Documentation
¶
Index ¶
- Constants
- func ApplyRuntimeToggles(cfg *ControllerConfig)
- func EffectiveMaxRecursionDepth(cfg *OperatorConfig) int
- func MergeTemplateRetryIntoPolicy(policy *v1alpha1.RetryPolicy, ...) *v1alpha1.RetryPolicy
- func NormalizeCapabilities(caps []string) []string
- func ResolveStoryMaxRecursionDepth(story *v1alpha1.Story, fallback int) int
- func ValidateControllerConfig(cfg *ControllerConfig) error
- func WithExecutionOverrideLayer(ctx context.Context, layer string) context.Context
- func WithStoryMaxRecursionDepth(ctx context.Context, story *v1alpha1.Story, fallback int) context.Context
- type BindingControllerTuning
- type ConfigReloadReason
- type ControllerConfig
- func (c *ControllerConfig) BuildCleanupControllerOptions() controller.Options
- func (c *ControllerConfig) BuildEffectClaimControllerOptions() controller.Options
- func (c *ControllerConfig) BuildEngramControllerOptions() controller.Options
- func (c *ControllerConfig) BuildImpulseControllerOptions() controller.Options
- func (c *ControllerConfig) BuildStepRunControllerOptions() controller.Options
- func (c *ControllerConfig) BuildStoryControllerOptions() controller.Options
- func (c *ControllerConfig) BuildStoryRunControllerOptions() controller.Options
- func (c *ControllerConfig) BuildStoryTriggerControllerOptions() controller.Options
- func (c *ControllerConfig) BuildTemplateControllerOptions() controller.Options
- func (c *ControllerConfig) BuildTransportControllerOptions() controller.Options
- func (c *ControllerConfig) Clone() ControllerConfig
- type ControllerDependencies
- type EngramConfig
- type EngramControllerConfig
- type GRPCConfig
- type ImpulseConfig
- type OperatorConfig
- type OperatorConfigManager
- func (m *OperatorConfigManager) ConfigName() string
- func (m *OperatorConfigManager) ConfigNamespace() string
- func (m *OperatorConfigManager) GetConfig() *OperatorConfig
- func (m *OperatorConfigManager) GetControllerConfig() *ControllerConfig
- func (m *OperatorConfigManager) LoadInitial(ctx context.Context) error
- func (m *OperatorConfigManager) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)
- func (ocm *OperatorConfigManager) RefreshConfig()
- func (m *OperatorConfigManager) SetAPIReader(reader client.Reader)
- func (m *OperatorConfigManager) SetupWithManager(mgr ctrl.Manager) error
- type QueueConfig
- type RateLimiterConfig
- type ResolvedExecutionConfig
- type Resolver
- func (cr *Resolver) ApplyExecutionOverrides(ctx context.Context, overrides *v1alpha1.ExecutionOverrides, ...) error
- func (cr *Resolver) ConfigName() string
- func (cr *Resolver) ConfigNamespace() string
- func (cr *Resolver) GetOperatorConfig() *OperatorConfig
- func (cr *Resolver) ResolveExecutionConfig(ctx context.Context, step *runsv1alpha1.StepRun, story *v1alpha1.Story, ...) (*ResolvedExecutionConfig, error)
- type SchedulingConfig
- type StepRunConfig
- type StoryConfig
- type StoryRunConfig
- type TemplateConfig
- type TransportConfig
- type TransportControllerConfig
Constants ¶
View Source
const ( // MinReconcileTimeout is the minimum allowed reconcile timeout to prevent aggressive cancellation. MinReconcileTimeout = 5 * time.Second // MaxReconcileTimeout is the maximum allowed reconcile timeout to prevent runaway reconciles. MaxReconcileTimeout = 30 * time.Minute // MinCleanupInterval is the minimum cleanup interval to prevent GC spinning. MinCleanupInterval = 10 * time.Second // MinRequeueDelay is the minimum requeue delay to prevent hot-loop requeues. MinRequeueDelay = 10 * time.Millisecond // MinHeartbeatInterval is the minimum heartbeat interval. MinHeartbeatInterval = 1 * time.Second // MinStoryWithBlockSizeBytes is the minimum allowed size for a Story with-block. MinStoryWithBlockSizeBytes = 1024 // MaxStoryWithBlockSizeBytes is the maximum allowed size for a Story with-block. MaxStoryWithBlockSizeBytes = 1024 * 1024 )
Validation constants for controller configuration bounds.
View Source
const ( TemplatingOffloadedPolicyError = "error" TemplatingOffloadedPolicyInject = "inject" TemplatingOffloadedPolicyController = "controller" )
View Source
const ( ReferenceCrossNamespacePolicyDeny = "deny" ReferenceCrossNamespacePolicyGrant = "grant" ReferenceCrossNamespacePolicyAllow = "allow" )
Variables ¶
This section is empty.
Functions ¶
func ApplyRuntimeToggles ¶ added in v0.1.4
func ApplyRuntimeToggles(cfg *ControllerConfig)
ApplyRuntimeToggles wires global observability/logging knobs from config.
func EffectiveMaxRecursionDepth ¶ added in v0.1.4
func EffectiveMaxRecursionDepth(cfg *OperatorConfig) int
EffectiveMaxRecursionDepth returns the configured global recursion budget or the process fallback when configuration is nil or unset.
func MergeTemplateRetryIntoPolicy ¶ added in v0.1.4
func MergeTemplateRetryIntoPolicy(policy *v1alpha1.RetryPolicy, templateRetry *catalogv1alpha1.TemplateRetryPolicy) *v1alpha1.RetryPolicy
MergeTemplateRetryIntoPolicy fills Delay, MaxDelay, and Backoff on policy from template recommendations when the policy's fields are nil. Used when creating a StepRun so the controller uses template retry defaults without resolving full config at retry time. Returns a new policy (or policy copy) with merged values; does not mutate inputs.
func NormalizeCapabilities ¶ added in v0.1.4
NormalizeCapabilities trims whitespace, uppercases, and filters empty entries from a capability slice. Returns ["ALL"] if the result is empty.
Behavior:
- Trims whitespace and uppercases each entry.
- Filters out empty entries after trimming.
- Returns ["ALL"] if no valid capabilities remain.
Arguments:
- caps []string: slice of capability names.
Returns:
- []string: normalized slice of uppercase capability names, or ["ALL"] if empty.
Notes:
- Used by both parseDropCapabilities and ValidateControllerConfig to ensure consistent normalization.
func ResolveStoryMaxRecursionDepth ¶ added in v0.1.4
ResolveStoryMaxRecursionDepth returns the effective recursion depth for the Story, falling back to the provided global default when the Story does not override it.
func ValidateControllerConfig ¶ added in v0.1.4
func ValidateControllerConfig(cfg *ControllerConfig) error
ValidateControllerConfig ensures operator-provided knobs are sane.
Behavior:
- Validates all controller configuration fields for safety bounds.
- Normalizes DropCapabilities (uppercase, trim whitespace).
- Accumulates all validation errors and returns them joined.
Arguments:
- cfg *ControllerConfig: the configuration to validate.
Returns:
- error: joined validation errors, or nil if valid.
Side Effects:
- Mutates cfg.DropCapabilities in-place (normalization).
Notes:
- Called after parsing ConfigMap to ensure safe runtime behavior.
- Negative durations are treated as unset by the duration helpers, but we validate them here.
func WithExecutionOverrideLayer ¶ added in v0.1.4
WithExecutionOverrideLayer annotates ctx so ApplyExecutionOverrides can emit telemetry labeled by caller.
Types ¶
type BindingControllerTuning ¶ added in v0.1.4
type BindingControllerTuning struct {
// MaxMutationsPerReconcile bounds how many bindings a controller may mutate
// during a single reconcile loop. Zero or negative disables throttling.
MaxMutationsPerReconcile int `json:"maxMutationsPerReconcile,omitempty"`
// ThrottleRequeueDelay defines how long to wait before retrying once the
// controller hits the mutation budget.
ThrottleRequeueDelay time.Duration `json:"throttleRequeueDelay,omitempty"`
}
BindingControllerTuning captures throttling knobs for TransportBinding mutations.
type ConfigReloadReason ¶ added in v0.1.4
type ConfigReloadReason string
ConfigReloadReason describes why the configuration was reloaded.
const ( // ConfigReloadInitial indicates the initial configuration load at startup. ConfigReloadInitial ConfigReloadReason = "initial" // ConfigReloadReconcile indicates a reload triggered by ConfigMap change. ConfigReloadReconcile ConfigReloadReason = "reconcile" // ConfigReloadRefresh indicates a manual refresh. ConfigReloadRefresh ConfigReloadReason = "refresh" )
type ControllerConfig ¶
type ControllerConfig struct {
// StoryRun controller configuration
StoryRun StoryRunConfig `json:"storyRun,omitempty"`
// StepRun controller configuration
StepRun StepRunConfig `json:"stepRun,omitempty"`
// Story controller configuration
Story StoryConfig `json:"story,omitempty"`
// Engram controller configuration
Engram EngramConfig `json:"engram,omitempty"`
// Impulse controller configuration
Impulse ImpulseConfig `json:"impulse,omitempty"`
// Template controllers configuration
Template TemplateConfig `json:"template,omitempty"`
// Transport controller configuration
TransportController TransportControllerConfig `json:"transportController,omitempty"`
// MaxStoryWithBlockSizeBytes is the maximum allowed size for a Story's spec.steps.with block.
// This prevents oversized resources from being stored in etcd.
// +optional
MaxStoryWithBlockSizeBytes int `json:"maxStoryWithBlockSizeBytes,omitempty"`
DefaultEngramImage string `json:"defaultEngramImage,omitempty"`
DefaultImpulseImage string `json:"defaultImpulseImage,omitempty"`
DefaultCPURequest string `json:"defaultCPURequest,omitempty"`
DefaultCPULimit string `json:"defaultCPULimit,omitempty"`
DefaultMemoryRequest string `json:"defaultMemoryRequest,omitempty"`
DefaultMemoryLimit string `json:"defaultMemoryLimit,omitempty"`
// Global Controller Configuration
// Note: Per-controller MaxConcurrentReconciles are in StoryRun, StepRun, Story, etc.
RequeueBaseDelay time.Duration `json:"requeueBaseDelay,omitempty"`
RequeueMaxDelay time.Duration `json:"requeueMaxDelay,omitempty"`
CleanupInterval metav1.Duration `json:"cleanupInterval,omitempty"`
// MaxConcurrentReconciles provides a global fallback when per-controller values are zero.
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// ReconcileTimeout bounds the duration of a single reconcile loop.
// Set to 0 to disable deadline (not recommended for production).
ReconcileTimeout time.Duration `json:"reconcileTimeout,omitempty"`
// Transport configuration for hybrid execution
Transport TransportConfig `json:"transport,omitempty"`
// Image Configuration
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
// Resource Limits
EngramCPURequest string `json:"engramCpuRequest,omitempty"`
EngramCPULimit string `json:"engramCpuLimit,omitempty"`
EngramMemoryRequest string `json:"engramMemoryRequest,omitempty"`
EngramMemoryLimit string `json:"engramMemoryLimit,omitempty"`
// Retry and Timeout Configuration
MaxRetries int `json:"maxRetries,omitempty"`
DefaultStepTimeout time.Duration `json:"defaultStepTimeout,omitempty"`
ApprovalDefaultTimeout time.Duration `json:"approvalDefaultTimeout,omitempty"`
ExternalDataTimeout time.Duration `json:"externalDataTimeout,omitempty"`
ConditionalTimeout time.Duration `json:"conditionalTimeout,omitempty"`
// Security Configuration
RunAsNonRoot bool `json:"runAsNonRoot,omitempty"`
ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty"`
AllowPrivilegeEscalation bool `json:"allowPrivilegeEscalation,omitempty"`
DropCapabilities []string `json:"dropCapabilities,omitempty"`
RunAsUser int64 `json:"runAsUser,omitempty"`
// Job Configuration
JobBackoffLimit int32 `json:"jobBackoffLimit,omitempty"`
JobRestartPolicy corev1.RestartPolicy `json:"jobRestartPolicy,omitempty"`
TTLSecondsAfterFinished int32 `json:"ttlSecondsAfterFinished,omitempty"`
RealtimeTTLSecondsAfterFinished int32 `json:"realtimeTTLSecondsAfterFinished,omitempty"`
StoryRunRetentionSeconds int32 `json:"storyRunRetentionSeconds,omitempty"`
ServiceAccountName string `json:"serviceAccountName,omitempty"`
AutomountServiceAccountToken bool `json:"automountServiceAccountToken,omitempty"`
// Templating Configuration
TemplateEvaluationTimeout time.Duration `json:"templateEvaluationTimeout,omitempty"`
TemplateMaxOutputBytes int `json:"templateMaxOutputBytes,omitempty"`
// TemplateDeterministic disables non-deterministic helpers (for example, now()).
TemplateDeterministic bool `json:"templateDeterministic,omitempty"`
// TemplateOffloadedPolicy controls how templates behave when offloaded data is accessed.
TemplateOffloadedPolicy string `json:"templateOffloadedPolicy,omitempty"`
// TemplateMaterializeEngram is the Engram name used to materialize templates that require offloaded data.
TemplateMaterializeEngram string `json:"templateMaterializeEngram,omitempty"`
// ReferenceCrossNamespacePolicy controls cross-namespace reference behavior.
// Supported values: "deny", "grant", "allow".
ReferenceCrossNamespacePolicy string `json:"referenceCrossNamespacePolicy,omitempty"`
// Telemetry Configuration
TelemetryEnabled bool `json:"telemetryEnabled,omitempty"`
TracePropagationEnabled bool `json:"tracePropagationEnabled,omitempty"`
// Development/Debug Configuration
EnableVerboseLogging bool `json:"enableVerboseLogging,omitempty"`
EnableStepOutputLogging bool `json:"enableStepOutputLogging,omitempty"`
EnableMetrics bool `json:"enableMetrics,omitempty"`
// Operator-level default storage configuration (applied when Story policy is absent)
DefaultStorageProvider string `json:"defaultStorageProvider,omitempty"`
DefaultS3Bucket string `json:"defaultS3Bucket,omitempty"`
DefaultS3Region string `json:"defaultS3Region,omitempty"`
DefaultS3Endpoint string `json:"defaultS3Endpoint,omitempty"`
DefaultS3UsePathStyle bool `json:"defaultS3UsePathStyle,omitempty"`
DefaultS3AuthSecretName string `json:"defaultS3AuthSecretName,omitempty"`
DefaultFileStoragePath string `json:"defaultFileStoragePath,omitempty"`
DefaultFileVolumeClaimName string `json:"defaultFileVolumeClaimName,omitempty"`
}
ControllerConfig holds configurable parameters for all controllers
func DefaultControllerConfig ¶
func DefaultControllerConfig() *ControllerConfig
DefaultControllerConfig returns the default configuration
func (*ControllerConfig) BuildCleanupControllerOptions ¶
func (c *ControllerConfig) BuildCleanupControllerOptions() controller.Options
BuildCleanupControllerOptions builds controller.Options for cleanup controllers with conservative concurrency and a fixed exponential failure backoff.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildEffectClaimControllerOptions ¶ added in v0.1.4
func (c *ControllerConfig) BuildEffectClaimControllerOptions() controller.Options
BuildEffectClaimControllerOptions builds controller.Options for the EffectClaim controller by applying global concurrency and standard exponential failure backoff.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildEngramControllerOptions ¶
func (c *ControllerConfig) BuildEngramControllerOptions() controller.Options
BuildEngramControllerOptions builds controller.Options for the Engram controller by applying configured concurrency and exponential failure backoff.
Behavior:
- Sets MaxConcurrentReconciles from c.Engram.MaxConcurrentReconciles.
- Uses an exponential failure rate limiter with base/max delays resolved via kubeutil.FirstPositiveDuration, preferring c.Engram.RateLimiter over the global c.Requeue*Delay settings.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildImpulseControllerOptions ¶
func (c *ControllerConfig) BuildImpulseControllerOptions() controller.Options
BuildImpulseControllerOptions builds controller.Options for the Impulse controller by applying configured concurrency and exponential failure backoff.
Behavior:
- Sets MaxConcurrentReconciles from c.Impulse.MaxConcurrentReconciles.
- Uses an exponential failure rate limiter with base/max delays resolved via kubeutil.FirstPositiveDuration, preferring c.Impulse.RateLimiter over the global c.Requeue*Delay settings.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildStepRunControllerOptions ¶
func (c *ControllerConfig) BuildStepRunControllerOptions() controller.Options
BuildStepRunControllerOptions builds controller.Options for the StepRun controller by applying configured concurrency and exponential failure backoff.
Behavior:
- Sets MaxConcurrentReconciles from c.StepRun.MaxConcurrentReconciles.
- Uses an exponential failure rate limiter with base/max delays resolved via kubeutil.FirstPositiveDuration, preferring c.StepRun.RateLimiter over the global c.Requeue*Delay settings.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildStoryControllerOptions ¶
func (c *ControllerConfig) BuildStoryControllerOptions() controller.Options
BuildStoryControllerOptions builds controller.Options for the Story controller by applying configured concurrency and exponential failure backoff.
Behavior:
- Sets MaxConcurrentReconciles from c.Story.MaxConcurrentReconciles.
- Uses an exponential failure rate limiter with base/max delays resolved via kubeutil.FirstPositiveDuration, preferring c.Story.RateLimiter over the global c.Requeue*Delay settings.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildStoryRunControllerOptions ¶
func (c *ControllerConfig) BuildStoryRunControllerOptions() controller.Options
BuildStoryRunControllerOptions builds controller.Options for the StoryRun controller by applying configured concurrency and exponential failure backoff.
Behavior:
- Sets MaxConcurrentReconciles from c.StoryRun.MaxConcurrentReconciles.
- Uses an exponential failure rate limiter with base/max delays resolved via kubeutil.FirstPositiveDuration, preferring c.StoryRun.RateLimiter over the global c.Requeue*Delay settings.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildStoryTriggerControllerOptions ¶ added in v0.1.4
func (c *ControllerConfig) BuildStoryTriggerControllerOptions() controller.Options
BuildStoryTriggerControllerOptions builds controller.Options for the StoryTrigger controller by applying global concurrency and standard exponential failure backoff.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildTemplateControllerOptions ¶
func (c *ControllerConfig) BuildTemplateControllerOptions() controller.Options
BuildTemplateControllerOptions builds controller.Options for template reconcilers by applying configured concurrency and exponential failure backoff.
Behavior:
- Sets MaxConcurrentReconciles from c.Template.MaxConcurrentReconciles.
- Uses an exponential failure rate limiter with base/max delays resolved via kubeutil.FirstPositiveDuration, preferring c.Template.RateLimiter over the global c.Requeue*Delay settings.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) BuildTransportControllerOptions ¶ added in v0.1.4
func (c *ControllerConfig) BuildTransportControllerOptions() controller.Options
BuildTransportControllerOptions builds controller.Options for the Transport controller by applying configured concurrency and exponential failure backoff.
Behavior:
- Uses c.TransportController.MaxConcurrentReconciles when positive; otherwise falls back to the global MaxConcurrentReconciles via buildControllerOptions.
- Uses an exponential failure rate limiter with base/max delays resolved via kubeutil.FirstPositiveDuration, preferring c.TransportController.RateLimiter over the global c.Requeue*Delay settings.
Returns:
- controller.Options: configured options used during controller registration.
func (*ControllerConfig) Clone ¶ added in v0.1.4
func (c *ControllerConfig) Clone() ControllerConfig
Clone returns a deep copy of the ControllerConfig.
type ControllerDependencies ¶
type ControllerDependencies struct {
client.Client
APIReader client.Reader
Scheme *runtime.Scheme
ConfigResolver *Resolver
TemplateEvaluator *templating.Evaluator
}
ControllerDependencies holds all the shared dependencies required by the controllers. This struct is created once in main.go and passed to each controller, ensuring consistent access to shared services like configuration resolvers and templating evaluators.
type EngramConfig ¶
type EngramConfig struct {
// MaxConcurrentReconciles is the maximum number of concurrent reconciles
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// RateLimiter configuration
RateLimiter RateLimiterConfig `json:"rateLimiter,omitempty"`
// EngramControllerConfig holds configuration specific to Engram controllers.
EngramControllerConfig EngramControllerConfig `json:"engramControllerConfig,omitempty"`
}
EngramConfig contains Engram controller settings
type EngramControllerConfig ¶
type EngramControllerConfig struct {
// DefaultGRPCPort is the default port used for gRPC communication with realtime engrams.
DefaultGRPCPort int `json:"defaultGRPCPort,omitempty"`
// DefaultGRPCHeartbeatIntervalSeconds defines how frequently SDKs send heartbeat pings to the hub.
DefaultGRPCHeartbeatIntervalSeconds int `json:"defaultGRPCHeartbeatIntervalSeconds,omitempty"`
// DefaultMaxInlineSize is the default maximum size in bytes for inputs/outputs
// to be passed directly as environment variables. Larger values will be offloaded
// to the configured storage backend.
DefaultMaxInlineSize int `json:"defaultMaxInlineSize,omitempty"`
// DefaultMaxRecursionDepth is the default maximum nesting depth used while
// hydrating or dehydrating structured payloads. Increase this when Stories
// intentionally pass deeply nested documents, such as full Kubernetes objects,
// through shared storage.
DefaultMaxRecursionDepth int `json:"defaultMaxRecursionDepth,omitempty"`
// DefaultStorageTimeout is the timeout for storage operations (upload/download) in seconds.
// This should be tuned based on expected output sizes and S3 latency:
// timeout >= (max_output_mb / upload_bandwidth_mbps) * 1.5 + baseline_latency_sec
DefaultStorageTimeoutSeconds int `json:"defaultStorageTimeoutSeconds,omitempty"`
// DefaultGracefulShutdownTimeoutSeconds is the timeout for realtime engrams to drain
// in-flight messages during graceful shutdown. Should be set to terminationGracePeriodSeconds - 10s
// to leave adequate margin before Kubernetes sends SIGKILL.
DefaultGracefulShutdownTimeoutSeconds int `json:"defaultGracefulShutdownTimeoutSeconds,omitempty"`
// DefaultTerminationGracePeriodSeconds is the grace period for pod termination.
// Applies to both batch Jobs and realtime Deployments.
// Note: Cast to *int64 when assigning to PodSpec.TerminationGracePeriodSeconds.
DefaultTerminationGracePeriodSeconds int `json:"defaultTerminationGracePeriodSeconds,omitempty"`
// DefaultMaxRecvMsgBytes is the default max gRPC message size for receiving.
DefaultMaxRecvMsgBytes int `json:"defaultMaxRecvMsgBytes,omitempty"`
// DefaultMaxSendMsgBytes is the default max gRPC message size for sending.
DefaultMaxSendMsgBytes int `json:"defaultMaxSendMsgBytes,omitempty"`
// DefaultDialTimeoutSeconds is the client-side timeout for establishing a gRPC connection.
DefaultDialTimeoutSeconds int `json:"defaultDialTimeoutSeconds,omitempty"`
// DefaultChannelBufferSize is the in-memory channel buffer size for SDK streams.
DefaultChannelBufferSize int `json:"defaultChannelBufferSize,omitempty"`
// DefaultReconnectMaxRetries is the number of retries on transient gRPC connection errors.
DefaultReconnectMaxRetries int `json:"defaultReconnectMaxRetries,omitempty"`
// DefaultReconnectBaseBackoffMillis is the base backoff delay for reconnect attempts.
DefaultReconnectBaseBackoffMillis int `json:"defaultReconnectBaseBackoffMillis,omitempty"`
// DefaultReconnectMaxBackoffSeconds is the max backoff delay for reconnect attempts.
DefaultReconnectMaxBackoffSeconds int `json:"defaultReconnectMaxBackoffSeconds,omitempty"`
// DefaultHangTimeoutSeconds is the timeout for detecting a hung gRPC stream (no heartbeats).
// Set to 0 to disable the hang watchdog.
DefaultHangTimeoutSeconds int `json:"defaultHangTimeoutSeconds,omitempty"`
// DefaultMessageTimeoutSeconds is the timeout for individual message operations.
DefaultMessageTimeoutSeconds int `json:"defaultMessageTimeoutSeconds,omitempty"`
}
EngramControllerConfig holds configuration specific to Engram controllers.
type GRPCConfig ¶ added in v0.1.4
type GRPCConfig struct {
// EnableDownstreamTargets controls whether the operator computes and injects
// `BUBU_DOWNSTREAM_TARGETS` into batch-mode StepRuns that are upstream of
// any realtime-mode Engrams in a Story.
EnableDownstreamTargets bool `json:"enableDownstreamTargets,omitempty"`
// DefaultTLSSecret provides a fallback TLS Secret when Engrams do not specify one.
DefaultTLSSecret string `json:"defaultTLSSecret,omitempty"`
}
GRPCConfig holds gRPC-related settings for the operator and SDKs.
type ImpulseConfig ¶
type ImpulseConfig struct {
// MaxConcurrentReconciles is the maximum number of concurrent reconciles
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// RateLimiter configuration
RateLimiter RateLimiterConfig `json:"rateLimiter,omitempty"`
}
ImpulseConfig contains Impulse controller settings
type OperatorConfig ¶
type OperatorConfig struct {
Controller ControllerConfig `json:"controller,omitempty"`
}
OperatorConfig holds the configuration for the operator
func DefaultOperatorConfig ¶
func DefaultOperatorConfig() *OperatorConfig
DefaultOperatorConfig returns the default configuration with hardcoded values.
Behavior:
- Creates a new ControllerConfig via DefaultControllerConfig().
- Overrides key fields with operator-level defaults (concurrency, images, resources, etc.).
- Returns a new OperatorConfig containing the configured ControllerConfig.
Returns:
- *OperatorConfig: a new configuration struct with hardcoded defaults.
Notes:
- These defaults are used when no ConfigMap is present or as fallback values.
- See DefaultControllerConfig() for controller-specific nested defaults.
func (*OperatorConfig) Clone ¶ added in v0.1.4
func (cfg *OperatorConfig) Clone() *OperatorConfig
Clone returns a deep copy of the OperatorConfig.
type OperatorConfigManager ¶
type OperatorConfigManager struct {
// contains filtered or unexported fields
}
OperatorConfigManager manages the operator's dynamic configuration using the shared operatorconfig.Manager from the core module.
func MustNewOperatorConfigManager ¶ added in v0.1.4
func MustNewOperatorConfigManager(k8sClient client.Client, namespace, configMapName string, reader ...client.Reader) *OperatorConfigManager
MustNewOperatorConfigManager constructs an OperatorConfigManager and panics on construction failure. Prefer NewOperatorConfigManager in production code so startup failures flow through normal error handling; this helper exists for tests and one-off callers that treat constructor failure as fatal.
func NewOperatorConfigManager ¶
func NewOperatorConfigManager(k8sClient client.Client, namespace, configMapName string, reader ...client.Reader) (*OperatorConfigManager, error)
NewOperatorConfigManager creates a new configuration manager for the operator.
Behavior:
- Creates a new OperatorConfigManager with the provided client and ConfigMap coordinates.
- Initializes defaultConfig and currentConfig with DefaultOperatorConfig().
- If a non-nil reader is supplied, configures it immediately so LoadInitial can bypass the cache (which is not yet populated at startup). The variadic signature keeps call-sites that do not need a reader (e.g. unit tests with fake clients) backward-compatible.
Arguments:
- k8sClient client.Client: the Kubernetes client for API interactions.
- namespace string: the namespace containing the operator ConfigMap.
- configMapName string: the name of the operator ConfigMap.
- reader client.Reader (optional): a non-cached API reader for startup loads.
Returns:
- *OperatorConfigManager: a new manager ready for LoadInitial or SetupWithManager.
- error: non-nil when shared manager construction fails.
Notes:
- The manager starts with default configuration; call LoadInitial to load from ConfigMap.
- Pass mgr.GetAPIReader() as the reader argument in production to avoid relying on the unstarted cache during the initial config load.
func (*OperatorConfigManager) ConfigName ¶ added in v0.1.4
func (m *OperatorConfigManager) ConfigName() string
ConfigName returns the operator ConfigMap name.
func (*OperatorConfigManager) ConfigNamespace ¶ added in v0.1.4
func (m *OperatorConfigManager) ConfigNamespace() string
ConfigNamespace returns the namespace containing the operator ConfigMap.
func (*OperatorConfigManager) GetConfig ¶
func (m *OperatorConfigManager) GetConfig() *OperatorConfig
GetConfig returns the current operator configuration snapshot.
Behavior:
- Acquires a read lock on m.mu.
- Returns the current configuration snapshot.
- Releases the read lock.
Returns:
- *OperatorConfig: the current operator configuration.
Notes:
- Thread-safe; uses RWMutex for concurrent access.
- The returned pointer should be treated as read-only.
func (*OperatorConfigManager) GetControllerConfig ¶
func (m *OperatorConfigManager) GetControllerConfig() *ControllerConfig
GetControllerConfig returns the controller-specific configuration.
Behavior:
- Acquires a read lock on m.mu.
- Returns a pointer to the Controller field of the current config snapshot.
- Releases the read lock.
Returns:
- *ControllerConfig: pointer to the controller-specific configuration.
Notes:
- Thread-safe; uses RWMutex for concurrent access.
- The returned pointer should be treated as read-only.
- Prefer GetConfig() for access to the full OperatorConfig when needed.
func (*OperatorConfigManager) LoadInitial ¶ added in v0.1.3
func (m *OperatorConfigManager) LoadInitial(ctx context.Context) error
LoadInitial performs a one-time synchronous load of the operator configuration from the ConfigMap.
Behavior:
- Logs the load attempt with ConfigMap coordinates.
- Calls loadAndParseConfigMap to fetch and parse the ConfigMap.
- On error, logs and returns the error.
- On success, acquires mutex, updates currentConfig and lastSyncTime.
- Applies runtime toggles via ApplyRuntimeToggles.
- Logs the loaded configuration summary.
Arguments:
- ctx context.Context: propagated to the Kubernetes API GET.
Returns:
- error: non-nil when loading or parsing fails.
Side Effects:
- Reads from the Kubernetes API server.
- Mutates m.currentConfig and m.lastSyncTime under lock.
- Applies global runtime toggles (telemetry, logging, metrics).
Notes:
- Should be called during startup before manager.Start().
- Use SetAPIReader first if the cache is not yet running.
func (*OperatorConfigManager) Reconcile ¶ added in v0.1.3
func (m *OperatorConfigManager) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)
Reconcile handles ConfigMap changes and updates the operator configuration. This is the event-driven approach that reacts to ConfigMap updates immediately.
Behavior:
- Filters events to only process the configured ConfigMap.
- On ConfigMap update: loads and parses the new config, applies it.
- On ConfigMap delete: falls back to default configuration with a warning.
- On parse error: logs error, requeues with backoff.
Notes:
- ConfigMap deletion is handled gracefully by falling back to defaults.
- This prevents the controller from requeuing forever on NotFound errors.
func (*OperatorConfigManager) RefreshConfig ¶
func (ocm *OperatorConfigManager) RefreshConfig()
RefreshConfig resets the current configuration to defaults.
Behavior:
- Acquires write lock on m.mu.
- Sets currentConfig back to defaultConfig.
- Does not trigger a reload from the ConfigMap.
Side Effects:
- Mutates ocm.currentConfig under lock.
Notes:
- This is a cache clear, not a reload. Use LoadInitial or wait for reconcile to reload.
- Thread-safe; uses RWMutex for concurrent access.
func (*OperatorConfigManager) SetAPIReader ¶ added in v0.1.3
func (m *OperatorConfigManager) SetAPIReader(reader client.Reader)
SetAPIReader configures a non-cached reader for situations where the cache is not yet running.
Behavior:
- Stores the provided reader in m.apiReader.
- loadAndParseConfigMap will use this reader instead of the cached client.
Arguments:
- reader client.Reader: a non-cached Kubernetes API reader.
Side Effects:
- Mutates m.apiReader.
Notes:
- Should be called before manager.Start() when loading initial config.
- The reader bypasses the controller-runtime cache for early startup scenarios.
func (*OperatorConfigManager) SetupWithManager ¶ added in v0.1.3
func (m *OperatorConfigManager) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager registers the operator config manager as a controller that watches the configured ConfigMap and reconciles on changes.
Behavior:
- Builds a predicate that filters events to the configured ConfigMap name/namespace.
- Registers a controller named "operator-config-manager" watching corev1.ConfigMap.
- Completes with the OperatorConfigManager as the reconciler.
Arguments:
- mgr ctrl.Manager: controller-runtime manager for controller registration.
Returns:
- error: non-nil when controller registration fails.
Side Effects:
- Registers the controller and ConfigMap watch with the manager.
Notes:
- Does not load initial config; startup calls LoadInitial separately.
- GenericFunc returns false; periodic resync events are not processed.
type QueueConfig ¶ added in v0.1.4
type QueueConfig struct {
// Concurrency limits the number of running StepRuns in this queue.
// Zero disables queue-level limiting.
Concurrency int32 `json:"concurrency,omitempty"`
// DefaultPriority applies when a Story does not set a priority explicitly.
DefaultPriority int32 `json:"defaultPriority,omitempty"`
// PriorityAgingSeconds increases effective priority based on time spent queued.
// Zero or negative disables aging.
PriorityAgingSeconds int32 `json:"priorityAgingSeconds,omitempty"`
}
QueueConfig defines concurrency and default priority for a scheduling queue.
type RateLimiterConfig ¶
type RateLimiterConfig struct {
// BaseDelay is the base delay for exponential backoff
BaseDelay time.Duration `json:"baseDelay,omitempty"`
// MaxDelay is the maximum delay for exponential backoff
MaxDelay time.Duration `json:"maxDelay,omitempty"`
}
RateLimiterConfig contains rate limiter settings
type ResolvedExecutionConfig ¶
type ResolvedExecutionConfig struct {
// Image is the container image selected after merging template and instance overrides.
Image string
// ImagePullPolicy is the policy controllers should use when creating pods.
ImagePullPolicy corev1.PullPolicy
// Resources represents the pod-level resource requirements.
Resources corev1.ResourceRequirements
// NodeSelector constrains scheduling to nodes with matching labels.
NodeSelector map[string]string
// Tolerations allow scheduling onto tainted nodes.
Tolerations []corev1.Toleration
// Affinity expresses node and pod affinity rules.
Affinity *corev1.Affinity
// MaxInlineSize controls when payloads are offloaded to shared storage.
MaxInlineSize int
// Storage captures any resolved storage offload configuration (e.g. S3).
Storage *v1alpha1.StoragePolicy
// Cache captures output caching behavior for the step.
Cache *v1alpha1.CachePolicy
// ServiceAccountName is the ServiceAccount pods should run as.
ServiceAccountName string
// AutomountServiceAccountToken indicates whether automountServiceAccountToken should be set.
AutomountServiceAccountToken bool
// RunAsNonRoot enforces non-root execution when true.
RunAsNonRoot bool
// ReadOnlyRootFilesystem enforces a read-only root filesystem when true.
ReadOnlyRootFilesystem bool
// AllowPrivilegeEscalation toggles privilege escalation in the container security context.
AllowPrivilegeEscalation bool
// DropCapabilities are dropped from the container security context.
DropCapabilities []string
// RunAsUser specifies the UID the pod should run as.
RunAsUser int64
// BackoffLimit is the Job backoff limit.
BackoffLimit int32
// TTLSecondsAfterFinished controls Job TTL cleanup.
TTLSecondsAfterFinished int32
// RestartPolicy is the pod restart policy associated with the Job.
RestartPolicy corev1.RestartPolicy
// DefaultStepTimeout is the reconciler-imposed execution timeout.
DefaultStepTimeout time.Duration
// MaxRetries controls how many retry attempts are permitted.
MaxRetries int
// Secrets contains resolved secret key/value mappings for the step.
Secrets map[string]string
// DebugLogs toggles verbose logging inside engrams/impulses.
DebugLogs bool
// Health check probes (from template, can be disabled at instance level)
LivenessProbe *corev1.Probe
ReadinessProbe *corev1.Probe
StartupProbe *corev1.Probe
// Service configuration (from template)
ServicePorts []corev1.ServicePort
// ServiceLabels augments the generated Service metadata.
ServiceLabels map[string]string
// ServiceAnnotations augments the generated Service metadata.
ServiceAnnotations map[string]string
}
ResolvedExecutionConfig represents the final resolved configuration for a StepRun
func (*ResolvedExecutionConfig) ToContainerSecurityContext ¶
func (config *ResolvedExecutionConfig) ToContainerSecurityContext() *corev1.SecurityContext
ToContainerSecurityContext converts the resolved config to Kubernetes SecurityContext.
Behavior:
- Reads DropCapabilities; defaults to ["ALL"] if empty.
- Converts string capabilities to corev1.Capability slice.
- Creates a new SecurityContext with ReadOnlyRootFilesystem, AllowPrivilegeEscalation, and Capabilities.
Returns:
- *corev1.SecurityContext: the container-level security context for container spec.
Notes:
- Callers should treat the returned pointer as owned; safe to mutate.
- Only includes security fields relevant to capability dropping and filesystem access.
func (*ResolvedExecutionConfig) ToPodSecurityContext ¶
func (config *ResolvedExecutionConfig) ToPodSecurityContext() *corev1.PodSecurityContext
ToPodSecurityContext converts the resolved config to Kubernetes PodSecurityContext.
Behavior:
- Creates a new PodSecurityContext with RunAsNonRoot and RunAsUser.
- Returns a pointer to the newly created struct.
Returns:
- *corev1.PodSecurityContext: the pod-level security context for pod spec.
Notes:
- Callers should treat the returned pointer as owned; safe to mutate.
- Only includes RunAsNonRoot and RunAsUser; other fields use Kubernetes defaults.
func (*ResolvedExecutionConfig) ToResourceRequirements ¶
func (config *ResolvedExecutionConfig) ToResourceRequirements() corev1.ResourceRequirements
ToResourceRequirements converts the resolved config to Kubernetes ResourceRequirements.
Behavior:
- Returns the Resources field directly (no transformation).
Returns:
- corev1.ResourceRequirements: the CPU/memory requests and limits for pod spec.
Notes:
- The returned struct is a copy of the internal Resources field.
type Resolver ¶
type Resolver struct {
// contains filtered or unexported fields
}
Resolver resolves configuration with hierarchical priority Priority (highest to lowest): StepRun > Story.Policy > Namespace > Controller Config
func NewResolver ¶
func NewResolver(k8sClient client.Client, configManager *OperatorConfigManager) *Resolver
NewResolver creates a new configuration resolver for hierarchical config merging.
Behavior:
- Creates a new Resolver with the provided Kubernetes client and config manager.
- The resolver delegates to configManager for operator-level defaults.
Arguments:
- k8sClient client.Client: the Kubernetes client (currently unused, reserved for future use).
- configManager *OperatorConfigManager: the manager providing operator configuration.
Returns:
- *Resolver: a new resolver ready for ResolveExecutionConfig calls.
func (*Resolver) ApplyExecutionOverrides ¶
func (cr *Resolver) ApplyExecutionOverrides(ctx context.Context, overrides *v1alpha1.ExecutionOverrides, config *ResolvedExecutionConfig) error
ApplyExecutionOverrides applies ExecutionOverrides from either Engram or Impulse This is a public method so controllers can apply instance-level overrides.
func (*Resolver) ConfigName ¶ added in v0.1.4
ConfigName returns the operator ConfigMap name.
func (*Resolver) ConfigNamespace ¶ added in v0.1.4
ConfigNamespace returns the namespace where the operator ConfigMap lives.
func (*Resolver) GetOperatorConfig ¶
func (cr *Resolver) GetOperatorConfig() *OperatorConfig
GetOperatorConfig returns the current, raw operator configuration.
Behavior:
- Delegates to cr.configManager.GetConfig() to retrieve the current snapshot.
- Returns the pointer to the shared OperatorConfig (callers should treat as read-only).
Returns:
- *OperatorConfig: the current operator configuration snapshot.
Notes:
- This is the primary way for controllers to access global, non-hierarchical configuration values like default ports or image names.
- The returned pointer should be treated as read-only; mutations are not thread-safe.
func (*Resolver) ResolveExecutionConfig ¶
func (cr *Resolver) ResolveExecutionConfig(ctx context.Context, step *runsv1alpha1.StepRun, story *v1alpha1.Story, engram *v1alpha1.Engram, template *catalogv1alpha1.EngramTemplate, storyStep *v1alpha1.Step) (*ResolvedExecutionConfig, error)
ResolveExecutionConfig resolves the final execution configuration for a step by merging settings from all levels of the hierarchy.
Behavior:
- Retrieves operator configuration and initializes with getOperatorDefaults.
- Applies EngramTemplate settings via applyEngramTemplateConfig.
- Applies Engram settings via applyEngramConfig.
- Applies Story/step settings via applyStoryConfig.
- Applies StepRun overrides via applyStepRunOverrides.
- Finalizes ServiceAccountName if not set (uses StoryRun-derived name).
Arguments:
- ctx context.Context: propagated to sub-resolvers (currently unused).
- step *runsv1alpha1.StepRun: the StepRun for highest-priority overrides.
- story *v1alpha1.Story: the Story for policy and step-level settings.
- engram *v1alpha1.Engram: the Engram for secrets and execution policy.
- template *catalogv1alpha1.EngramTemplate: the template for recommended settings.
- storyStep *v1alpha1.Step: optional pre-resolved step (avoids lookup if provided).
Returns:
- *ResolvedExecutionConfig: the fully merged configuration.
- error: non-nil when a fail-fast stage in the apply chain rejects template data.
Notes:
- Precedence: StepRun > Story Step > Engram > EngramTemplate > Operator > Defaults.
type SchedulingConfig ¶ added in v0.1.4
type SchedulingConfig struct {
// GlobalConcurrency limits the total number of running StepRuns across the cluster.
// Zero disables the global limit.
GlobalConcurrency int32 `json:"globalConcurrency,omitempty"`
// Queues defines per-queue concurrency and priority defaults.
Queues map[string]QueueConfig `json:"queues,omitempty"`
}
SchedulingConfig captures global and per-queue scheduling controls for StoryRuns.
type StepRunConfig ¶
type StepRunConfig struct {
// MaxConcurrentReconciles is the maximum number of concurrent reconciles
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// RateLimiter configuration
RateLimiter RateLimiterConfig `json:"rateLimiter,omitempty"`
}
StepRunConfig contains StepRun controller settings
type StoryConfig ¶
type StoryConfig struct {
// MaxConcurrentReconciles is the maximum number of concurrent reconciles
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// RateLimiter configuration
RateLimiter RateLimiterConfig `json:"rateLimiter,omitempty"`
// Binding config controls TransportBinding fan-out during reconciles.
Binding BindingControllerTuning `json:"binding,omitempty"`
}
StoryConfig contains Story controller settings
type StoryRunConfig ¶
type StoryRunConfig struct {
// MaxConcurrentReconciles is the maximum number of concurrent reconciles
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// RateLimiter configuration
RateLimiter RateLimiterConfig `json:"rateLimiter,omitempty"`
// MaxInlineInputsSize is the maximum size in bytes for StoryRun spec.inputs.
// Payloads larger than this will be rejected by the controller if webhooks are disabled.
MaxInlineInputsSize int `json:"maxInlineInputsSize,omitempty"`
// Binding config controls TransportBinding fan-out during reconciles.
Binding BindingControllerTuning `json:"binding,omitempty"`
// Scheduling controls global and per-queue execution limits.
Scheduling SchedulingConfig `json:"scheduling,omitempty"`
}
StoryRunConfig contains StoryRun controller settings
type TemplateConfig ¶
type TemplateConfig struct {
// MaxConcurrentReconciles is the maximum number of concurrent reconciles
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// RateLimiter configuration
RateLimiter RateLimiterConfig `json:"rateLimiter,omitempty"`
}
TemplateConfig contains Template controller settings (EngramTemplate, ImpulseTemplate)
type TransportConfig ¶ added in v0.1.4
type TransportConfig struct {
GRPC GRPCConfig `json:"grpc,omitempty"`
HeartbeatInterval time.Duration `json:"heartbeatInterval,omitempty"`
}
TransportConfig holds configuration for the gRPC transport layer.
type TransportControllerConfig ¶ added in v0.1.4
type TransportControllerConfig struct {
// MaxConcurrentReconciles is the maximum number of concurrent reconciles
MaxConcurrentReconciles int `json:"maxConcurrentReconciles,omitempty"`
// RateLimiter configuration
RateLimiter RateLimiterConfig `json:"rateLimiter,omitempty"`
// HeartbeatTimeout is how long the operator waits before marking a transport binding stale.
HeartbeatTimeout time.Duration `json:"heartbeatTimeout,omitempty"`
}
TransportControllerConfig contains Transport controller settings.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.