Documentation
¶
Overview ¶
Package interfaces defines shared interface types used across the workflow engine, handlers, and module packages. Placing these interfaces here breaks the direct handler→module concrete-type dependency and enables each package to be tested in isolation with mocks.
Index ¶
- Constants
- Variables
- func CanonicalKeys() []string
- func IaCCanonicalSchemaJSON() []byte
- func IsCanonicalKey(key string) bool
- func IsValidHookEvent(s string) bool
- func IsValidationError(err error) bool
- func ValidationErrorStatus(err error) int
- type ActionError
- type AlertSpec
- type ApplyResult
- type ArtifactEntry
- type AutoscalingSpec
- type CORSSpec
- type DestroyResult
- type DiffResult
- type DomainSpec
- type DriftResult
- type EgressRule
- type EgressSpec
- type EventEmitter
- type EventRecorder
- type FieldChange
- type HealthCheckSpec
- type HealthResult
- type HookEvent
- type HookPayload
- type IaCCapabilityDeclaration
- type IaCLockHandle
- type IaCPlan
- type IaCProvider
- type IaCStateStore
- type IngressRule
- type IngressSpec
- type InstallVerifyPayload
- type JobSpec
- type LogDestinationSpec
- type MaintenanceSpec
- type MetricsRecorder
- type MigrationDriver
- type MigrationOptions
- type MigrationProvider
- type MigrationRequest
- type MigrationResult
- type MigrationSource
- type MigrationStatus
- type PipelineContext
- type PipelineExecutor
- type PipelineRunner
- type PipelineStep
- type PlanAction
- type PortSpec
- type PostArtifactsPublishPayload
- type PostBuildPayload
- type PostContainerBuildPayload
- type PostContainerPushPayload
- type PostTargetBuildPayload
- type PreArtifactsPublishPayload
- type PreBuildFailPayload
- type PreBuildPayload
- type PreContainerBuildPayload
- type PreContainerPushPayload
- type PreTargetBuildPayload
- type ProviderSizing
- type Reconfigurable
- type ResourceDriver
- type ResourceHints
- type ResourceOutput
- type ResourceRef
- type ResourceSpec
- type ResourceState
- type ResourceStatus
- type RouteSpec
- type SchemaRegistrar
- type Selector
- type SidecarSpec
- type Size
- type SizingDefaults
- type StaticSiteSpec
- type StepRegistrar
- type StepRegistryProvider
- type StepResult
- type Tenant
- type TenantFilter
- type TenantPatch
- type TenantRegistry
- type TenantResolver
- type TenantSpec
- type TerminationSpec
- type Trigger
- type TriggerRegistrar
- type ValidationError
- type WorkerSpec
- type WorkflowStoreProvider
- type WorkloadResourceSpec
Constants ¶
const ( KeyName = "name" KeyRegion = "region" KeyImage = "image" KeyHTTPPort = "http_port" KeyInternalPorts = "internal_ports" KeyProtocol = "protocol" KeyInstanceCount = "instance_count" KeySize = "size" KeyEnvVars = "env_vars" KeyEnvVarsSecret = "env_vars_secret" //nolint:gosec // G101 false positive: this is a config key name, not a credential KeyVPCRef = "vpc_ref" KeyAutoscaling = "autoscaling" KeyRoutes = "routes" KeyCORS = "cors" KeyDomains = "domains" KeyHealthCheck = "health_check" KeyLivenessCheck = "liveness_check" KeyIngress = "ingress" KeyEgress = "egress" KeyAlerts = "alerts" KeyLogDestinations = "log_destinations" KeyTermination = "termination" KeyMaintenance = "maintenance" KeyJobs = "jobs" KeyWorkers = "workers" KeyStaticSites = "static_sites" KeySidecars = "sidecars" KeyBuildCommand = "build_command" KeyRunCommand = "run_command" KeyDockerfilePath = "dockerfile_path" KeySourceDir = "source_dir" KeyProviderSpecific = "provider_specific" )
Canonical IaC config key constants. These are the standard field names used across all IaC providers to describe application resource configuration.
Variables ¶
var ( ErrResourceNotFound = errors.New("iac: resource not found") // 404/410 ErrResourceAlreadyExists = errors.New("iac: resource already exists") // 409 Conflict ErrRateLimited = errors.New("iac: rate limited") // 429 ErrTransient = errors.New("iac: transient error") // 502/503/504 ErrForbidden = errors.New("iac: forbidden") // 403 ErrValidation = errors.New("iac: validation error") // 400/422 )
Sentinel errors for common IaC resource operation response categories. Use errors.Is to identify them after wrapping.
var SizingMap = map[Size]SizingDefaults{
SizeXS: {CPU: "0.25", Memory: "512Mi", DBStorage: "10Gi", CacheMemory: "256Mi"},
SizeS: {CPU: "1", Memory: "2Gi", DBStorage: "50Gi", CacheMemory: "1Gi"},
SizeM: {CPU: "2", Memory: "4Gi", DBStorage: "100Gi", CacheMemory: "4Gi"},
SizeL: {CPU: "4", Memory: "16Gi", DBStorage: "500Gi", CacheMemory: "16Gi"},
SizeXL: {CPU: "8", Memory: "32Gi", DBStorage: "1Ti", CacheMemory: "64Gi"},
}
SizingMap defines the default resource allocations per size tier.
Functions ¶
func CanonicalKeys ¶ added in v0.18.0
func CanonicalKeys() []string
CanonicalKeys returns the full list of canonical IaC config key strings.
func IaCCanonicalSchemaJSON ¶ added in v0.18.0
func IaCCanonicalSchemaJSON() []byte
IaCCanonicalSchemaJSON returns the raw JSON Schema bytes.
func IsCanonicalKey ¶ added in v0.18.0
IsCanonicalKey returns true if key is a recognized canonical IaC config key.
func IsValidHookEvent ¶ added in v0.18.0
IsValidHookEvent returns true if s matches a known HookEvent constant.
func IsValidationError ¶ added in v0.3.60
IsValidationError reports whether err (or any error in its chain) is a *ValidationError.
func ValidationErrorStatus ¶ added in v0.3.60
ValidationErrorStatus returns the HTTP status code from a ValidationError in the error chain. Returns 400 if the error has no status or is not a ValidationError.
Types ¶
type ActionError ¶ added in v0.3.52
type ActionError struct {
Resource string `json:"resource"`
Action string `json:"action"`
Error string `json:"error"`
}
ActionError captures a resource-level error during apply or destroy.
type AlertSpec ¶ added in v0.18.0
type AlertSpec struct {
Rule string `json:"rule" yaml:"rule"`
Operator string `json:"operator" yaml:"operator"` // GREATER_THAN | LESS_THAN
Value float64 `json:"value" yaml:"value"`
Window string `json:"window" yaml:"window"` // e.g. "10m"
Disabled bool `json:"disabled" yaml:"disabled"`
}
AlertSpec defines an observable metric threshold alert.
type ApplyResult ¶ added in v0.3.52
type ApplyResult struct {
PlanID string `json:"plan_id"`
Resources []ResourceOutput `json:"resources"`
Errors []ActionError `json:"errors,omitempty"`
}
ApplyResult summarises the outcome of applying a plan.
type ArtifactEntry ¶ added in v0.18.0
ArtifactEntry is a single published artifact with its URL.
type AutoscalingSpec ¶ added in v0.18.0
type AutoscalingSpec struct {
Min int `json:"min" yaml:"min"`
Max int `json:"max" yaml:"max"`
CPUPercent int `json:"cpu_percent" yaml:"cpu_percent"`
MemoryPercent int `json:"memory_percent" yaml:"memory_percent"`
}
AutoscalingSpec controls horizontal-pod / instance autoscaling.
type CORSSpec ¶ added in v0.18.0
type CORSSpec struct {
AllowOrigins []string `json:"allow_origins,omitempty" yaml:"allow_origins,omitempty"`
AllowMethods []string `json:"allow_methods,omitempty" yaml:"allow_methods,omitempty"`
AllowHeaders []string `json:"allow_headers,omitempty" yaml:"allow_headers,omitempty"`
ExposeHeaders []string `json:"expose_headers,omitempty" yaml:"expose_headers,omitempty"`
AllowCredentials bool `json:"allow_credentials" yaml:"allow_credentials"`
MaxAge string `json:"max_age,omitempty" yaml:"max_age,omitempty"`
}
CORSSpec configures Cross-Origin Resource Sharing headers.
type DestroyResult ¶ added in v0.3.52
type DestroyResult struct {
Destroyed []string `json:"destroyed"`
Errors []ActionError `json:"errors,omitempty"`
}
DestroyResult summarises the outcome of a destroy operation.
type DiffResult ¶ added in v0.3.52
type DiffResult struct {
NeedsUpdate bool `json:"needs_update"`
NeedsReplace bool `json:"needs_replace"`
Changes []FieldChange `json:"changes"`
}
DiffResult summarises the differences between desired and actual resource state.
type DomainSpec ¶ added in v0.18.0
type DomainSpec struct {
Name string `json:"name" yaml:"name"`
Zone string `json:"zone,omitempty" yaml:"zone,omitempty"`
Type string `json:"type" yaml:"type"` // PRIMARY | ALIAS
Wildcard bool `json:"wildcard" yaml:"wildcard"`
}
DomainSpec describes a custom domain attached to a service.
type DriftResult ¶ added in v0.3.52
type DriftResult struct {
Name string `json:"name"`
Type string `json:"type"`
Drifted bool `json:"drifted"`
Expected map[string]any `json:"expected"`
Actual map[string]any `json:"actual"`
Fields []string `json:"fields"` // which fields drifted
}
DriftResult captures detected drift between declared and actual resource state.
type EgressRule ¶ added in v0.18.0
type EgressRule struct {
Destination string `json:"destination" yaml:"destination"`
Protocol string `json:"protocol" yaml:"protocol"`
Allow bool `json:"allow" yaml:"allow"`
}
EgressRule is a single outbound allow/deny entry.
type EgressSpec ¶ added in v0.18.0
type EgressSpec struct {
Bandwidth string `json:"bandwidth,omitempty" yaml:"bandwidth,omitempty"` // informational budget, e.g. "1Gbps"
Rules []EgressRule `json:"rules,omitempty" yaml:"rules,omitempty"`
}
EgressSpec controls outbound traffic policy.
type EventEmitter ¶
type EventEmitter interface {
EmitWorkflowStarted(ctx context.Context, workflowType, action string, data map[string]any)
EmitWorkflowCompleted(ctx context.Context, workflowType, action string, duration time.Duration, results map[string]any)
EmitWorkflowFailed(ctx context.Context, workflowType, action string, duration time.Duration, err error)
}
EventEmitter publishes workflow lifecycle events. *module.WorkflowEventEmitter satisfies this interface. All methods must be safe to call when no event bus is configured (no-ops).
type EventRecorder ¶
type EventRecorder interface {
RecordEvent(ctx context.Context, executionID string, eventType string, data map[string]any) error
}
EventRecorder records pipeline execution events for observability. *store.EventRecorderAdapter and any compatible recorder satisfy this interface.
type FieldChange ¶ added in v0.3.52
type FieldChange struct {
Path string `json:"path"`
Old any `json:"old"`
New any `json:"new"`
ForceNew bool `json:"force_new"` // change requires resource replacement
}
FieldChange describes a single field-level difference.
type HealthCheckSpec ¶ added in v0.18.0
type HealthCheckSpec struct {
HTTPPath string `json:"http_path,omitempty" yaml:"http_path,omitempty"`
TCPPort int `json:"tcp_port,omitempty" yaml:"tcp_port,omitempty"`
Port int `json:"port,omitempty" yaml:"port,omitempty"`
InitialDelaySeconds int `json:"initial_delay_seconds" yaml:"initial_delay_seconds"`
PeriodSeconds int `json:"period_seconds" yaml:"period_seconds"`
TimeoutSeconds int `json:"timeout_seconds" yaml:"timeout_seconds"`
SuccessThreshold int `json:"success_threshold" yaml:"success_threshold"`
FailureThreshold int `json:"failure_threshold" yaml:"failure_threshold"`
}
HealthCheckSpec describes an HTTP or TCP health probe.
type HealthResult ¶ added in v0.3.52
type HealthResult struct {
Healthy bool `json:"healthy"`
Message string `json:"message,omitempty"`
}
HealthResult is the outcome of a health check for a resource.
type HookEvent ¶ added in v0.18.0
type HookEvent string
HookEvent is the string identifier for a build-pipeline hook event.
const ( // Build lifecycle events emitted by wfctl build. HookEventPreBuild HookEvent = "pre_build" HookEventPreTargetBuild HookEvent = "pre_target_build" HookEventPostTargetBuild HookEvent = "post_target_build" HookEventPreContainerBuild HookEvent = "pre_container_build" HookEventPostContainerBuild HookEvent = "post_container_build" HookEventPreContainerPush HookEvent = "pre_container_push" HookEventPostContainerPush HookEvent = "post_container_push" HookEventPreArtifactsPublish HookEvent = "pre_artifacts_publish" HookEventPostArtifactsPublish HookEvent = "post_artifacts_publish" HookEventPreBuildFail HookEvent = "pre_build_fail" HookEventPostBuild HookEvent = "post_build" // HookEventInstallVerify is emitted by wfctl plugin install after tarball // download and before extraction. The supply-chain plugin registers a handler // that verifies cosign signatures, SBOM presence, and OSV vulnerability policy. HookEventInstallVerify HookEvent = "install_verify" )
func AllHookEvents ¶ added in v0.18.0
func AllHookEvents() []HookEvent
AllHookEvents returns all defined hook event constants.
type HookPayload ¶ added in v0.18.0
type HookPayload struct {
Event HookEvent `json:"event"`
Plugin string `json:"plugin"`
BuildID string `json:"build_id"`
Timestamp int64 `json:"timestamp"`
Data map[string]any `json:"data,omitempty"`
}
HookPayload is the JSON envelope passed to a plugin hook handler on stdin. Plugins decode this and then further decode Data into the event-specific struct.
type IaCCapabilityDeclaration ¶ added in v0.3.53
type IaCCapabilityDeclaration struct {
ResourceType string `json:"resource_type"` // infra.database, infra.vpc, etc.
Tier int `json:"tier"` // 1=infra, 2=shared, 3=app
Operations []string `json:"operations"` // create, read, update, delete, scale
}
IaCCapabilityDeclaration describes a resource type supported by a provider.
type IaCLockHandle ¶ added in v0.3.53
IaCLockHandle is returned by IaCStateStore.Lock and is used to release the lock.
type IaCPlan ¶ added in v0.3.53
type IaCPlan struct {
ID string `json:"id"`
Actions []PlanAction `json:"actions"`
CreatedAt time.Time `json:"created_at"`
}
IaCPlan is the complete execution plan for a set of infrastructure changes.
type IaCProvider ¶ added in v0.3.52
type IaCProvider interface {
Name() string
Version() string
Initialize(ctx context.Context, config map[string]any) error
// Capabilities returns what resource types this provider supports.
Capabilities() []IaCCapabilityDeclaration
// Lifecycle
Plan(ctx context.Context, desired []ResourceSpec, current []ResourceState) (*IaCPlan, error)
Apply(ctx context.Context, plan *IaCPlan) (*ApplyResult, error)
Destroy(ctx context.Context, resources []ResourceRef) (*DestroyResult, error)
// Observability
Status(ctx context.Context, resources []ResourceRef) ([]ResourceStatus, error)
DetectDrift(ctx context.Context, resources []ResourceRef) ([]DriftResult, error)
// Migration
Import(ctx context.Context, cloudID string, resourceType string) (*ResourceState, error)
// Sizing
ResolveSizing(resourceType string, size Size, hints *ResourceHints) (*ProviderSizing, error)
// Resource drivers for fine-grained CRUD
ResourceDriver(resourceType string) (ResourceDriver, error)
// SupportedCanonicalKeys returns the subset of canonical IaC config keys
// that this provider understands. Providers may return a subset; callers
// use this to warn on unrecognised fields before applying a plan.
// Built-in and stub providers return the full canonical key set.
SupportedCanonicalKeys() []string
Close() error
}
IaCProvider is the main interface that cloud provider plugins implement. Each provider (AWS, GCP, Azure, DO) implements this as a gRPC plugin.
type IaCStateStore ¶ added in v0.3.52
type IaCStateStore interface {
SaveResource(ctx context.Context, state ResourceState) error
GetResource(ctx context.Context, name string) (*ResourceState, error)
ListResources(ctx context.Context) ([]ResourceState, error)
DeleteResource(ctx context.Context, name string) error
SavePlan(ctx context.Context, plan IaCPlan) error
GetPlan(ctx context.Context, id string) (*IaCPlan, error)
Lock(ctx context.Context, resource string, ttl time.Duration) (IaCLockHandle, error)
Close() error
}
IaCStateStore provides persistent state tracking for managed resources.
type IngressRule ¶ added in v0.18.0
type IngressRule struct {
Match string `json:"match" yaml:"match"` // path prefix or header expression
Component string `json:"component" yaml:"component"` // target service/worker name
}
IngressRule maps an HTTP match to a backend component.
type IngressSpec ¶ added in v0.18.0
type IngressSpec struct {
LoadBalancer string `json:"load_balancer,omitempty" yaml:"load_balancer,omitempty"` // e.g. round_robin | least_connections
Rules []IngressRule `json:"rules,omitempty" yaml:"rules,omitempty"`
}
IngressSpec controls inbound traffic routing.
type InstallVerifyPayload ¶ added in v0.18.0
type InstallVerifyPayload struct {
TarballPath string `json:"tarball_path"`
ExpectedSignatureIdentity string `json:"expected_signature_identity,omitempty"`
ExpectedSBOMHash string `json:"expected_sbom_hash,omitempty"`
VulnPolicy string `json:"vuln_policy,omitempty"` // block-critical | warn | off
}
InstallVerifyPayload is the Data payload for HookEventInstallVerify. The supply-chain plugin handler verifies the tarball's cosign signature, SBOM presence, and OSV vulnerability scan per the declared policy.
type JobSpec ¶ added in v0.18.0
type JobSpec struct {
Name string `json:"name" yaml:"name"`
Kind string `json:"kind" yaml:"kind"`
Image string `json:"image,omitempty" yaml:"image,omitempty"`
RunCommand string `json:"run_command" yaml:"run_command"`
EnvVars map[string]string `json:"env_vars,omitempty" yaml:"env_vars,omitempty"`
EnvVarsSecret map[string]string `json:"env_vars_secret,omitempty" yaml:"env_vars_secret,omitempty"`
Cron string `json:"cron,omitempty" yaml:"cron,omitempty"` // non-empty for SCHEDULED kind
Termination *TerminationSpec `json:"termination,omitempty" yaml:"termination,omitempty"`
Alerts []AlertSpec `json:"alerts,omitempty" yaml:"alerts,omitempty"`
LogDestinations []LogDestinationSpec `json:"log_destinations,omitempty" yaml:"log_destinations,omitempty"`
}
JobSpec describes a one-off or scheduled job workload. Kind is one of: PRE_DEPLOY, POST_DEPLOY, FAILED_DEPLOY, SCHEDULED.
type LogDestinationSpec ¶ added in v0.18.0
type LogDestinationSpec struct {
Name string `json:"name" yaml:"name"`
Endpoint string `json:"endpoint" yaml:"endpoint"`
Headers map[string]string `json:"headers,omitempty" yaml:"headers,omitempty"`
TLS bool `json:"tls" yaml:"tls"`
}
LogDestinationSpec forwards logs to an external system.
type MaintenanceSpec ¶ added in v0.18.0
type MaintenanceSpec struct {
Window string `json:"window" yaml:"window"` // e.g. "Sun 03:00-05:00 UTC"
Enabled bool `json:"enabled" yaml:"enabled"`
}
MaintenanceSpec defines a recurring maintenance window.
type MetricsRecorder ¶
type MetricsRecorder interface {
RecordWorkflowExecution(workflowType, action, status string)
RecordWorkflowDuration(workflowType, action string, duration time.Duration)
}
MetricsRecorder records workflow execution metrics. *module.MetricsCollector satisfies this interface. All methods must be safe to call when no metrics backend is configured (no-ops).
type MigrationDriver ¶ added in v0.18.0
type MigrationDriver interface {
Name() string
Up(ctx context.Context, req MigrationRequest) (MigrationResult, error)
Down(ctx context.Context, req MigrationRequest) (MigrationResult, error)
Status(ctx context.Context, req MigrationRequest) (MigrationStatus, error)
Goto(ctx context.Context, req MigrationRequest, target string) (MigrationResult, error)
}
MigrationDriver is the interface that migration backend plugins implement. Implementations live in workflow-plugin-migrations (golang-migrate, goose, atlas).
type MigrationOptions ¶ added in v0.18.0
MigrationOptions controls migration behaviour.
type MigrationProvider ¶ added in v0.18.0
type MigrationProvider interface {
// ProvidesMigrations returns an fs.FS rooted at the migrations directory.
// The FS must contain SQL files named in the golang-migrate convention:
// <version>_<description>.up.sql and <version>_<description>.down.sql.
ProvidesMigrations() (fs.FS, error)
// MigrationsDependencies returns the names of other MigrationProvider
// modules whose migrations must be applied before this module's.
// For example, the authz module might return ["workflow.tenants"].
// Returning nil or an empty slice means no dependencies.
MigrationsDependencies() []string
}
MigrationProvider is optionally implemented by modules that embed their own SQL migration files (e.g., the tenants module, authz module).
The workflow-plugin-migrations runner walks all registered modules in the modular service registry, calls ProvidesMigrations on those that implement this interface, collects the returned filesystems, orders them by declared dependency, and applies them before the application's own migrations.
type MigrationRequest ¶ added in v0.18.0
type MigrationRequest struct {
DSN string
Source MigrationSource
Options MigrationOptions
}
MigrationRequest holds all parameters needed to run a migration operation.
func (MigrationRequest) Validate ¶ added in v0.18.0
func (r MigrationRequest) Validate() error
Validate returns ErrValidation if required fields are missing.
type MigrationResult ¶ added in v0.18.0
MigrationResult is returned after a successful migration operation.
type MigrationSource ¶ added in v0.18.0
MigrationSource describes where migration files come from.
type MigrationStatus ¶ added in v0.18.0
MigrationStatus describes the current migration state of a database.
type PipelineContext ¶ added in v0.3.39
type PipelineContext struct {
// TriggerData is the original data from the trigger (immutable after creation).
TriggerData map[string]any
// StepOutputs maps step-name -> output from each completed step.
StepOutputs map[string]map[string]any
// Current is the merged state: trigger data + all step outputs.
// Steps read from Current and their output is merged back into it.
Current map[string]any
// Metadata holds execution metadata (pipeline name, trace ID, etc.)
Metadata map[string]any
// StrictTemplates causes template execution to return an error instead of
// the zero value when a template expression references a missing map key.
// When false (the default), missing keys resolve to the zero value with a
// warning logged via Logger. Enable via pipeline config: strict_templates: true.
StrictTemplates bool
// Logger is used to emit warnings when a template expression resolves a
// missing key to the zero value (non-strict mode). When nil, slog.Default()
// is used.
Logger *slog.Logger
}
PipelineContext carries data through a pipeline execution.
func NewPipelineContext ¶ added in v0.3.39
func NewPipelineContext(triggerData map[string]any, metadata map[string]any) *PipelineContext
NewPipelineContext creates a PipelineContext initialized with trigger data.
func (*PipelineContext) MergeStepOutput ¶ added in v0.3.39
func (pc *PipelineContext) MergeStepOutput(stepName string, output map[string]any)
MergeStepOutput records a step's output and merges it into Current.
type PipelineExecutor ¶ added in v0.3.51
type PipelineExecutor interface {
// ExecutePipeline runs a named pipeline synchronously and returns its
// structured output. Returns _pipeline_output if set by
// step.pipeline_output, otherwise the pipeline's merged Current state.
ExecutePipeline(ctx context.Context, name string, data map[string]any) (map[string]any, error)
}
PipelineExecutor provides direct pipeline invocation for Go callers (gRPC servers, tests, etc.) without HTTP serialization overhead. *workflow.StdEngine satisfies this interface.
type PipelineRunner ¶
type PipelineRunner interface {
// Run executes the pipeline with the given trigger data and returns the
// merged result map (equivalent to PipelineContext.Current).
Run(ctx context.Context, data map[string]any) (map[string]any, error)
// SetLogger sets the logger used for pipeline execution.
// Implementations should be idempotent: if a logger is already set,
// a subsequent call should be a no-op.
SetLogger(logger *slog.Logger)
// SetEventRecorder sets the recorder used for pipeline execution events.
// Implementations should be idempotent: if a recorder is already set,
// a subsequent call should be a no-op.
SetEventRecorder(recorder EventRecorder)
}
PipelineRunner is the interface satisfied by *module.Pipeline. It allows workflow handlers to execute pipelines without importing the concrete module types, enabling handler unit tests with mocks.
type PipelineStep ¶ added in v0.3.39
type PipelineStep interface {
// Name returns the step's unique name within the pipeline.
Name() string
// Execute runs the step with the pipeline context.
Execute(ctx context.Context, pc *PipelineContext) (*StepResult, error)
}
PipelineStep is a single composable unit of work in a pipeline.
type PlanAction ¶ added in v0.3.52
type PlanAction struct {
Action string `json:"action"` // create, update, replace, delete
Resource ResourceSpec `json:"resource"`
Current *ResourceState `json:"current,omitempty"`
Changes []FieldChange `json:"changes,omitempty"`
}
PlanAction is a single planned change within an IaCPlan.
type PortSpec ¶ added in v0.18.0
type PortSpec struct {
Name string `json:"name" yaml:"name"`
Port int `json:"port" yaml:"port"`
Protocol string `json:"protocol" yaml:"protocol"` // http | tcp | udp
Public bool `json:"public" yaml:"public"`
}
PortSpec describes a named port exposed by a service or sidecar.
type PostArtifactsPublishPayload ¶ added in v0.18.0
type PostArtifactsPublishPayload struct {
Assets []ArtifactEntry `json:"assets"`
DurationMs int64 `json:"duration_ms"`
}
type PostBuildPayload ¶ added in v0.18.0
type PostBuildPayload struct {
Targets []string `json:"targets"`
Success bool `json:"success"`
DurationMs int64 `json:"duration_ms"`
}
PostBuildPayload is the final build summary.
type PostContainerBuildPayload ¶ added in v0.18.0
type PostContainerBuildPayload struct {
Target string `json:"target"`
ImageRef string `json:"image_ref"`
Digest string `json:"digest"`
DurationMs int64 `json:"duration_ms"`
}
PostContainerBuildPayload carries the built image digest.
type PostContainerPushPayload ¶ added in v0.18.0
type PostTargetBuildPayload ¶ added in v0.18.0
type PreArtifactsPublishPayload ¶ added in v0.18.0
type PreArtifactsPublishPayload struct {
Assets []string `json:"assets"`
}
PreArtifactsPublishPayload / PostArtifactsPublishPayload describe asset publishing.
type PreBuildFailPayload ¶ added in v0.18.0
type PreBuildFailPayload struct {
Error string `json:"error"`
Target string `json:"target,omitempty"`
}
PreBuildFailPayload carries the error that caused the build to fail.
type PreBuildPayload ¶ added in v0.18.0
type PreBuildPayload struct {
ConfigPath string `json:"config_path"`
Targets []string `json:"targets"`
}
PreBuildPayload is the Data payload for HookEventPreBuild.
type PreContainerBuildPayload ¶ added in v0.18.0
type PreContainerBuildPayload struct {
Target string `json:"target"`
DockerfilePath string `json:"dockerfile_path"`
ContextPath string `json:"context_path"`
Tags []string `json:"tags"`
}
PreContainerBuildPayload carries Dockerfile + context for a container build start.
type PreContainerPushPayload ¶ added in v0.18.0
type PreContainerPushPayload struct {
ImageRef string `json:"image_ref"`
Registries []string `json:"registries"`
}
PreContainerPushPayload / PostContainerPushPayload describe registry push.
type PreTargetBuildPayload ¶ added in v0.18.0
PreTargetBuildPayload / PostTargetBuildPayload carry per-target context.
type ProviderSizing ¶ added in v0.3.52
type ProviderSizing struct {
InstanceType string `json:"instance_type"`
Specs map[string]any `json:"specs"`
}
ProviderSizing is the concrete sizing resolved by a provider for a resource type.
type Reconfigurable ¶ added in v0.2.20
type Reconfigurable interface {
// Reconfigure applies new configuration to a running module.
// The module should:
// 1. Validate the new config
// 2. Gracefully drain in-flight work
// 3. Apply the new configuration
// 4. Resume accepting new work
// Returns an error if the new config is invalid or cannot be applied.
Reconfigure(ctx context.Context, newConfig map[string]any) error
}
Reconfigurable is optionally implemented by modules that support runtime reconfiguration without requiring a full engine restart. When a config change affects only modules implementing this interface, the engine can perform a surgical update instead of a full stop/rebuild/start.
type ResourceDriver ¶ added in v0.3.52
type ResourceDriver interface {
Create(ctx context.Context, spec ResourceSpec) (*ResourceOutput, error)
Read(ctx context.Context, ref ResourceRef) (*ResourceOutput, error)
Update(ctx context.Context, ref ResourceRef, spec ResourceSpec) (*ResourceOutput, error)
Delete(ctx context.Context, ref ResourceRef) error
Diff(ctx context.Context, desired ResourceSpec, current *ResourceOutput) (*DiffResult, error)
HealthCheck(ctx context.Context, ref ResourceRef) (*HealthResult, error)
Scale(ctx context.Context, ref ResourceRef, replicas int) (*ResourceOutput, error)
// SensitiveKeys returns output keys whose values should be masked in logs and plan output.
SensitiveKeys() []string
}
ResourceDriver handles CRUD for a single resource type within a provider.
type ResourceHints ¶ added in v0.3.52
type ResourceHints struct {
CPU string `json:"cpu,omitempty" yaml:"cpu,omitempty"`
Memory string `json:"memory,omitempty" yaml:"memory,omitempty"`
Storage string `json:"storage,omitempty" yaml:"storage,omitempty"`
}
ResourceHints are optional fine-grained overrides on top of the Size tier.
type ResourceOutput ¶ added in v0.3.52
type ResourceOutput struct {
Name string `json:"name"`
Type string `json:"type"`
ProviderID string `json:"provider_id"`
Outputs map[string]any `json:"outputs"` // IPs, endpoints, connection strings
Sensitive map[string]bool `json:"sensitive,omitempty"` // keys whose values are sensitive
Status string `json:"status"`
}
ResourceOutput is the concrete output of a provisioned or read resource.
type ResourceRef ¶ added in v0.3.52
type ResourceRef struct {
Name string `json:"name"`
Type string `json:"type"`
ProviderID string `json:"provider_id,omitempty"`
}
ResourceRef is a lightweight reference to an existing resource.
type ResourceSpec ¶ added in v0.3.52
type ResourceSpec struct {
Name string `json:"name"`
Type string `json:"type"`
Config map[string]any `json:"config"`
Size Size `json:"size,omitempty"`
Hints *ResourceHints `json:"hints,omitempty"`
DependsOn []string `json:"depends_on,omitempty"`
}
ResourceSpec is the desired state declaration for a single resource.
type ResourceState ¶ added in v0.3.52
type ResourceState struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Provider string `json:"provider"`
ProviderID string `json:"provider_id"`
ConfigHash string `json:"config_hash"`
AppliedConfig map[string]any `json:"applied_config"`
Outputs map[string]any `json:"outputs"`
Dependencies []string `json:"dependencies"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
LastDriftCheck time.Time `json:"last_drift_check,omitempty"`
}
ResourceState is the persisted state record for a single managed resource.
type ResourceStatus ¶ added in v0.3.52
type ResourceStatus struct {
Name string `json:"name"`
Type string `json:"type"`
ProviderID string `json:"provider_id"`
Status string `json:"status"` // running, stopped, degraded, unknown
Outputs map[string]any `json:"outputs"`
}
ResourceStatus is the live status of a provisioned resource.
type RouteSpec ¶ added in v0.18.0
type RouteSpec struct {
Path string `json:"path" yaml:"path"`
PreservePathPrefix bool `json:"preserve_path_prefix" yaml:"preserve_path_prefix"`
}
RouteSpec maps an HTTP path prefix to this service.
type SchemaRegistrar ¶
type SchemaRegistrar interface {
// Name returns the module name (used for logging).
Name() string
// RegisterAdminSchemas registers all admin API request/response schemas
// onto this generator. Equivalent to calling module.RegisterAdminSchemas(gen).
RegisterAdminSchemas()
// ApplySchemas applies all previously registered component schemas and
// operation schema overrides to the current OpenAPI spec.
ApplySchemas()
}
SchemaRegistrar is implemented by any service that can register admin schemas into an OpenAPI specification and apply them. Using this interface in cmd/server allows the server to enrich the OpenAPI spec without holding a concrete *module.OpenAPIGenerator pointer.
*module.OpenAPIGenerator satisfies this interface.
type Selector ¶ added in v0.18.0
Selector extracts a tenant lookup key from an HTTP request. Match returns the key, whether the selector matched, and any error.
type SidecarSpec ¶ added in v0.18.0
type SidecarSpec struct {
Name string `json:"name" yaml:"name"`
Image string `json:"image,omitempty" yaml:"image,omitempty"`
RunCommand string `json:"run_command" yaml:"run_command"`
EnvVars map[string]string `json:"env_vars,omitempty" yaml:"env_vars,omitempty"`
EnvVarsSecret map[string]string `json:"env_vars_secret,omitempty" yaml:"env_vars_secret,omitempty"`
Ports []PortSpec `json:"ports,omitempty" yaml:"ports,omitempty"`
Resources *WorkloadResourceSpec `json:"resources,omitempty" yaml:"resources,omitempty"`
HealthCheck *HealthCheckSpec `json:"health_check,omitempty" yaml:"health_check,omitempty"`
}
SidecarSpec describes a companion container that shares the network with the main service (e.g. Tailscale, Envoy).
type SizingDefaults ¶ added in v0.3.52
type SizingDefaults struct {
CPU string `json:"cpu"`
Memory string `json:"memory"`
DBStorage string `json:"db_storage"`
CacheMemory string `json:"cache_memory"`
}
SizingDefaults holds the concrete resource values for a given size tier.
type StaticSiteSpec ¶ added in v0.18.0
type StaticSiteSpec struct {
Name string `json:"name" yaml:"name"`
BuildCommand string `json:"build_command" yaml:"build_command"`
OutputDir string `json:"output_dir" yaml:"output_dir"`
EnvVars map[string]string `json:"env_vars,omitempty" yaml:"env_vars,omitempty"`
Routes []RouteSpec `json:"routes,omitempty" yaml:"routes,omitempty"`
CORS *CORSSpec `json:"cors,omitempty" yaml:"cors,omitempty"`
Domains []DomainSpec `json:"domains,omitempty" yaml:"domains,omitempty"`
Alerts []AlertSpec `json:"alerts,omitempty" yaml:"alerts,omitempty"`
}
StaticSiteSpec describes a statically-built web front-end.
type StepRegistrar ¶ added in v0.3.39
type StepRegistrar interface {
StepRegistryProvider
// Create instantiates a PipelineStep of the given type.
// app must be a modular.Application; it is typed as any to avoid
// coupling this interfaces package to the modular dependency.
Create(stepType, name string, config map[string]any, app any) (PipelineStep, error)
}
StepRegistrar manages step type registration and creation. It embeds StepRegistryProvider for type enumeration and adds a Create method for instantiating steps. Register is intentionally omitted from this interface because factory signatures use modular.Application (a concrete type) which cannot be expressed here without creating an import cycle.
type StepRegistryProvider ¶
type StepRegistryProvider interface {
// Types returns all registered step type names.
Types() []string
}
StepRegistryProvider exposes the step types registered in a step registry. *module.StepRegistry satisfies this interface.
type StepResult ¶ added in v0.3.39
type StepResult struct {
// Output is the data produced by this step.
Output map[string]any
// NextStep overrides the default next step (for conditional routing).
// Empty string means continue to the next step in sequence.
NextStep string
// Stop indicates the pipeline should stop after this step (success).
Stop bool
// Skipped indicates the step was bypassed by a guard (skip_if or if).
// When true, the pipeline executor will not record this step in StepOutputs.
Skipped bool
}
StepResult is the output of a single pipeline step execution.
type Tenant ¶ added in v0.18.0
type Tenant struct {
ID string `json:"id"`
Name string `json:"name"`
Slug string `json:"slug"`
Domains []string `json:"domains,omitempty"`
Metadata map[string]any `json:"metadata,omitempty"`
IsActive bool `json:"is_active"`
}
Tenant represents an identified tenant in a multi-tenant system.
type TenantFilter ¶ added in v0.18.0
type TenantFilter struct {
ActiveOnly bool `json:"active_only,omitempty"`
Domain string `json:"domain,omitempty"`
Slug string `json:"slug,omitempty"`
Limit int `json:"limit,omitempty"`
Offset int `json:"offset,omitempty"`
}
TenantFilter constrains the results of TenantRegistry.List. All zero-value fields are treated as "no constraint".
type TenantPatch ¶ added in v0.18.0
type TenantPatch struct {
Name *string `json:"name,omitempty"`
Domains []string `json:"domains,omitempty"`
Metadata map[string]any `json:"metadata,omitempty"`
IsActive *bool `json:"is_active,omitempty"`
}
TenantPatch is a partial update payload; nil pointer fields are left unchanged.
type TenantRegistry ¶ added in v0.18.0
type TenantRegistry interface {
// Ensure creates the tenant if it does not exist, or returns the existing one.
Ensure(spec TenantSpec) (Tenant, error)
// GetByID looks up a tenant by its opaque ID.
GetByID(id string) (Tenant, error)
// GetByDomain looks up a tenant by one of its associated domains.
GetByDomain(domain string) (Tenant, error)
// GetBySlug looks up a tenant by its unique URL slug.
GetBySlug(slug string) (Tenant, error)
// List returns tenants matching the filter (all tenants if filter is zero).
List(filter TenantFilter) ([]Tenant, error)
// Update applies a partial patch to an existing tenant.
Update(id string, patch TenantPatch) (Tenant, error)
// Disable soft-deletes a tenant (sets IsActive=false).
Disable(id string) error
}
TenantRegistry persists and retrieves Tenant records.
type TenantResolver ¶ added in v0.18.0
type TenantResolver interface {
// Resolve returns the Tenant associated with the request.
// Returns the zero Tenant and no error when no tenant is found.
Resolve(ctx context.Context, r *http.Request) (Tenant, error)
}
TenantResolver resolves the tenant for an inbound request. Implementations combine one or more Selectors with a lookup strategy.
type TenantSpec ¶ added in v0.18.0
type TenantSpec struct {
Name string `json:"name"`
Slug string `json:"slug"`
Domains []string `json:"domains,omitempty"`
Metadata map[string]any `json:"metadata,omitempty"`
}
TenantSpec is the creation payload for a Tenant.
func (TenantSpec) Validate ¶ added in v0.18.0
func (s TenantSpec) Validate() error
Validate checks that TenantSpec has the required fields.
type TerminationSpec ¶ added in v0.18.0
type TerminationSpec struct {
DrainSeconds int `json:"drain_seconds" yaml:"drain_seconds"`
GracePeriodSeconds int `json:"grace_period_seconds" yaml:"grace_period_seconds"`
}
TerminationSpec controls drain / graceful-shutdown behaviour.
type Trigger ¶
type Trigger interface {
modular.Module
modular.Startable
modular.Stoppable
// Configure sets up the trigger from configuration.
Configure(app modular.Application, triggerConfig any) error
}
Trigger defines what can start a workflow execution. Moving this interface here breaks the engine→module import dependency while preserving backward compatibility via the type alias in the module package.
*module.HTTPTrigger, *module.ScheduleTrigger, and other concrete trigger implementations all satisfy this interface.
type TriggerRegistrar ¶
type TriggerRegistrar interface {
// RegisterTrigger adds a trigger to the registry.
RegisterTrigger(trigger Trigger)
}
TriggerRegistrar manages registered triggers. *module.TriggerRegistry satisfies this interface.
type ValidationError ¶ added in v0.3.60
type ValidationError struct {
Message string
Status int // HTTP status code to use (e.g., 400, 422)
Field string // optional: which field was invalid
Code string // optional: machine-readable error code for clients
}
ValidationError indicates a step failed due to invalid user input, not an infrastructure error. HTTP handlers map this to a 4xx status code instead of the default 500 Internal Server Error.
func NewValidationError ¶ added in v0.3.60
func NewValidationError(msg string, status int) *ValidationError
NewValidationError creates a ValidationError with the given message and HTTP status code. Use status 400 for bad input, 422 for unprocessable entity, etc.
func (*ValidationError) Error ¶ added in v0.3.60
func (e *ValidationError) Error() string
type WorkerSpec ¶ added in v0.18.0
type WorkerSpec struct {
Name string `json:"name" yaml:"name"`
Image string `json:"image,omitempty" yaml:"image,omitempty"`
RunCommand string `json:"run_command" yaml:"run_command"`
EnvVars map[string]string `json:"env_vars,omitempty" yaml:"env_vars,omitempty"`
EnvVarsSecret map[string]string `json:"env_vars_secret,omitempty" yaml:"env_vars_secret,omitempty"`
InstanceCount int `json:"instance_count" yaml:"instance_count"`
Size string `json:"size,omitempty" yaml:"size,omitempty"`
Autoscaling *AutoscalingSpec `json:"autoscaling,omitempty" yaml:"autoscaling,omitempty"`
HealthCheck *HealthCheckSpec `json:"health_check,omitempty" yaml:"health_check,omitempty"`
Resources *WorkloadResourceSpec `json:"resources,omitempty" yaml:"resources,omitempty"`
Termination *TerminationSpec `json:"termination,omitempty" yaml:"termination,omitempty"`
Alerts []AlertSpec `json:"alerts,omitempty" yaml:"alerts,omitempty"`
LogDestinations []LogDestinationSpec `json:"log_destinations,omitempty" yaml:"log_destinations,omitempty"`
}
WorkerSpec describes a long-running background worker workload.
type WorkflowStoreProvider ¶
type WorkflowStoreProvider interface {
// Name returns the module name (used for logging).
Name() string
// WorkflowStore returns the underlying workflow data store as an opaque
// value. The caller is responsible for asserting the concrete type
// (typically *module.V1Store) when further operations are required.
WorkflowStore() any
}
WorkflowStoreProvider is implemented by any service that exposes a workflow data store. Using this interface in cmd/server decouples the server startup code from the concrete *module.WorkflowRegistry type.
*module.WorkflowRegistry satisfies this interface.
type WorkloadResourceSpec ¶ added in v0.18.0
type WorkloadResourceSpec struct {
CPUMillis int `json:"cpu_millis" yaml:"cpu_millis"` // 1000 = 1 vCPU
MemoryMiB int `json:"memory_mib" yaml:"memory_mib"`
CPULimit int `json:"cpu_limit" yaml:"cpu_limit"`
MemoryLimit int `json:"memory_limit" yaml:"memory_limit"`
}
WorkloadResourceSpec declares CPU and memory resource requests/limits for a workload. Named distinctly from interfaces.ResourceSpec which is used for IaC infrastructure resources.
Source Files