================================================
-# WASM AND FRONTEND DEPENDENCIES (for control-center-ui)
-# ============================================================================
-wasm-bindgen = "0.2"
-leptos = { version = "0.8", features = ["csr"] }
-leptos_meta = { version = "0.8", features = ["default"] }
-leptos_router = { version = "0.8" }
+  # ============================================================================
+  # WASM AND FRONTEND DEPENDENCIES (for control-center-ui)
+  # ============================================================================
+  leptos = { version = "0.8", features = ["csr"] }
+  leptos_meta = { version = "0.8", features = ["default"] }
+  leptos_router = { version = "0.8" }
+  wasm-bindgen = "0.2"
 
-# ============================================================================
-# DEVELOPMENT AND TESTING DEPENDENCIES
-# ============================================================================
-tokio-test = "0.4"
-tempfile = "3.24"
-criterion = { version = "0.8", features = ["html_reports"] }
-assert_matches = "1.5"
-mockito = "1"
+  # ============================================================================
+  # DEVELOPMENT AND TESTING DEPENDENCIES
+  # ============================================================================
+  assert_matches = "1.5"
+  criterion = { version = "0.8", features = ["html_reports"] }
+  mockito = "1"
+  tempfile = "3.24"
+  tokio-test = "0.4"
 
-# Additional caching and binary discovery
-lru = "0.16"
-which = "8"
-parking_lot = "0.12"
-yaml-rust = "0.4"
+  # Additional caching and binary discovery
+  lru = "0.16"
+  parking_lot = "0.12"
+  which = "8"
+  yaml-rust = "0.4"
 
-# ============================================================================
-# RAG FRAMEWORK DEPENDENCIES (Rig)
-# ============================================================================
-rig-core = "0.27"
-rig-surrealdb = "0.1"
-tokenizers = "0.22"
+  # ============================================================================
+  # RAG FRAMEWORK DEPENDENCIES (Rig)
+  # ============================================================================
+  rig-core = "0.27"
+  rig-surrealdb = "0.1"
+  tokenizers = "0.22"
 
-# ============================================================================
-# PROV-ECOSYSTEM DAEMON (replaces cli-daemon)
-# ============================================================================
-daemon-cli = { path = "../../submodules/prov-ecosystem/crates/daemon-cli" }
+  # ============================================================================
+  # PROV-ECOSYSTEM DAEMON (replaces cli-daemon)
+  # ============================================================================
+  daemon-cli = { path = "../../submodules/prov-ecosystem/crates/daemon-cli" }
 
-# ============================================================================
-# SECRETUMVAULT (Enterprise Secrets Management)
-# ============================================================================
-secretumvault = { path = "../../submodules/secretumvault" }
+  # ============================================================================
+  # SECRETUMVAULT (Enterprise Secrets Management)
+  # ============================================================================
+  secretumvault = { path = "../../submodules/secretumvault" }
 
-# ============================================================================
-# BYTES MANIPULATION
-# ============================================================================
-bytes = "1.5"
+  # ============================================================================
+  # BYTES MANIPULATION
+  # ============================================================================
+  bytes = "1.5"
 
-[workspace.metadata]
-description = "Provisioning Platform - Rust workspace for cloud infrastructure automation tools"
+  [workspace.metadata]
+  description = "Provisioning Platform - Rust workspace for cloud infrastructure automation tools"
 
 # Profile configurations shared across all workspace members
 [profile.dev]
-opt-level = 0
+codegen-units = 256
 debug = true
 debug-assertions = true
-overflow-checks = true
-lto = false
-panic = 'unwind'
 incremental = true
-codegen-units = 256
+lto = false
+opt-level = 0
+overflow-checks = true
+panic = 'unwind'
 
 [profile.release]
-opt-level = 3
-lto = true
 codegen-units = 1
+lto = true
+opt-level = 3
 panic = "abort"
 strip = "debuginfo"
 
 # Fast release profile for development
 [profile.dev-release]
-inherits = "release"
-opt-level = 2
-lto = "thin"
 debug = true
+inherits = "release"
+lto = "thin"
+opt-level = 2
 
 # Profile for benchmarks
 [profile.bench]
-inherits = "release"
 debug = true
+inherits = "release"

config/runtime/generated/control-center.cicd.toml

@@ -2,21 +2,21 @@
 enabled = false
 redact_sensitive = true
 
-[control_center.audit.storage]
-immutable = false
-retention_days = 90
+  [control_center.audit.storage]
+  immutable = false
+  retention_days = 90
 
 [control_center.compliance]
 enabled = false
 encryption_required = false
 
-[control_center.compliance.data_retention]
-audit_log_days = 2555
-policy_years = 7
+  [control_center.compliance.data_retention]
+  audit_log_days = 2555
+  policy_years = 7
 
-[control_center.compliance.validation]
-enabled = false
-interval_hours = 24
+  [control_center.compliance.validation]
+  enabled = false
+  interval_hours = 24
 
 [control_center.database]
 backend = "rocksdb"
@@ -40,78 +40,78 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[control_center.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [control_center.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[control_center.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [control_center.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[control_center.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [control_center.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[control_center.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [control_center.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[control_center.logging.syslog]
-protocol = "udp"
+  [control_center.logging.syslog]
+  protocol = "udp"
 
 [control_center.monitoring]
 enabled = false
 
-[control_center.monitoring.alerting]
-enabled = false
+  [control_center.monitoring.alerting]
+  enabled = false
 
-[control_center.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [control_center.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[control_center.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [control_center.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[control_center.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [control_center.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[control_center.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [control_center.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [control_center.policy]
 enabled = true
 
-[control_center.policy.cache]
-enabled = true
-max_policies = 10000
-ttl = 3600
+  [control_center.policy.cache]
+  enabled = true
+  max_policies = 10000
+  ttl = 3600
 
-[control_center.policy.versioning]
-enabled = true
-max_versions = 20
+  [control_center.policy.versioning]
+  enabled = true
+  max_versions = 20
 
 [control_center.rbac]
 attribute_based = false
@@ -120,10 +120,10 @@ dynamic_roles = false
 enabled = true
 hierarchy = true
 
-[control_center.rbac.roles]
-admin = true
-operator = true
-viewer = true
+  [control_center.rbac.roles]
+  admin = true
+  operator = true
+  viewer = true
 
 [control_center.security.cors]
 allow_credentials = false
@@ -176,15 +176,15 @@ workers = 4
 audit_enabled = false
 enabled = true
 
-[control_center.users.registration]
-auto_assign_role = "user"
-enabled = true
-requires_approval = false
+  [control_center.users.registration]
+  auto_assign_role = "user"
+  enabled = true
+  requires_approval = false
 
-[control_center.users.sessions]
-absolute_timeout = 86400
-idle_timeout = 3600
-max_active = 5
+  [control_center.users.sessions]
+  absolute_timeout = 86400
+  idle_timeout = 3600
+  max_active = 5
 
 [control_center.workspace]
 enabled = true

config/runtime/generated/control-center.enterprise.toml

@@ -2,21 +2,21 @@
 enabled = false
 redact_sensitive = true
 
-[control_center.audit.storage]
-immutable = false
-retention_days = 90
+  [control_center.audit.storage]
+  immutable = false
+  retention_days = 90
 
 [control_center.compliance]
 enabled = false
 encryption_required = false
 
-[control_center.compliance.data_retention]
-audit_log_days = 2555
-policy_years = 7
+  [control_center.compliance.data_retention]
+  audit_log_days = 2555
+  policy_years = 7
 
-[control_center.compliance.validation]
-enabled = false
-interval_hours = 24
+  [control_center.compliance.validation]
+  enabled = false
+  interval_hours = 24
 
 [control_center.database]
 backend = "rocksdb"
@@ -40,78 +40,78 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[control_center.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [control_center.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[control_center.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [control_center.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[control_center.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [control_center.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[control_center.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [control_center.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[control_center.logging.syslog]
-protocol = "udp"
+  [control_center.logging.syslog]
+  protocol = "udp"
 
 [control_center.monitoring]
 enabled = false
 
-[control_center.monitoring.alerting]
-enabled = false
+  [control_center.monitoring.alerting]
+  enabled = false
 
-[control_center.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [control_center.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[control_center.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [control_center.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[control_center.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [control_center.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[control_center.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [control_center.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [control_center.policy]
 enabled = true
 
-[control_center.policy.cache]
-enabled = true
-max_policies = 10000
-ttl = 3600
+  [control_center.policy.cache]
+  enabled = true
+  max_policies = 10000
+  ttl = 3600
 
-[control_center.policy.versioning]
-enabled = true
-max_versions = 20
+  [control_center.policy.versioning]
+  enabled = true
+  max_versions = 20
 
 [control_center.rbac]
 attribute_based = false
@@ -120,10 +120,10 @@ dynamic_roles = false
 enabled = true
 hierarchy = true
 
-[control_center.rbac.roles]
-admin = true
-operator = true
-viewer = true
+  [control_center.rbac.roles]
+  admin = true
+  operator = true
+  viewer = true
 
 [control_center.security.cors]
 allow_credentials = false
@@ -176,15 +176,15 @@ workers = 4
 audit_enabled = false
 enabled = true
 
-[control_center.users.registration]
-auto_assign_role = "user"
-enabled = true
-requires_approval = false
+  [control_center.users.registration]
+  auto_assign_role = "user"
+  enabled = true
+  requires_approval = false
 
-[control_center.users.sessions]
-absolute_timeout = 86400
-idle_timeout = 3600
-max_active = 5
+  [control_center.users.sessions]
+  absolute_timeout = 86400
+  idle_timeout = 3600
+  max_active = 5
 
 [control_center.workspace]
 enabled = true

config/runtime/generated/control-center.multiuser.toml

@@ -2,21 +2,21 @@
 enabled = false
 redact_sensitive = true
 
-[control_center.audit.storage]
-immutable = false
-retention_days = 90
+  [control_center.audit.storage]
+  immutable = false
+  retention_days = 90
 
 [control_center.compliance]
 enabled = false
 encryption_required = false
 
-[control_center.compliance.data_retention]
-audit_log_days = 2555
-policy_years = 7
+  [control_center.compliance.data_retention]
+  audit_log_days = 2555
+  policy_years = 7
 
-[control_center.compliance.validation]
-enabled = false
-interval_hours = 24
+  [control_center.compliance.validation]
+  enabled = false
+  interval_hours = 24
 
 [control_center.database]
 backend = "rocksdb"
@@ -40,78 +40,78 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[control_center.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [control_center.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[control_center.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [control_center.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[control_center.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [control_center.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[control_center.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [control_center.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[control_center.logging.syslog]
-protocol = "udp"
+  [control_center.logging.syslog]
+  protocol = "udp"
 
 [control_center.monitoring]
 enabled = false
 
-[control_center.monitoring.alerting]
-enabled = false
+  [control_center.monitoring.alerting]
+  enabled = false
 
-[control_center.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [control_center.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[control_center.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [control_center.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[control_center.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [control_center.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[control_center.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [control_center.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [control_center.policy]
 enabled = true
 
-[control_center.policy.cache]
-enabled = true
-max_policies = 10000
-ttl = 3600
+  [control_center.policy.cache]
+  enabled = true
+  max_policies = 10000
+  ttl = 3600
 
-[control_center.policy.versioning]
-enabled = true
-max_versions = 20
+  [control_center.policy.versioning]
+  enabled = true
+  max_versions = 20
 
 [control_center.rbac]
 attribute_based = false
@@ -120,10 +120,10 @@ dynamic_roles = false
 enabled = true
 hierarchy = true
 
-[control_center.rbac.roles]
-admin = true
-operator = true
-viewer = true
+  [control_center.rbac.roles]
+  admin = true
+  operator = true
+  viewer = true
 
 [control_center.security.cors]
 allow_credentials = false
@@ -176,15 +176,15 @@ workers = 4
 audit_enabled = false
 enabled = true
 
-[control_center.users.registration]
-auto_assign_role = "user"
-enabled = true
-requires_approval = false
+  [control_center.users.registration]
+  auto_assign_role = "user"
+  enabled = true
+  requires_approval = false
 
-[control_center.users.sessions]
-absolute_timeout = 86400
-idle_timeout = 3600
-max_active = 5
+  [control_center.users.sessions]
+  absolute_timeout = 86400
+  idle_timeout = 3600
+  max_active = 5
 
 [control_center.workspace]
 enabled = true

config/runtime/generated/control-center.solo.toml

@@ -2,21 +2,21 @@
 enabled = false
 redact_sensitive = true
 
-[control_center.audit.storage]
-immutable = false
-retention_days = 90
+  [control_center.audit.storage]
+  immutable = false
+  retention_days = 90
 
 [control_center.compliance]
 enabled = false
 encryption_required = false
 
-[control_center.compliance.data_retention]
-audit_log_days = 2555
-policy_years = 7
+  [control_center.compliance.data_retention]
+  audit_log_days = 2555
+  policy_years = 7
 
-[control_center.compliance.validation]
-enabled = false
-interval_hours = 24
+  [control_center.compliance.validation]
+  enabled = false
+  interval_hours = 24
 
 [control_center.database]
 backend = "rocksdb"
@@ -40,78 +40,78 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[control_center.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [control_center.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[control_center.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [control_center.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[control_center.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [control_center.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[control_center.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [control_center.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[control_center.logging.syslog]
-protocol = "udp"
+  [control_center.logging.syslog]
+  protocol = "udp"
 
 [control_center.monitoring]
 enabled = false
 
-[control_center.monitoring.alerting]
-enabled = false
+  [control_center.monitoring.alerting]
+  enabled = false
 
-[control_center.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [control_center.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[control_center.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [control_center.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[control_center.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [control_center.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[control_center.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [control_center.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [control_center.policy]
 enabled = true
 
-[control_center.policy.cache]
-enabled = true
-max_policies = 10000
-ttl = 3600
+  [control_center.policy.cache]
+  enabled = true
+  max_policies = 10000
+  ttl = 3600
 
-[control_center.policy.versioning]
-enabled = true
-max_versions = 20
+  [control_center.policy.versioning]
+  enabled = true
+  max_versions = 20
 
 [control_center.rbac]
 attribute_based = false
@@ -120,10 +120,10 @@ dynamic_roles = false
 enabled = true
 hierarchy = true
 
-[control_center.rbac.roles]
-admin = true
-operator = true
-viewer = true
+  [control_center.rbac.roles]
+  admin = true
+  operator = true
+  viewer = true
 
 [control_center.security.cors]
 allow_credentials = false
@@ -176,15 +176,15 @@ workers = 4
 audit_enabled = false
 enabled = true
 
-[control_center.users.registration]
-auto_assign_role = "user"
-enabled = true
-requires_approval = false
+  [control_center.users.registration]
+  auto_assign_role = "user"
+  enabled = true
+  requires_approval = false
 
-[control_center.users.sessions]
-absolute_timeout = 86400
-idle_timeout = 3600
-max_active = 5
+  [control_center.users.sessions]
+  absolute_timeout = 86400
+  idle_timeout = 3600
+  max_active = 5
 
 [control_center.workspace]
 enabled = true

config/runtime/generated/installer.cicd.toml

@@ -2,23 +2,23 @@
 auto_init = true
 backup_before_upgrade = true
 
-[installer.database.migrations]
-enabled = true
-path = "/migrations"
+  [installer.database.migrations]
+  enabled = true
+  path = "/migrations"
 
 [installer.high_availability]
 auto_healing = true
 enabled = false
 replicas = 1
 
-[installer.high_availability.backup]
-enabled = false
-interval_hours = 24
-retention_days = 30
+  [installer.high_availability.backup]
+  enabled = false
+  interval_hours = 24
+  retention_days = 30
 
-[installer.high_availability.health_checks]
-enabled = true
-interval_seconds = 30
+  [installer.high_availability.health_checks]
+  enabled = true
+  interval_seconds = 30
 
 [installer.installation]
 keep_artifacts = false
@@ -31,66 +31,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[installer.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [installer.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[installer.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [installer.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[installer.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [installer.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[installer.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [installer.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[installer.logging.syslog]
-protocol = "udp"
+  [installer.logging.syslog]
+  protocol = "udp"
 
 [installer.monitoring]
 enabled = false
 
-[installer.monitoring.alerting]
-enabled = false
+  [installer.monitoring.alerting]
+  enabled = false
 
-[installer.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [installer.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[installer.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [installer.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[installer.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [installer.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[installer.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [installer.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [installer.networking.ingress]
 enabled = false
@@ -108,9 +108,9 @@ orchestrator = 9090
 enabled = false
 notify = false
 
-[installer.post_install.verify]
-enabled = true
-timeout_minutes = 10
+  [installer.post_install.verify]
+  enabled = true
+  timeout_minutes = 10
 
 [installer.preflight]
 check_cpu = true

config/runtime/generated/installer.enterprise.toml

@@ -2,23 +2,23 @@
 auto_init = true
 backup_before_upgrade = true
 
-[installer.database.migrations]
-enabled = true
-path = "/migrations"
+  [installer.database.migrations]
+  enabled = true
+  path = "/migrations"
 
 [installer.high_availability]
 auto_healing = true
 enabled = false
 replicas = 1
 
-[installer.high_availability.backup]
-enabled = false
-interval_hours = 24
-retention_days = 30
+  [installer.high_availability.backup]
+  enabled = false
+  interval_hours = 24
+  retention_days = 30
 
-[installer.high_availability.health_checks]
-enabled = true
-interval_seconds = 30
+  [installer.high_availability.health_checks]
+  enabled = true
+  interval_seconds = 30
 
 [installer.installation]
 keep_artifacts = false
@@ -31,66 +31,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[installer.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [installer.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[installer.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [installer.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[installer.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [installer.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[installer.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [installer.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[installer.logging.syslog]
-protocol = "udp"
+  [installer.logging.syslog]
+  protocol = "udp"
 
 [installer.monitoring]
 enabled = false
 
-[installer.monitoring.alerting]
-enabled = false
+  [installer.monitoring.alerting]
+  enabled = false
 
-[installer.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [installer.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[installer.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [installer.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[installer.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [installer.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[installer.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [installer.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [installer.networking.ingress]
 enabled = false
@@ -108,9 +108,9 @@ orchestrator = 9090
 enabled = false
 notify = false
 
-[installer.post_install.verify]
-enabled = true
-timeout_minutes = 10
+  [installer.post_install.verify]
+  enabled = true
+  timeout_minutes = 10
 
 [installer.preflight]
 check_cpu = true

config/runtime/generated/installer.multiuser.toml

@@ -2,23 +2,23 @@
 auto_init = true
 backup_before_upgrade = true
 
-[installer.database.migrations]
-enabled = true
-path = "/migrations"
+  [installer.database.migrations]
+  enabled = true
+  path = "/migrations"
 
 [installer.high_availability]
 auto_healing = true
 enabled = false
 replicas = 1
 
-[installer.high_availability.backup]
-enabled = false
-interval_hours = 24
-retention_days = 30
+  [installer.high_availability.backup]
+  enabled = false
+  interval_hours = 24
+  retention_days = 30
 
-[installer.high_availability.health_checks]
-enabled = true
-interval_seconds = 30
+  [installer.high_availability.health_checks]
+  enabled = true
+  interval_seconds = 30
 
 [installer.installation]
 keep_artifacts = false
@@ -31,66 +31,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[installer.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [installer.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[installer.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [installer.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[installer.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [installer.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[installer.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [installer.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[installer.logging.syslog]
-protocol = "udp"
+  [installer.logging.syslog]
+  protocol = "udp"
 
 [installer.monitoring]
 enabled = false
 
-[installer.monitoring.alerting]
-enabled = false
+  [installer.monitoring.alerting]
+  enabled = false
 
-[installer.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [installer.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[installer.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [installer.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[installer.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [installer.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[installer.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [installer.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [installer.networking.ingress]
 enabled = false
@@ -108,9 +108,9 @@ orchestrator = 9090
 enabled = false
 notify = false
 
-[installer.post_install.verify]
-enabled = true
-timeout_minutes = 10
+  [installer.post_install.verify]
+  enabled = true
+  timeout_minutes = 10
 
 [installer.preflight]
 check_cpu = true

config/runtime/generated/installer.solo.toml

@@ -2,23 +2,23 @@
 auto_init = true
 backup_before_upgrade = true
 
-[installer.database.migrations]
-enabled = true
-path = "/migrations"
+  [installer.database.migrations]
+  enabled = true
+  path = "/migrations"
 
 [installer.high_availability]
 auto_healing = true
 enabled = false
 replicas = 1
 
-[installer.high_availability.backup]
-enabled = false
-interval_hours = 24
-retention_days = 30
+  [installer.high_availability.backup]
+  enabled = false
+  interval_hours = 24
+  retention_days = 30
 
-[installer.high_availability.health_checks]
-enabled = true
-interval_seconds = 30
+  [installer.high_availability.health_checks]
+  enabled = true
+  interval_seconds = 30
 
 [installer.installation]
 keep_artifacts = false
@@ -31,66 +31,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[installer.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [installer.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[installer.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [installer.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[installer.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [installer.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[installer.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [installer.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[installer.logging.syslog]
-protocol = "udp"
+  [installer.logging.syslog]
+  protocol = "udp"
 
 [installer.monitoring]
 enabled = false
 
-[installer.monitoring.alerting]
-enabled = false
+  [installer.monitoring.alerting]
+  enabled = false
 
-[installer.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [installer.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[installer.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [installer.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[installer.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [installer.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[installer.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [installer.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [installer.networking.ingress]
 enabled = false
@@ -108,9 +108,9 @@ orchestrator = 9090
 enabled = false
 notify = false
 
-[installer.post_install.verify]
-enabled = true
-timeout_minutes = 10
+  [installer.post_install.verify]
+  enabled = true
+  timeout_minutes = 10
 
 [installer.preflight]
 check_cpu = true

config/runtime/generated/mcp-server.cicd.toml

@@ -23,66 +23,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[mcp_server.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [mcp_server.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[mcp_server.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [mcp_server.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[mcp_server.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [mcp_server.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[mcp_server.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [mcp_server.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[mcp_server.logging.syslog]
-protocol = "udp"
+  [mcp_server.logging.syslog]
+  protocol = "udp"
 
 [mcp_server.monitoring]
 enabled = false
 
-[mcp_server.monitoring.alerting]
-enabled = false
+  [mcp_server.monitoring.alerting]
+  enabled = false
 
-[mcp_server.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [mcp_server.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[mcp_server.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [mcp_server.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[mcp_server.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [mcp_server.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[mcp_server.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [mcp_server.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [mcp_server.orchestrator_integration]
 enabled = false
@@ -96,42 +96,42 @@ pool_size = 10
 enabled = true
 max_templates = 100
 
-[mcp_server.prompts.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.prompts.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.prompts.versioning]
-enabled = false
-max_versions = 10
+  [mcp_server.prompts.versioning]
+  enabled = false
+  max_versions = 10
 
 [mcp_server.protocol]
 version = "1.0"
 
-[mcp_server.protocol.transport]
-endpoint = "http://localhost:3000"
-timeout = 30000
+  [mcp_server.protocol.transport]
+  endpoint = "http://localhost:3000"
+  timeout = 30000
 
 [mcp_server.resources]
 enabled = true
 max_size = 104857600
 
-[mcp_server.resources.cache]
-enabled = true
-max_size_mb = 512
-ttl = 3600
+  [mcp_server.resources.cache]
+  enabled = true
+  max_size_mb = 512
+  ttl = 3600
 
-[mcp_server.resources.validation]
-enabled = true
-max_depth = 10
+  [mcp_server.resources.validation]
+  enabled = true
+  max_depth = 10
 
 [mcp_server.sampling]
 enabled = false
 max_tokens = 4096
 temperature = 0.7
 
-[mcp_server.sampling.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.sampling.cache]
+  enabled = true
+  ttl = 3600
 
 [mcp_server.server]
 graceful_shutdown = true
@@ -148,13 +148,13 @@ enabled = true
 max_concurrent = 5
 timeout = 30000
 
-[mcp_server.tools.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.tools.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.tools.validation]
-enabled = true
-strict_mode = false
+  [mcp_server.tools.validation]
+  enabled = true
+  strict_mode = false
 
 [mcp_server.workspace]
 enabled = true

config/runtime/generated/mcp-server.enterprise.toml

@@ -23,66 +23,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[mcp_server.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [mcp_server.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[mcp_server.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [mcp_server.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[mcp_server.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [mcp_server.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[mcp_server.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [mcp_server.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[mcp_server.logging.syslog]
-protocol = "udp"
+  [mcp_server.logging.syslog]
+  protocol = "udp"
 
 [mcp_server.monitoring]
 enabled = false
 
-[mcp_server.monitoring.alerting]
-enabled = false
+  [mcp_server.monitoring.alerting]
+  enabled = false
 
-[mcp_server.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [mcp_server.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[mcp_server.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [mcp_server.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[mcp_server.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [mcp_server.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[mcp_server.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [mcp_server.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [mcp_server.orchestrator_integration]
 enabled = false
@@ -96,42 +96,42 @@ pool_size = 10
 enabled = true
 max_templates = 100
 
-[mcp_server.prompts.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.prompts.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.prompts.versioning]
-enabled = false
-max_versions = 10
+  [mcp_server.prompts.versioning]
+  enabled = false
+  max_versions = 10
 
 [mcp_server.protocol]
 version = "1.0"
 
-[mcp_server.protocol.transport]
-endpoint = "http://localhost:3000"
-timeout = 30000
+  [mcp_server.protocol.transport]
+  endpoint = "http://localhost:3000"
+  timeout = 30000
 
 [mcp_server.resources]
 enabled = true
 max_size = 104857600
 
-[mcp_server.resources.cache]
-enabled = true
-max_size_mb = 512
-ttl = 3600
+  [mcp_server.resources.cache]
+  enabled = true
+  max_size_mb = 512
+  ttl = 3600
 
-[mcp_server.resources.validation]
-enabled = true
-max_depth = 10
+  [mcp_server.resources.validation]
+  enabled = true
+  max_depth = 10
 
 [mcp_server.sampling]
 enabled = false
 max_tokens = 4096
 temperature = 0.7
 
-[mcp_server.sampling.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.sampling.cache]
+  enabled = true
+  ttl = 3600
 
 [mcp_server.server]
 graceful_shutdown = true
@@ -148,13 +148,13 @@ enabled = true
 max_concurrent = 5
 timeout = 30000
 
-[mcp_server.tools.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.tools.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.tools.validation]
-enabled = true
-strict_mode = false
+  [mcp_server.tools.validation]
+  enabled = true
+  strict_mode = false
 
 [mcp_server.workspace]
 enabled = true

config/runtime/generated/mcp-server.multiuser.toml

@@ -23,66 +23,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[mcp_server.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [mcp_server.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[mcp_server.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [mcp_server.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[mcp_server.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [mcp_server.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[mcp_server.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [mcp_server.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[mcp_server.logging.syslog]
-protocol = "udp"
+  [mcp_server.logging.syslog]
+  protocol = "udp"
 
 [mcp_server.monitoring]
 enabled = false
 
-[mcp_server.monitoring.alerting]
-enabled = false
+  [mcp_server.monitoring.alerting]
+  enabled = false
 
-[mcp_server.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [mcp_server.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[mcp_server.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [mcp_server.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[mcp_server.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [mcp_server.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[mcp_server.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [mcp_server.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [mcp_server.orchestrator_integration]
 enabled = false
@@ -96,42 +96,42 @@ pool_size = 10
 enabled = true
 max_templates = 100
 
-[mcp_server.prompts.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.prompts.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.prompts.versioning]
-enabled = false
-max_versions = 10
+  [mcp_server.prompts.versioning]
+  enabled = false
+  max_versions = 10
 
 [mcp_server.protocol]
 version = "1.0"
 
-[mcp_server.protocol.transport]
-endpoint = "http://localhost:3000"
-timeout = 30000
+  [mcp_server.protocol.transport]
+  endpoint = "http://localhost:3000"
+  timeout = 30000
 
 [mcp_server.resources]
 enabled = true
 max_size = 104857600
 
-[mcp_server.resources.cache]
-enabled = true
-max_size_mb = 512
-ttl = 3600
+  [mcp_server.resources.cache]
+  enabled = true
+  max_size_mb = 512
+  ttl = 3600
 
-[mcp_server.resources.validation]
-enabled = true
-max_depth = 10
+  [mcp_server.resources.validation]
+  enabled = true
+  max_depth = 10
 
 [mcp_server.sampling]
 enabled = false
 max_tokens = 4096
 temperature = 0.7
 
-[mcp_server.sampling.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.sampling.cache]
+  enabled = true
+  ttl = 3600
 
 [mcp_server.server]
 graceful_shutdown = true
@@ -148,13 +148,13 @@ enabled = true
 max_concurrent = 5
 timeout = 30000
 
-[mcp_server.tools.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.tools.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.tools.validation]
-enabled = true
-strict_mode = false
+  [mcp_server.tools.validation]
+  enabled = true
+  strict_mode = false
 
 [mcp_server.workspace]
 enabled = true

config/runtime/generated/mcp-server.solo.toml

@@ -23,66 +23,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[mcp_server.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [mcp_server.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[mcp_server.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [mcp_server.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[mcp_server.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [mcp_server.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[mcp_server.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [mcp_server.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[mcp_server.logging.syslog]
-protocol = "udp"
+  [mcp_server.logging.syslog]
+  protocol = "udp"
 
 [mcp_server.monitoring]
 enabled = false
 
-[mcp_server.monitoring.alerting]
-enabled = false
+  [mcp_server.monitoring.alerting]
+  enabled = false
 
-[mcp_server.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [mcp_server.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[mcp_server.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [mcp_server.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[mcp_server.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [mcp_server.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[mcp_server.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [mcp_server.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [mcp_server.orchestrator_integration]
 enabled = false
@@ -96,42 +96,42 @@ pool_size = 10
 enabled = true
 max_templates = 100
 
-[mcp_server.prompts.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.prompts.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.prompts.versioning]
-enabled = false
-max_versions = 10
+  [mcp_server.prompts.versioning]
+  enabled = false
+  max_versions = 10
 
 [mcp_server.protocol]
 version = "1.0"
 
-[mcp_server.protocol.transport]
-endpoint = "http://localhost:3000"
-timeout = 30000
+  [mcp_server.protocol.transport]
+  endpoint = "http://localhost:3000"
+  timeout = 30000
 
 [mcp_server.resources]
 enabled = true
 max_size = 104857600
 
-[mcp_server.resources.cache]
-enabled = true
-max_size_mb = 512
-ttl = 3600
+  [mcp_server.resources.cache]
+  enabled = true
+  max_size_mb = 512
+  ttl = 3600
 
-[mcp_server.resources.validation]
-enabled = true
-max_depth = 10
+  [mcp_server.resources.validation]
+  enabled = true
+  max_depth = 10
 
 [mcp_server.sampling]
 enabled = false
 max_tokens = 4096
 temperature = 0.7
 
-[mcp_server.sampling.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.sampling.cache]
+  enabled = true
+  ttl = 3600
 
 [mcp_server.server]
 graceful_shutdown = true
@@ -148,13 +148,13 @@ enabled = true
 max_concurrent = 5
 timeout = 30000
 
-[mcp_server.tools.cache]
-enabled = true
-ttl = 3600
+  [mcp_server.tools.cache]
+  enabled = true
+  ttl = 3600
 
-[mcp_server.tools.validation]
-enabled = true
-strict_mode = false
+  [mcp_server.tools.validation]
+  enabled = true
+  strict_mode = false
 
 [mcp_server.workspace]
 enabled = true

config/runtime/generated/orchestrator.cicd.toml

@@ -3,15 +3,15 @@ metrics = false
 operation_timeout = 1800000
 parallel_limit = 5
 
-[orchestrator.batch.checkpointing]
-enabled = true
-interval = 100
-max_checkpoints = 10
+  [orchestrator.batch.checkpointing]
+  enabled = true
+  interval = 100
+  max_checkpoints = 10
 
-[orchestrator.batch.rollback]
-enabled = true
-max_rollback_depth = 5
-strategy = "checkpoint_based"
+  [orchestrator.batch.rollback]
+  enabled = true
+  max_rollback_depth = 5
+  strategy = "checkpoint_based"
 
 [orchestrator.extensions]
 auto_load = false
@@ -25,66 +25,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[orchestrator.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [orchestrator.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[orchestrator.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [orchestrator.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[orchestrator.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [orchestrator.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[orchestrator.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [orchestrator.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[orchestrator.logging.syslog]
-protocol = "udp"
+  [orchestrator.logging.syslog]
+  protocol = "udp"
 
 [orchestrator.monitoring]
 enabled = false
 
-[orchestrator.monitoring.alerting]
-enabled = false
+  [orchestrator.monitoring.alerting]
+  enabled = false
 
-[orchestrator.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [orchestrator.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[orchestrator.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [orchestrator.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[orchestrator.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [orchestrator.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[orchestrator.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [orchestrator.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [orchestrator.queue]
 max_concurrent_tasks = 5
@@ -95,9 +95,9 @@ retry_attempts = 3
 retry_delay = 5000
 task_timeout = 3600000
 
-[orchestrator.queue.dead_letter_queue]
-enabled = true
-max_size = 1000
+  [orchestrator.queue.dead_letter_queue]
+  enabled = true
+  max_size = 1000
 
 [orchestrator.server]
 graceful_shutdown = true
@@ -113,11 +113,11 @@ workers = 4
 backend = "filesystem"
 path = "/var/lib/provisioning/orchestrator/data"
 
-[orchestrator.storage.cache]
-enabled = true
-eviction_policy = "lru"
-ttl = 3600
-type = "in_memory"
+  [orchestrator.storage.cache]
+  enabled = true
+  eviction_policy = "lru"
+  ttl = 3600
+  type = "in_memory"
 
 [orchestrator.workspace]
 enabled = true

config/runtime/generated/orchestrator.enterprise.toml

@@ -3,15 +3,15 @@ metrics = false
 operation_timeout = 1800000
 parallel_limit = 5
 
-[orchestrator.batch.checkpointing]
-enabled = true
-interval = 100
-max_checkpoints = 10
+  [orchestrator.batch.checkpointing]
+  enabled = true
+  interval = 100
+  max_checkpoints = 10
 
-[orchestrator.batch.rollback]
-enabled = true
-max_rollback_depth = 5
-strategy = "checkpoint_based"
+  [orchestrator.batch.rollback]
+  enabled = true
+  max_rollback_depth = 5
+  strategy = "checkpoint_based"
 
 [orchestrator.extensions]
 auto_load = false
@@ -25,66 +25,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[orchestrator.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [orchestrator.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[orchestrator.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [orchestrator.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[orchestrator.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [orchestrator.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[orchestrator.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [orchestrator.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[orchestrator.logging.syslog]
-protocol = "udp"
+  [orchestrator.logging.syslog]
+  protocol = "udp"
 
 [orchestrator.monitoring]
 enabled = false
 
-[orchestrator.monitoring.alerting]
-enabled = false
+  [orchestrator.monitoring.alerting]
+  enabled = false
 
-[orchestrator.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [orchestrator.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[orchestrator.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [orchestrator.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[orchestrator.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [orchestrator.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[orchestrator.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [orchestrator.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [orchestrator.queue]
 max_concurrent_tasks = 5
@@ -95,9 +95,9 @@ retry_attempts = 3
 retry_delay = 5000
 task_timeout = 3600000
 
-[orchestrator.queue.dead_letter_queue]
-enabled = true
-max_size = 1000
+  [orchestrator.queue.dead_letter_queue]
+  enabled = true
+  max_size = 1000
 
 [orchestrator.server]
 graceful_shutdown = true
@@ -113,11 +113,11 @@ workers = 4
 backend = "filesystem"
 path = "/var/lib/provisioning/orchestrator/data"
 
-[orchestrator.storage.cache]
-enabled = true
-eviction_policy = "lru"
-ttl = 3600
-type = "in_memory"
+  [orchestrator.storage.cache]
+  enabled = true
+  eviction_policy = "lru"
+  ttl = 3600
+  type = "in_memory"
 
 [orchestrator.workspace]
 enabled = true

config/runtime/generated/orchestrator.multiuser.toml

@@ -3,15 +3,15 @@ metrics = false
 operation_timeout = 1800000
 parallel_limit = 5
 
-[orchestrator.batch.checkpointing]
-enabled = true
-interval = 100
-max_checkpoints = 10
+  [orchestrator.batch.checkpointing]
+  enabled = true
+  interval = 100
+  max_checkpoints = 10
 
-[orchestrator.batch.rollback]
-enabled = true
-max_rollback_depth = 5
-strategy = "checkpoint_based"
+  [orchestrator.batch.rollback]
+  enabled = true
+  max_rollback_depth = 5
+  strategy = "checkpoint_based"
 
 [orchestrator.extensions]
 auto_load = false
@@ -25,66 +25,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[orchestrator.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [orchestrator.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[orchestrator.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [orchestrator.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[orchestrator.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [orchestrator.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[orchestrator.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [orchestrator.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[orchestrator.logging.syslog]
-protocol = "udp"
+  [orchestrator.logging.syslog]
+  protocol = "udp"
 
 [orchestrator.monitoring]
 enabled = false
 
-[orchestrator.monitoring.alerting]
-enabled = false
+  [orchestrator.monitoring.alerting]
+  enabled = false
 
-[orchestrator.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [orchestrator.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[orchestrator.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [orchestrator.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[orchestrator.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [orchestrator.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[orchestrator.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [orchestrator.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [orchestrator.queue]
 max_concurrent_tasks = 5
@@ -95,9 +95,9 @@ retry_attempts = 3
 retry_delay = 5000
 task_timeout = 3600000
 
-[orchestrator.queue.dead_letter_queue]
-enabled = true
-max_size = 1000
+  [orchestrator.queue.dead_letter_queue]
+  enabled = true
+  max_size = 1000
 
 [orchestrator.server]
 graceful_shutdown = true
@@ -113,11 +113,11 @@ workers = 4
 backend = "filesystem"
 path = "/var/lib/provisioning/orchestrator/data"
 
-[orchestrator.storage.cache]
-enabled = true
-eviction_policy = "lru"
-ttl = 3600
-type = "in_memory"
+  [orchestrator.storage.cache]
+  enabled = true
+  eviction_policy = "lru"
+  ttl = 3600
+  type = "in_memory"
 
 [orchestrator.workspace]
 enabled = true

config/runtime/generated/orchestrator.solo.toml

@@ -3,15 +3,15 @@ metrics = false
 operation_timeout = 1800000
 parallel_limit = 5
 
-[orchestrator.batch.checkpointing]
-enabled = true
-interval = 100
-max_checkpoints = 10
+  [orchestrator.batch.checkpointing]
+  enabled = true
+  interval = 100
+  max_checkpoints = 10
 
-[orchestrator.batch.rollback]
-enabled = true
-max_rollback_depth = 5
-strategy = "checkpoint_based"
+  [orchestrator.batch.rollback]
+  enabled = true
+  max_rollback_depth = 5
+  strategy = "checkpoint_based"
 
 [orchestrator.extensions]
 auto_load = false
@@ -25,66 +25,66 @@ format = "&"
 level = "&"
 outputs = ["stdout"]
 
-[orchestrator.logging.fields]
-caller = false
-hostname = true
-pid = true
-service_name = true
-stack_trace = false
-timestamp = true
+  [orchestrator.logging.fields]
+  caller = false
+  hostname = true
+  pid = true
+  service_name = true
+  stack_trace = false
+  timestamp = true
 
-[orchestrator.logging.file]
-compress = false
-max_age = 30
-max_backups = 10
-max_size = 104857600
-path = "/var/log/provisioning/service.log"
+  [orchestrator.logging.file]
+  compress = false
+  max_age = 30
+  max_backups = 10
+  max_size = 104857600
+  path = "/var/log/provisioning/service.log"
 
-[orchestrator.logging.performance]
-enabled = false
-memory_info = false
-slow_threshold = 1000
+  [orchestrator.logging.performance]
+  enabled = false
+  memory_info = false
+  slow_threshold = 1000
 
-[orchestrator.logging.sampling]
-enabled = false
-initial = 100
-thereafter = 100
+  [orchestrator.logging.sampling]
+  enabled = false
+  initial = 100
+  thereafter = 100
 
-[orchestrator.logging.syslog]
-protocol = "udp"
+  [orchestrator.logging.syslog]
+  protocol = "udp"
 
 [orchestrator.monitoring]
 enabled = false
 
-[orchestrator.monitoring.alerting]
-enabled = false
+  [orchestrator.monitoring.alerting]
+  enabled = false
 
-[orchestrator.monitoring.health_check]
-enabled = false
-endpoint = "/health"
-healthy_threshold = 2
-interval = 30
-timeout = 5000
-type = "&"
-unhealthy_threshold = 3
+  [orchestrator.monitoring.health_check]
+  enabled = false
+  endpoint = "/health"
+  healthy_threshold = 2
+  interval = 30
+  timeout = 5000
+  type = "&"
+  unhealthy_threshold = 3
 
-[orchestrator.monitoring.metrics]
-buffer_size = 1000
-enabled = false
-interval = 60
-prometheus_path = "/metrics"
-retention_days = 30
+  [orchestrator.monitoring.metrics]
+  buffer_size = 1000
+  enabled = false
+  interval = 60
+  prometheus_path = "/metrics"
+  retention_days = 30
 
-[orchestrator.monitoring.resources]
-alert_threshold = 80
-cpu = false
-disk = false
-memory = false
-network = false
+  [orchestrator.monitoring.resources]
+  alert_threshold = 80
+  cpu = false
+  disk = false
+  memory = false
+  network = false
 
-[orchestrator.monitoring.tracing]
-enabled = false
-sample_rate = 0.1
+  [orchestrator.monitoring.tracing]
+  enabled = false
+  sample_rate = 0.1
 
 [orchestrator.queue]
 max_concurrent_tasks = 5
@@ -95,9 +95,9 @@ retry_attempts = 3
 retry_delay = 5000
 task_timeout = 3600000
 
-[orchestrator.queue.dead_letter_queue]
-enabled = true
-max_size = 1000
+  [orchestrator.queue.dead_letter_queue]
+  enabled = true
+  max_size = 1000
 
 [orchestrator.server]
 graceful_shutdown = true
@@ -113,11 +113,11 @@ workers = 4
 backend = "filesystem"
 path = "/var/lib/provisioning/orchestrator/data"
 
-[orchestrator.storage.cache]
-enabled = true
-eviction_policy = "lru"
-ttl = 3600
-type = "in_memory"
+  [orchestrator.storage.cache]
+  enabled = true
+  eviction_policy = "lru"
+  ttl = 3600
+  type = "in_memory"
 
 [orchestrator.workspace]
 enabled = true

config/runtime/generated/rag.enterprise.toml

@@ -7,16 +7,7 @@ provider = "openai"
 [rag.ingestion]
 auto_ingest = true
 chunk_size = 2048
-doc_types = [
-    "md",
-    "txt",
-    "toml",
-    "ncl",
-    "rs",
-    "nu",
-    "yaml",
-    "json",
-]
+doc_types = ["md", "txt", "toml", "ncl", "rs", "nu", "yaml", "json"]
 overlap = 200
 watch_files = true
 

config/runtime/generated/rag.multiuser.toml

@@ -7,14 +7,7 @@ provider = "openai"
 [rag.ingestion]
 auto_ingest = true
 chunk_size = 1024
-doc_types = [
-    "md",
-    "txt",
-    "toml",
-    "ncl",
-    "rs",
-    "nu",
-]
+doc_types = ["md", "txt", "toml", "ncl", "rs", "nu"]
 overlap = 100
 watch_files = true
 

config/runtime/generated/rag.solo.toml

@@ -7,11 +7,7 @@ provider = "local"
 [rag.ingestion]
 auto_ingest = true
 chunk_size = 512
-doc_types = [
-    "md",
-    "txt",
-    "toml",
-]
+doc_types = ["md", "txt", "toml"]
 overlap = 50
 
 [rag.llm]

crates/ai-service/Cargo.toml

@@ -1,15 +1,15 @@
 [package]
-name = "ai-service"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
 description = "HTTP service for AI capabilities including RAG, MCP tool invocation, and knowledge graph operations"
+edition.workspace = true
+name = "ai-service"
+version.workspace = true
 
 [dependencies]
 # Workspace dependencies
-tokio = { workspace = true, features = ["full"] }
-futures = { workspace = true }
 async-trait = { workspace = true }
+futures = { workspace = true }
+tokio = { workspace = true, features = ["full"] }
 
 # Web server and API
 axum = { workspace = true }
@@ -33,8 +33,8 @@ tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 
 # UUID and time
-uuid = { workspace = true, features = ["v4", "serde"] }
 chrono = { workspace = true, features = ["serde"] }
+uuid = { workspace = true, features = ["v4", "serde"] }
 
 # CLI
 clap = { workspace = true, features = ["derive"] }
@@ -49,8 +49,8 @@ provisioning-mcp-server = { path = "../mcp-server" }
 petgraph = { workspace = true }
 
 [dev-dependencies]
-tokio-test = { workspace = true }
 tempfile = { workspace = true }
+tokio-test = { workspace = true }
 
 # Library target
 [lib]

crates/control-center-ui/Cargo.toml

@@ -1,14 +1,14 @@
 [package]
+authors = ["Control Center Team"]
+autobins = false                                                                       # Disable auto-detection of binary targets
+description = "Control Center UI - Leptos CSR App for Cloud Infrastructure Management"
+edition.workspace = true
 name = "control-center-ui"
 version.workspace = true
-edition.workspace = true
-description = "Control Center UI - Leptos CSR App for Cloud Infrastructure Management"
-authors = ["Control Center Team"]
-autobins = false  # Disable auto-detection of binary targets
 
 [lib]
-name = "control_center_ui"
 crate-type = ["cdylib"]
+name = "control_center_ui"
 path = "src/main.rs"
 
 [dependencies]
@@ -17,25 +17,25 @@ path = "src/main.rs"
 # ============================================================================
 
 # Serialization
+chrono = { workspace = true, features = ["wasm-bindgen"] }
 serde = { workspace = true }
 serde_json = { workspace = true }
 uuid = { workspace = true, features = ["js"] }
-chrono = { workspace = true, features = ["wasm-bindgen"] }
 
 # Error handling and async
-thiserror = { workspace = true }
 futures = { workspace = true }
+thiserror = { workspace = true }
 
 # Logging and debugging
 tracing = { workspace = true }
 
 # Security and cryptography
-base64 = { workspace = true }
-regex = { workspace = true }
-rand = { workspace = true }
-sha2 = { workspace = true }
-hmac = { workspace = true }
 aes-gcm = { workspace = true, features = ["aes", "std"] }
+base64 = { workspace = true }
+hmac = { workspace = true }
+rand = { workspace = true }
+regex = { workspace = true }
+sha2 = { workspace = true }
 
 # ============================================================================
 # WASM-SPECIFIC DEPENDENCIES
@@ -61,33 +61,33 @@ icondata = { workspace = true }
 leptos_icons = { workspace = true }
 
 # Authentication and cryptography
-qrcode = { workspace = true }
 image = { workspace = true }
+qrcode = { workspace = true }
 totp-rs = { workspace = true }
 
 # Serialization utilities
 serde-wasm-bindgen = { workspace = true }
 
 # Logging for WASM
-tracing-wasm = { workspace = true }
 console_error_panic_hook = { workspace = true }
+tracing-wasm = { workspace = true }
 
 # HTTP client and networking
 gloo-net = { workspace = true }
 gloo-storage = { workspace = true }
-gloo-utils = { workspace = true }
 gloo-timers = { workspace = true }
+gloo-utils = { workspace = true }
 
 # Chart.js bindings and canvas utilities
 plotters = { workspace = true }
 plotters-canvas = { workspace = true }
 
 # WASM utilities
-wasm-bindgen-futures = { workspace = true }
 js-sys = { workspace = true }
+wasm-bindgen-futures = { workspace = true }
 
 # Random number generation (WASM-specific override with js feature)
-getrandom = { version = "0.3.4", features = [ "wasm_js" ] }
+getrandom = { version = "0.3.4", features = ["wasm_js"] }
 
 # ============================================================================
 # PROJECT-SPECIFIC DEPENDENCIES (not in workspace)
@@ -95,68 +95,68 @@ getrandom = { version = "0.3.4", features = [ "wasm_js" ] }
 
 # Web APIs
 web-sys = { version = "0.3", features = [
-    "console",
-    "Window",
-    "Document",
-    "Element",
-    "HtmlElement",
-    "HtmlCanvasElement",
-    "CanvasRenderingContext2d",
-    "EventTarget",
-    "Event",
-    "DragEvent",
-    "DataTransfer",
-    "HtmlInputElement",
-    "HtmlSelectElement",
-    "HtmlTextAreaElement",
-    "HtmlButtonElement",
-    "HtmlDivElement",
-    "Storage",
-    "Location",
-    "History",
-    "Navigator",
-    "ServiceWorkerRegistration",
-    "ServiceWorker",
-    "NotificationPermission",
-    "Notification",
-    "Headers",
-    "Request",
-    "RequestInit",
-    "RequestMode",
-    "Response",
-    "AbortController",
-    "AbortSignal",
-    "WebSocket",
-    "MessageEvent",
-    "CloseEvent",
-    "ErrorEvent",
-    "Blob",
-    "Url",
-    "FileReader",
-    "File",
-    "HtmlAnchorElement",
-    "MouseEvent",
-    "TouchEvent",
-    "KeyboardEvent",
-    "ResizeObserver",
-    "ResizeObserverEntry",
-    "IntersectionObserver",
-    "IntersectionObserverEntry",
-    # Media Query APIs
-    "MediaQueryList",
-    "MediaQueryListEvent",
-    # WebAuthn APIs
-    "CredentialsContainer",
-    "PublicKeyCredential",
-    "PublicKeyCredentialCreationOptions",
-    "PublicKeyCredentialRequestOptions",
-    "AuthenticatorResponse",
-    "AuthenticatorAttestationResponse",
-    "AuthenticatorAssertionResponse",
-    # Crypto APIs
-    "Crypto",
-    "SubtleCrypto",
-    "CryptoKey",
+  "console",
+  "Window",
+  "Document",
+  "Element",
+  "HtmlElement",
+  "HtmlCanvasElement",
+  "CanvasRenderingContext2d",
+  "EventTarget",
+  "Event",
+  "DragEvent",
+  "DataTransfer",
+  "HtmlInputElement",
+  "HtmlSelectElement",
+  "HtmlTextAreaElement",
+  "HtmlButtonElement",
+  "HtmlDivElement",
+  "Storage",
+  "Location",
+  "History",
+  "Navigator",
+  "ServiceWorkerRegistration",
+  "ServiceWorker",
+  "NotificationPermission",
+  "Notification",
+  "Headers",
+  "Request",
+  "RequestInit",
+  "RequestMode",
+  "Response",
+  "AbortController",
+  "AbortSignal",
+  "WebSocket",
+  "MessageEvent",
+  "CloseEvent",
+  "ErrorEvent",
+  "Blob",
+  "Url",
+  "FileReader",
+  "File",
+  "HtmlAnchorElement",
+  "MouseEvent",
+  "TouchEvent",
+  "KeyboardEvent",
+  "ResizeObserver",
+  "ResizeObserverEntry",
+  "IntersectionObserver",
+  "IntersectionObserverEntry",
+  # Media Query APIs
+  "MediaQueryList",
+  "MediaQueryListEvent",
+  # WebAuthn APIs
+  "CredentialsContainer",
+  "PublicKeyCredential",
+  "PublicKeyCredentialCreationOptions",
+  "PublicKeyCredentialRequestOptions",
+  "AuthenticatorResponse",
+  "AuthenticatorAttestationResponse",
+  "AuthenticatorAssertionResponse",
+  # Crypto APIs
+  "Crypto",
+  "SubtleCrypto",
+  "CryptoKey",
 ] }
 
 # HTTP client (project-specific for WASM features)
@@ -167,9 +167,9 @@ tokio = { version = "1.49", features = ["time"] }
 
 # Profile configurations moved to workspace root
 
-# WASM pack settings
-[package.metadata.wasm-pack.profile.release]
-wasm-opt = ['-Oz', '--enable-mutable-globals']
+  # WASM pack settings
+  [package.metadata.wasm-pack.profile.release]
+  wasm-opt = ['-Oz', '--enable-mutable-globals']
 
-[package.metadata.wasm-pack.profile.dev]
-wasm-opt = false
+  [package.metadata.wasm-pack.profile.dev]
+  wasm-opt = false

crates/control-center-ui/Trunk.toml

@@ -1,26 +1,26 @@
 [build]
-target = "index.html"
 dist = "dist"
-minify = "on_release"
 filehash = true
+minify = "on_release"
+target = "index.html"
 
 [watch]
-watch = ["src", "style", "assets"]
 ignore = ["dist", "target"]
+watch = ["src", "style", "assets"]
 
 [serve]
 address = "127.0.0.1"
-port = 3000
 open = false
-# Proxy API calls to the Rust orchestrator
-[[serve.proxy]]
-backend = "http://127.0.0.1:8080/"
-rewrite = "/api/{tail}"
-ws = true
+port = 3000
+  # Proxy API calls to the Rust orchestrator
+  [[serve.proxy]]
+  backend = "http://127.0.0.1:8080/"
+  rewrite = "/api/{tail}"
+  ws = true
 
 [clean]
-dist = "dist"
 cargo = true
+dist = "dist"
 
 # Release mode optimizations are already set in main [build] section above
 
@@ -41,6 +41,6 @@ cargo = true
 # command = "npx"
 # command_arguments = ["postcss", "dist/*.css", "--use", "autoprefixer", "--replace"]
 
-# Service Worker registration
-[build.tools]
-sass = "style/input.scss"
+  # Service Worker registration
+  [build.tools]
+  sass = "style/input.scss"

crates/control-center/Cargo.toml

@@ -1,9 +1,9 @@
 [package]
-name = "control-center"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
 description = "Control center service with JWT authentication, user management, and real-time WebSocket events"
+edition.workspace = true
+name = "control-center"
+version.workspace = true
 
 [dependencies]
 # ============================================================================
@@ -11,42 +11,42 @@ description = "Control center service with JWT authentication, user management,
 # ============================================================================
 
 # Core async runtime
-tokio = { workspace = true }
-futures = { workspace = true }
 async-trait = { workspace = true }
+futures = { workspace = true }
+tokio = { workspace = true }
 
 # Web server and API
 axum = { workspace = true }
+hyper = { workspace = true }
 tower = { workspace = true }
 tower-http = { workspace = true }
-hyper = { workspace = true }
 
 # Serialization and data
+chrono = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 toml = { workspace = true }
 uuid = { workspace = true }
-chrono = { workspace = true }
 
 # Database
-surrealdb = { workspace = true }
 sqlx = { workspace = true }
+surrealdb = { workspace = true }
 
 # Configuration and CLI
 clap = { workspace = true }
 config = { workspace = true }
 
 # Error handling
-thiserror = { workspace = true }
 anyhow = { workspace = true }
+thiserror = { workspace = true }
 
 # Logging
 tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 
 # Validation
-validator = { workspace = true }
 regex = { workspace = true }
+validator = { workspace = true }
 
 # HTTP client for external services
 reqwest = { workspace = true }
@@ -58,15 +58,15 @@ service-clients = { path = "../service-clients" }
 platform-config = { path = "../platform-config" }
 
 # Security and cryptography
-ring = { workspace = true }
-jsonwebtoken = { workspace = true }
+aes-gcm = { workspace = true }
 argon2 = { workspace = true }
 base64 = { workspace = true }
-rand = { workspace = true }
-aes-gcm = { workspace = true }
-sha2 = { workspace = true }
-hmac = { workspace = true }
 getrandom = { workspace = true }
+hmac = { workspace = true }
+jsonwebtoken = { workspace = true }
+rand = { workspace = true }
+ring = { workspace = true }
+sha2 = { workspace = true }
 
 # ============================================================================
 # ADDITIONAL WORKSPACE DEPENDENCIES
@@ -76,11 +76,11 @@ getrandom = { workspace = true }
 dirs = { workspace = true }
 
 # Security and cryptography
-rsa = { workspace = true }
-hkdf = { workspace = true }
-zeroize = { workspace = true }
 constant_time_eq = { workspace = true }
+hkdf = { workspace = true }
+rsa = { workspace = true }
 subtle = { workspace = true }
+zeroize = { workspace = true }
 
 # Tower services
 tower-service = { workspace = true }
@@ -103,18 +103,18 @@ cron = { workspace = true }
 tokio-cron-scheduler = { workspace = true }
 
 # MFA Authentication
+hex = { workspace = true }
+image = { workspace = true }
+lazy_static = { workspace = true }
+qrcode = { workspace = true }
 totp-rs = { workspace = true }
 webauthn-rs = { workspace = true }
 webauthn-rs-proto = { workspace = true }
-qrcode = { workspace = true }
-image = { workspace = true }
-hex = { workspace = true }
-lazy_static = { workspace = true }
 
 [dev-dependencies]
-tokio-test = { workspace = true }
-tempfile = { workspace = true }
 assert_matches = { workspace = true }
+tempfile = { workspace = true }
+tokio-test = { workspace = true }
 
 # ============================================================================
 # FEATURES - Module Organization for Coupling Reduction

crates/control-center/config.toml

@@ -1,19 +1,18 @@
 [server]
 host = "127.0.0.1"
-port = 8080
 keep_alive = 75
 max_connections = 1000
+port = 8080
 
 [database]
-url = "rocksdb://data/control-center.db"
-namespace = "control_center"
 database = "main"
+namespace = "control_center"
+url = "rocksdb://data/control-center.db"
 
 [jwt]
-issuer = "control-center"
-audience = "control-center-api"
 access_token_expiration_hours = 1
-refresh_token_expiration_hours = 168
+audience = "control-center-api"
+issuer = "control-center"
 private_key_pem = """
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpAIBAAKCAQEA82On7Xk5jycsV4NCOij0510ssy/3S1Pqj+UjGS1R3+tyHX57
@@ -53,51 +52,39 @@ I4cJE9oDcuOkyYZEWf2H5xAcidksaDNxabYRGS5IqT25obMElEZZDvj9X60S8UHu
 I3Tm+2kc69fo64/S53y3yNr6Ed05PVewiQIDAQAB
 -----END RSA PUBLIC KEY-----
 """
+refresh_token_expiration_hours = 168
 
 [rate_limiting]
-max_requests = 100
-window_seconds = 60
-per_ip = true
 global = false
+max_requests = 100
+per_ip = true
+window_seconds = 60
 
 [cors]
+allow_credentials = true
+allowed_headers = ["content-type", "authorization", "accept", "x-requested-with", "x-session-id"]
+allowed_methods = ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"]
 allowed_origins = ["http://localhost:3000"]
-allowed_methods = [
-    "GET",
-    "POST",
-    "PUT",
-    "DELETE",
-    "PATCH",
-    "OPTIONS",
-]
-allowed_headers = [
-    "content-type",
-    "authorization",
-    "accept",
-    "x-requested-with",
-    "x-session-id",
-]
 expose_headers = [
-    "x-total-count",
-    "x-rate-limit-remaining",
-    "x-rate-limit-limit",
-    "x-rate-limit-reset",
+  "x-total-count",
+  "x-rate-limit-remaining",
+  "x-rate-limit-limit",
+  "x-rate-limit-reset",
 ]
 max_age = 86400
-allow_credentials = true
 
 [security]
-session_cleanup_interval_minutes = 60
-max_sessions_per_user = 5
-password_min_length = 8
-password_require_special_chars = false
-password_require_numbers = false
-password_require_uppercase = false
 failed_login_lockout_attempts = 5
 failed_login_lockout_duration_minutes = 15
+max_sessions_per_user = 5
+password_min_length = 8
+password_require_numbers = false
+password_require_special_chars = false
+password_require_uppercase = false
+session_cleanup_interval_minutes = 60
 
 [logging]
-level = "info"
 format = "json"
+level = "info"
 max_file_size = "100MB"
 max_files = 10

crates/detector/Cargo.toml

@@ -1,22 +1,22 @@
 [package]
-name = "provisioning-detector"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
+edition.workspace = true
 license.workspace = true
+name = "provisioning-detector"
 repository.workspace = true
+version.workspace = true
 
 [dependencies]
-serde = { version = "1.0", features = ["derive"] }
-serde_json.workspace = true
-toml.workspace = true
-tokio.workspace = true
 anyhow.workspace = true
-thiserror.workspace = true
-regex.workspace = true
-walkdir.workspace = true
 chrono.workspace = true
 clap = { workspace = true, features = ["derive"] }
+regex.workspace = true
+serde = { version = "1.0", features = ["derive"] }
+serde_json.workspace = true
+thiserror.workspace = true
+tokio.workspace = true
+toml.workspace = true
+walkdir.workspace = true
 
 [dev-dependencies]
 tempfile.workspace = true

crates/extension-registry/Cargo.toml

@@ -1,15 +1,15 @@
 [package]
-name = "extension-registry"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
 description = "OCI-compliant extension registry proxy for managing provisioning system extensions and artifacts"
+edition.workspace = true
+name = "extension-registry"
+version.workspace = true
 
 [dependencies]
 # Workspace dependencies
-tokio = { workspace = true, features = ["full"] }
-futures = { workspace = true }
 async-trait = { workspace = true }
+futures = { workspace = true }
+tokio = { workspace = true, features = ["full"] }
 
 # Web server and API
 axum = { workspace = true }
@@ -32,8 +32,8 @@ tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 
 # UUID and time
-uuid = { workspace = true, features = ["v4", "serde"] }
 chrono = { workspace = true, features = ["serde"] }
+uuid = { workspace = true, features = ["v4", "serde"] }
 
 # CLI
 clap = { workspace = true, features = ["derive"] }
@@ -42,8 +42,8 @@ clap = { workspace = true, features = ["derive"] }
 reqwest = { workspace = true }
 
 # Cryptography for digest validation
-sha2 = { workspace = true }
 hex = { workspace = true }
+sha2 = { workspace = true }
 
 # URL parsing
 url = { workspace = true }
@@ -61,10 +61,10 @@ parking_lot = { workspace = true }
 toml = { workspace = true }
 
 [dev-dependencies]
-tokio-test = { workspace = true }
-tempfile = { workspace = true }
-hyper = { workspace = true }
 http-body-util = "0.1"
+hyper = { workspace = true }
+tempfile = { workspace = true }
+tokio-test = { workspace = true }
 
 # Library target
 [lib]

crates/extension-registry/config.example.toml

@@ -1,31 +1,31 @@
 # Extension Registry Configuration Example
 
 [server]
+enable_compression = true
+enable_cors = true
 host = "0.0.0.0"
 port = 8082
 workers = 4
-enable_cors = true
-enable_compression = true
 
 # Gitea backend configuration
 [gitea]
-url = "https://gitea.example.com"
 organization = "provisioning-extensions"
-token_path = "/path/to/gitea-token.txt"
 timeout_seconds = 30
+token_path = "/path/to/gitea-token.txt"
+url = "https://gitea.example.com"
 verify_ssl = true
 
 # OCI registry configuration
 [oci]
-registry = "registry.example.com"
-namespace = "provisioning"
 auth_token_path = "/path/to/oci-token.txt"
+namespace = "provisioning"
+registry = "registry.example.com"
 timeout_seconds = 30
 verify_ssl = true
 
 # Cache configuration
 [cache]
 capacity = 1000
-ttl_seconds = 300
-enable_metadata_cache = true
 enable_list_cache = true
+enable_metadata_cache = true
+ttl_seconds = 300

crates/mcp-server/Cargo.toml

@@ -1,13 +1,13 @@
 [package]
-name = "provisioning-mcp-server"
-version.workspace = true
-edition.workspace = true
 authors = ["Jesús Pérez Lorenzo <jpl@jesusperez.pro>"]
-description = "Rust-native MCP server for Infrastructure Automation system"
-repository.workspace = true
-license.workspace = true
-keywords = ["mcp", "rust", "infrastructure", "provisioning", "ai"]
 categories = ["command-line-utilities", "development-tools"]
+description = "Rust-native MCP server for Infrastructure Automation system"
+edition.workspace = true
+keywords = ["mcp", "rust", "infrastructure", "provisioning", "ai"]
+license.workspace = true
+name = "provisioning-mcp-server"
+repository.workspace = true
+version.workspace = true
 
 [dependencies]
 # ============================================================================
@@ -75,13 +75,13 @@ serde_yaml = "0.9"
 dirs = { workspace = true }
 
 [dev-dependencies]
-tokio-test = { workspace = true }
 criterion = { workspace = true, features = ["html_reports"] }
 tempfile = { workspace = true }
+tokio-test = { workspace = true }
 
 [features]
-default = []
 debug = ["tracing-subscriber/json"]
+default = []
 
 [[bin]]
 name = "provisioning-mcp-server"
@@ -97,5 +97,5 @@ name = "provisioning_mcp_server"
 path = "src/lib.rs"
 
 [[bench]]
-name = "performance"
 harness = false
+name = "performance"

crates/orchestrator/.cargo/config.toml

@@ -2,41 +2,36 @@
 
 [env]
 # Test environment variables
-RUST_TEST_THREADS = "1"
 RUST_BACKTRACE = { value = "1", condition = { env-not-set = ["CI"] } }
 RUST_LOG = { value = "debug", condition = { env-not-set = ["CI"] } }
+RUST_TEST_THREADS = "1"
 
 [alias]
 # Test aliases for convenience
 test-all = "test --all-features"
+test-factory = "test --test factory_tests"
 test-fs = "test --lib --bin orchestrator"
-test-surrealdb = "test --features surrealdb"
 test-integration = "test --test storage_integration"
 test-migration = "test --test migration_tests"
-test-factory = "test --test factory_tests"
+test-surrealdb = "test --features surrealdb"
 test-unit = "test --lib"
 
 # Benchmark aliases
 bench-all = "bench --all-features"
-bench-storage = "bench --bench storage_benchmarks"
-bench-migration = "bench --bench migration_benchmarks"
 bench-fs = "bench --bench storage_benchmarks -- filesystem"
+bench-migration = "bench --bench migration_benchmarks"
+bench-storage = "bench --bench storage_benchmarks"
 bench-surrealdb = "bench --features surrealdb --bench storage_benchmarks -- surrealdb"
 
 # Coverage and documentation
-test-coverage = "tarpaulin --all-features --out html"
 doc-test = "test --doc --all-features"
+test-coverage = "tarpaulin --all-features --out html"
 
 [target.'cfg(test)']
-rustflags = [
-    "-C", "instrument-coverage"
-]
+rustflags = ["-C", "instrument-coverage"]
 
 [build]
 # Enable additional lints for testing builds
 # Note: unused-crate-dependencies disabled for library crate due to false positives
 # with dependencies used in submodules but not lib.rs root
-rustflags = [
-    "-W", "unused-extern-crates",
-    "-W", "rust-2021-compatibility"
-]
+rustflags = ["-W", "unused-extern-crates", "-W", "rust-2021-compatibility"]

crates/orchestrator/Cargo.toml

@@ -1,23 +1,30 @@
 [package]
-name = "provisioning-orchestrator"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
 description = "Cloud-native infrastructure orchestrator with Nushell integration"
+edition.workspace = true
+name = "provisioning-orchestrator"
+version.workspace = true
 
 [dependencies]
 # ============================================================================
 # WORKSPACE DEPENDENCIES - Core async runtime and traits
 # ============================================================================
-tokio = { workspace = true, features = ["rt", "rt-multi-thread", "process", "io-util", "time", "fs"] }
-futures = { workspace = true }
 async-trait = { workspace = true }
+futures = { workspace = true }
+tokio = { workspace = true, features = [
+  "rt",
+  "rt-multi-thread",
+  "process",
+  "io-util",
+  "time",
+  "fs",
+] }
 
 # Serialization and data handling
+chrono = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 toml = { workspace = true }
-chrono = { workspace = true }
 uuid = { workspace = true }
 
 # Error handling
@@ -65,10 +72,10 @@ base64 = "0.22"
 jsonwebtoken = { workspace = true }
 
 # Cryptography for token validation
-sha2 = { workspace = true }
-rsa = { workspace = true }
-rand = { workspace = true }
 getrandom = { workspace = true }
+rand = { workspace = true }
+rsa = { workspace = true }
+sha2 = { workspace = true }
 
 # SSH key management
 ed25519-dalek = "2.1"
@@ -139,13 +146,23 @@ surrealdb = ["dep:surrealdb"]
 default = ["core", "audit", "compliance", "platform", "ssh", "workflow", "http-api"]
 
 # Full: All features enabled (development and testing)
-all = ["core", "audit", "compliance", "platform", "ssh", "workflow", "testing", "http-api", "surrealdb"]
+all = [
+  "core",
+  "audit",
+  "compliance",
+  "platform",
+  "ssh",
+  "workflow",
+  "testing",
+  "http-api",
+  "surrealdb",
+]
 
 [dev-dependencies]
-tokio-test = { workspace = true }
-tempfile = { workspace = true }
 assert_matches = { workspace = true }
 criterion = { workspace = true, features = ["html_reports", "async_tokio"] }
+tempfile = { workspace = true }
+tokio-test = { workspace = true }
 tower = { workspace = true, features = ["util"] }
 
 # Library target for tests and external use
@@ -160,9 +177,9 @@ path = "src/main.rs"
 required-features = ["all"]
 
 [[bench]]
-name = "storage_benchmarks"
 harness = false
+name = "storage_benchmarks"
 
 [[bench]]
-name = "migration_benchmarks"
 harness = false
+name = "migration_benchmarks"

crates/platform-config/Cargo.toml

@@ -1,19 +1,19 @@
 [package]
-name = "platform-config"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
+edition.workspace = true
 license.workspace = true
+name = "platform-config"
 repository.workspace = true
+version.workspace = true
 
 [dependencies]
+anyhow = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
-toml = { workspace = true }
-anyhow = { workspace = true }
 thiserror = { workspace = true }
-tracing = { workspace = true }
 tokio = { workspace = true }
+toml = { workspace = true }
+tracing = { workspace = true }
 
 [dev-dependencies]
 tempfile = { workspace = true }

crates/provisioning-daemon/Cargo.toml

@@ -1,10 +1,10 @@
 [package]
-name = "provisioning-daemon"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
+edition.workspace = true
 license.workspace = true
+name = "provisioning-daemon"
 repository.workspace = true
+version.workspace = true
 
 [dependencies]
 # Core daemon library from prov-ecosystem
@@ -25,8 +25,8 @@ toml = { workspace = true }
 platform-config = { path = "../platform-config" }
 
 # Error handling
-thiserror = { workspace = true }
 anyhow = { workspace = true }
+thiserror = { workspace = true }
 
 # Logging
 tracing = { workspace = true }
@@ -36,6 +36,6 @@ tracing-subscriber = { workspace = true }
 clap = { workspace = true, features = ["derive"] }
 
 # Utilities
-uuid = { workspace = true }
 chrono = { workspace = true }
 dirs = { workspace = true }
+uuid = { workspace = true }

crates/rag/Cargo.toml

@@ -1,23 +1,30 @@
 [package]
-name = "provisioning-rag"
-version.workspace = true
-edition.workspace = true
 authors.workspace = true
 description = "RAG system for provisioning platform with Rig framework and SurrealDB"
+edition.workspace = true
+name = "provisioning-rag"
+version.workspace = true
 
 [dependencies]
 # ============================================================================
 # WORKSPACE DEPENDENCIES - Core async runtime and traits
 # ============================================================================
-tokio = { workspace = true, features = ["rt", "rt-multi-thread", "process", "io-util", "time", "fs"] }
-futures = { workspace = true }
 async-trait = { workspace = true }
+futures = { workspace = true }
+tokio = { workspace = true, features = [
+  "rt",
+  "rt-multi-thread",
+  "process",
+  "io-util",
+  "time",
+  "fs",
+] }
 
 # Serialization and data handling
+chrono = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 toml = { workspace = true }
-chrono = { workspace = true }
 uuid = { workspace = true }
 
 # Error handling
@@ -34,10 +41,10 @@ reqwest = { workspace = true }
 # REST API Framework (Phase 8)
 # ============================================================================
 axum = { workspace = true }
-tower = { workspace = true}
-tower-http = { workspace = true, features = ["cors", "trace"] }
-hyper = { workspace = true, features = ["full"] }
 http = "1"
+hyper = { workspace = true, features = ["full"] }
+tower = { workspace = true }
+tower-http = { workspace = true, features = ["cors", "trace"] }
 
 # Database
 surrealdb = { workspace = true }
@@ -47,8 +54,8 @@ rig-core = { workspace = true }
 rig-surrealdb = { workspace = true }
 
 # Filesystem and path operations
-walkdir = { workspace = true }
 dirs = { workspace = true }
+walkdir = { workspace = true }
 
 # Configuration
 config = { workspace = true }
@@ -63,7 +70,7 @@ regex = { workspace = true }
 tokenizers = { workspace = true }
 
 # Caching support (Phase 7)
-lru =  { workspace = true }
+lru = { workspace = true }
 sha2 = { workspace = true }
 
 # Metrics and monitoring (Phase 7)
@@ -76,14 +83,14 @@ clap = { workspace = true, features = ["derive", "env"] }
 tracing-subscriber = { workspace = true }
 
 [dev-dependencies]
-tokio-test = { workspace = true }
-tempfile = { workspace = true }
 assert_matches = { workspace = true }
 criterion = { workspace = true, features = ["html_reports", "async_tokio"] }
+tempfile = { workspace = true }
+tokio-test = { workspace = true }
 
 [[bench]]
-name = "phase8_benchmarks"
 harness = false
+name = "phase8_benchmarks"
 
 # Library target
 [lib]
@@ -98,5 +105,5 @@ required-features = ["cli"]
 
 # Features
 [features]
-default = []
 cli = []
+default = []

crates/service-clients/Cargo.toml

@@ -1,24 +1,24 @@
 [package]
-name = "service-clients"
-version = { workspace = true }
-edition = { workspace = true }
 authors = { workspace = true }
-license = { workspace = true }
-repository = { workspace = true }
 description = "HTTP service client wrappers for provisioning platform services"
+edition = { workspace = true }
+license = { workspace = true }
+name = "service-clients"
+repository = { workspace = true }
+version = { workspace = true }
 
 [dependencies]
+async-trait = { workspace = true }
+log = { workspace = true }
 reqwest = { workspace = true }
-tokio = { workspace = true, features = ["full"] }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 thiserror = { workspace = true }
-log = { workspace = true }
-async-trait = { workspace = true }
+tokio = { workspace = true, features = ["full"] }
 
 # Service types (optional - only if not using generic types)
 machines = { path = "../../../../submodules/prov-ecosystem/crates/machines" }
 
 [dev-dependencies]
-tokio-test = { workspace = true }
 tempfile = { workspace = true }
+tokio-test = { workspace = true }

crates/vault-service/Cargo.toml

@@ -1,9 +1,9 @@
 [package]
-name = "vault-service"
-version = "0.2.0"
-edition = "2021"
 authors = ["Provisioning Team"]
 description = "Vault Service for Provisioning Platform with secrets and key management (Age dev, Cosmian KMS prod, RustyVault self-hosted)"
+edition = "2021"
+name = "vault-service"
+version = "0.2.0"
 
 [dependencies]
 # Async runtime
@@ -33,8 +33,8 @@ base64 = { workspace = true }
 rand = { workspace = true }
 
 # Error handling
-thiserror = { workspace = true }
 anyhow = { workspace = true }
+thiserror = { workspace = true }
 
 # Logging
 tracing = { workspace = true }
@@ -50,9 +50,9 @@ config = { workspace = true }
 secretumvault = { workspace = true }
 
 [dev-dependencies]
-mockito  = { workspace = true }
-tokio-test = { workspace = true }
+mockito = { workspace = true }
 tempfile = { workspace = true }
+tokio-test = { workspace = true }
 
 [[bin]]
 name = "vault-service"