config

package
v0.1.0-beta.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 18, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExpandStackVarsWithEnv 

func ExpandStackVarsWithEnv(s *Stack)

ExpandStackVarsWithEnv expands environment variable references in stack fields.

func ExpandString 

func ExpandString(s string, resolve Resolver) (expanded string, unresolvedVault []string, emptyEnvVars []string)

ExpandString expands variable references in a string using the given resolver. All patterns are matched in a single pass to prevent double-expansion of values that contain dollar signs.

Returns the expanded string, any unresolved vault references, and env vars that resolved to empty.

func MergeEquippedSkills 

func MergeEquippedSkills(s *Stack)

MergeEquippedSkills merges equipped_skills alias into uses for API callers.

func ServerNames 

func ServerNames(selectors []ToolSelector) []string

ServerNames returns a slice of server names from a slice of ToolSelectors. This is useful for backward compatibility with code that expects []string.

func Validate 

func Validate(s *Stack) error

Validate checks the stack configuration for errors.

func ValidateStackFile 

func ValidateStackFile(path string) (*Stack, *ValidationResult, error)

ValidateStackFile loads a stack file and validates it without deploying. Returns the parsed stack (for further use) and the validation result.

Types

type A2AAgent 

type A2AAgent struct {
	Name string   `yaml:"name"`           // Local alias for this remote agent
	URL  string   `yaml:"url"`            // Base URL for the remote agent's A2A endpoint
	Auth *A2AAuth `yaml:"auth,omitempty"` // Authentication configuration
}

A2AAgent defines an external A2A agent reference. Experimental: may change without notice.

type A2AAuth 

type A2AAuth struct {
	Type       string `yaml:"type,omitempty"`        // "bearer", "api_key", or "none"
	TokenEnv   string `yaml:"token_env,omitempty"`   // Environment variable containing the token
	HeaderName string `yaml:"header_name,omitempty"` // Header name for API key auth (default: "Authorization")
}

A2AAuth contains authentication configuration for A2A connections.

type A2AConfig 

type A2AConfig struct {
	Enabled bool       `yaml:"enabled,omitempty"` // Enable A2A exposure (default: true when block present)
	Version string     `yaml:"version,omitempty"` // Agent version (default: "1.0.0")
	Skills  []A2ASkill `yaml:"skills,omitempty"`  // Skills this agent exposes
}

A2AConfig defines A2A protocol settings for exposing an agent via A2A. Experimental: may change without notice.

type A2ASkill 

type A2ASkill struct {
	ID          string   `yaml:"id"`
	Name        string   `yaml:"name"`
	Description string   `yaml:"description,omitempty"`
	Tags        []string `yaml:"tags,omitempty"`
}

A2ASkill represents a capability the agent can perform.

type Agent 

type Agent struct {
	Name           string            `yaml:"name"`
	Image          string            `yaml:"image,omitempty"`
	Source         *Source           `yaml:"source,omitempty"`
	Description    string            `yaml:"description,omitempty"`
	Capabilities   []string          `yaml:"capabilities,omitempty"`
	Uses           []ToolSelector    `yaml:"uses"`                      // References mcp-servers or agents by name
	EquippedSkills []ToolSelector    `yaml:"equipped_skills,omitempty"` // Alias for Uses (merged during load)
	Env            map[string]string `yaml:"env,omitempty"`
	BuildArgs      map[string]string `yaml:"build_args,omitempty"`
	Network        string            `yaml:"network,omitempty"` // Network to join (for multi-network mode)
	Command        []string          `yaml:"command,omitempty"` // Override container entrypoint
	Runtime        string            `yaml:"runtime,omitempty"` // Headless runtime (e.g., "claude-code")
	Prompt         string            `yaml:"prompt,omitempty"`  // System prompt for headless agents
	A2A            *A2AConfig        `yaml:"a2a,omitempty"`     // A2A protocol configuration
}

Agent defines an active agent container that consumes MCP tools.

func (*Agent) IsA2AEnabled 

func (a *Agent) IsA2AEnabled() bool

IsA2AEnabled returns true if the agent is exposed via A2A protocol.

func (*Agent) IsHeadless 

func (a *Agent) IsHeadless() bool

IsHeadless returns true if the agent uses a headless runtime.

type AuthConfig 

type AuthConfig struct {
	// Type is the auth mechanism: "bearer" or "api_key".
	Type string `yaml:"type"`
	// Token is the expected token value (supports env var references via $VAR or ${VAR}).
	Token string `yaml:"token"`
	// Header is the header name for api_key auth (default: "Authorization").
	Header string `yaml:"header,omitempty"`
}

AuthConfig configures gateway authentication. When configured, all requests (except /health and /ready) must include a valid token.

type DependencyStatus 

type DependencyStatus struct {
	Status  string   `json:"status"` // "resolved", "missing"
	Missing []string `json:"missing,omitempty"`
}

DependencyStatus summarizes skill dependency resolution.

type DiffAction 

type DiffAction string

DiffAction describes what changed. 

const (
	DiffAdd    DiffAction = "add"
	DiffRemove DiffAction = "remove"
	DiffChange DiffAction = "change"
)

type DiffItem 

type DiffItem struct {
	Action  DiffAction `json:"action"`
	Kind    string     `json:"kind"` // "mcp-server", "agent", "resource", "a2a-agent", "gateway", "network"
	Name    string     `json:"name"`
	Details []string   `json:"details,omitempty"` // human-readable change descriptions
}

DiffItem represents a single change in the plan.

type DriftStatus 

type DriftStatus struct {
	Status  string   `json:"status"` // "in-sync", "drifted", "unknown"
	Added   []string `json:"added,omitempty"`
	Removed []string `json:"removed,omitempty"`
	Changed []string `json:"changed,omitempty"`
}

DriftStatus summarizes drift between spec and running state.

type GatewayConfig 

type GatewayConfig struct {
	// AllowedOrigins lists origins for CORS.
	// When not set, defaults to ["*"] (allow all) for backward compatibility.
	// Set explicit origins to restrict cross-origin access.
	AllowedOrigins []string    `yaml:"allowed_origins,omitempty"`
	Auth           *AuthConfig `yaml:"auth,omitempty"`

	// CodeMode controls whether the gateway replaces individual tool definitions
	// with two meta-tools (search + execute). Values: "off" (default), "on".
	// Experimental: may change without notice.
	CodeMode string `yaml:"code_mode,omitempty"`
	// CodeModeTimeout is the execution timeout in seconds (default: 30).
	// Experimental: may change without notice.
	CodeModeTimeout int `yaml:"code_mode_timeout,omitempty"`

	// OutputFormat sets the default output format for tool call results.
	// Values: "json" (default), "toon", "csv", "text".
	// Per-server output_format overrides this value.
	OutputFormat string `yaml:"output_format,omitempty"`
}

GatewayConfig holds optional gateway-level configuration.

type IssueSeverity 

type IssueSeverity string

IssueSeverity represents the severity level of a validation issue. 

const (
	SeverityError   IssueSeverity = "error"
	SeverityWarning IssueSeverity = "warning"
	SeverityInfo    IssueSeverity = "info"
)

type LoadOption 

type LoadOption func(*loadConfig)

LoadOption configures LoadStack behavior.

func WithVault 

func WithVault(v VaultLookup) LoadOption

WithVault enables ${vault:KEY} resolution during stack loading.

func WithVaultSets 

func WithVaultSets(v VaultSetLookup) LoadOption

WithVaultSets enables secrets.sets injection during stack loading.

type MCPServer 

type MCPServer struct {
	Name         string            `yaml:"name"`
	Image        string            `yaml:"image,omitempty"`
	Source       *Source           `yaml:"source,omitempty"`
	URL          string            `yaml:"url,omitempty"`       // External server URL (no container)
	Port         int               `yaml:"port,omitempty"`      // For HTTP transport (container-based)
	Transport    string            `yaml:"transport,omitempty"` // "http" (default), "stdio", or "sse"
	Command      []string          `yaml:"command,omitempty"`   // Override container command or remote command for SSH
	Env          map[string]string `yaml:"env,omitempty"`
	BuildArgs    map[string]string `yaml:"build_args,omitempty"`
	Network      string            `yaml:"network,omitempty"`       // Network to join (for multi-network mode)
	SSH          *SSHConfig        `yaml:"ssh,omitempty"`           // SSH connection config for remote servers
	OpenAPI      *OpenAPIConfig    `yaml:"openapi,omitempty"`       // OpenAPI spec config for API-backed servers
	Tools        []string          `yaml:"tools,omitempty"`         // Tool whitelist (empty = all tools exposed)
	OutputFormat string            `yaml:"output_format,omitempty"` // Output format override: "json", "toon", "csv", "text"
}

MCPServer defines an MCP server (container-based or external).

func (*MCPServer) IsContainerBased 

func (s *MCPServer) IsContainerBased() bool

IsContainerBased returns true if this MCP server requires a container runtime.

func (*MCPServer) IsExternal 

func (s *MCPServer) IsExternal() bool

IsExternal returns true if this is an external MCP server (URL-only, no container).

func (*MCPServer) IsLocalProcess 

func (s *MCPServer) IsLocalProcess() bool

IsLocalProcess returns true if this is a local process MCP server (command-only, no container).

func (*MCPServer) IsOpenAPI 

func (s *MCPServer) IsOpenAPI() bool

IsOpenAPI returns true if this is an OpenAPI-based MCP server.

func (*MCPServer) IsSSH 

func (s *MCPServer) IsSSH() bool

IsSSH returns true if this is an SSH-based MCP server (ssh config with command).

type Network 

type Network struct {
	Name   string `yaml:"name"`
	Driver string `yaml:"driver"`
}

Network defines the Docker network configuration.

type OpenAPIAuth 

type OpenAPIAuth struct {
	Type     string `yaml:"type"`               // "bearer" or "header"
	TokenEnv string `yaml:"tokenEnv,omitempty"` // Env var name containing bearer token (for type: bearer)
	Header   string `yaml:"header,omitempty"`   // Header name (for type: header, e.g., "X-API-Key")
	ValueEnv string `yaml:"valueEnv,omitempty"` // Env var name containing header value (for type: header)
}

OpenAPIAuth defines authentication for OpenAPI HTTP requests.

type OpenAPIConfig 

type OpenAPIConfig struct {
	Spec       string            `yaml:"spec"`                 // URL or local file path to OpenAPI spec (JSON or YAML)
	BaseURL    string            `yaml:"baseUrl,omitempty"`    // Override the server URL from the spec
	Auth       *OpenAPIAuth      `yaml:"auth,omitempty"`       // Authentication configuration
	Operations *OperationsFilter `yaml:"operations,omitempty"` // Filter which operations become tools
}

OpenAPIConfig defines an MCP server backed by an OpenAPI specification. The spec is parsed and each operation becomes an MCP tool.

type OperationsFilter 

type OperationsFilter struct {
	Include []string `yaml:"include,omitempty"` // Operation IDs to include (whitelist)
	Exclude []string `yaml:"exclude,omitempty"` // Operation IDs to exclude (blacklist)
}

OperationsFilter defines which OpenAPI operations to include or exclude. Only one of Include or Exclude should be specified.

type PlanDiff 

type PlanDiff struct {
	HasChanges bool       `json:"hasChanges"`
	Items      []DiffItem `json:"items"`
	Summary    string     `json:"summary"`
}

PlanDiff is the complete diff between two stack specs.

func ComputePlan 

func ComputePlan(proposed, current *Stack) *PlanDiff

ComputePlan compares a new spec against the currently running spec and returns a structured diff.

type Resolver 

type Resolver func(name string) (string, bool)

Resolver looks up a variable by name. Returns value and whether it exists.

func EnvResolver 

func EnvResolver() Resolver

EnvResolver returns a resolver that checks os.LookupEnv.

func VaultResolver 

func VaultResolver(vault VaultLookup) Resolver

VaultResolver returns a resolver that checks vault first, then env.

type Resource 

type Resource struct {
	Name    string            `yaml:"name"`
	Image   string            `yaml:"image"`
	Env     map[string]string `yaml:"env,omitempty"`
	Ports   []string          `yaml:"ports,omitempty"`
	Volumes []string          `yaml:"volumes,omitempty"`
	Network string            `yaml:"network,omitempty"` // Network to join (for multi-network mode)
}

Resource defines a supporting container (database, cache, etc).

type SSHConfig 

type SSHConfig struct {
	Host         string `yaml:"host"`                   // Required: hostname or IP address
	User         string `yaml:"user"`                   // Required: SSH username
	Port         int    `yaml:"port,omitempty"`         // Optional: SSH port (default 22)
	IdentityFile string `yaml:"identityFile,omitempty"` // Optional: path to SSH private key
}

SSHConfig defines SSH connection parameters for remote MCP servers.

type Secrets 

type Secrets struct {
	Sets []string `yaml:"sets,omitempty" json:"sets,omitempty"`
}

Secrets configures automatic secret injection from variable sets.

type Source 

type Source struct {
	Type       string `yaml:"type"` // "git" or "local"
	URL        string `yaml:"url,omitempty"`
	Ref        string `yaml:"ref,omitempty"`
	Path       string `yaml:"path,omitempty"`
	Dockerfile string `yaml:"dockerfile,omitempty"`
}

Source defines how to build an MCP server from source code.

type SpecHealth 

type SpecHealth struct {
	Validation   ValidationStatus `json:"validation"`
	Drift        DriftStatus      `json:"drift"`
	Dependencies DependencyStatus `json:"dependencies"`
}

SpecHealth aggregates validation, drift, and dependency status.

type Stack 

type Stack struct {
	Version    string         `yaml:"version"`
	Name       string         `yaml:"name"`
	Gateway    *GatewayConfig `yaml:"gateway,omitempty"`
	Secrets    *Secrets       `yaml:"secrets,omitempty"`  // Variable set references
	Network    Network        `yaml:"network"`            // Single network (simple mode)
	Networks   []Network      `yaml:"networks,omitempty"` // Multiple networks (advanced mode)
	MCPServers []MCPServer    `yaml:"mcp-servers"`
	Agents     []Agent        `yaml:"agents,omitempty"` // Active agents that consume MCP tools
	Resources  []Resource     `yaml:"resources,omitempty"`
	A2AAgents  []A2AAgent     `yaml:"a2a-agents,omitempty"` // External A2A agents for agent-to-agent communication
}

Stack represents the complete gridctl configuration.

func LoadStack 

func LoadStack(path string, opts ...LoadOption) (*Stack, error)

LoadStack reads and parses a stack file.

func (*Stack) ContainerWorkloads 

func (s *Stack) ContainerWorkloads() []string

ContainerWorkloads returns human-readable descriptions of workloads that require a container runtime.

func (*Stack) NeedsContainerRuntime 

func (s *Stack) NeedsContainerRuntime() bool

NeedsContainerRuntime returns true if the stack has workloads requiring a container runtime.

func (*Stack) NonContainerWorkloads 

func (s *Stack) NonContainerWorkloads() []string

NonContainerWorkloads returns human-readable descriptions of workloads that work without a container runtime.

func (*Stack) SetDefaults 

func (s *Stack) SetDefaults()

SetDefaults applies default values to the stack.

type ToolSelector 

type ToolSelector struct {
	Server string   `yaml:"server" json:"server"`                   // MCP server or A2A agent name
	Tools  []string `yaml:"tools,omitempty" json:"tools,omitempty"` // Tool whitelist (empty = all tools from this server)
}

ToolSelector specifies which tools an agent can access from an MCP server. Supports both string format (server name only) and object format (server + tools).

func (*ToolSelector) UnmarshalYAML 

func (ts *ToolSelector) UnmarshalYAML(node *yaml.Node) error

UnmarshalYAML implements custom YAML unmarshaling for ToolSelector. This allows both string format (legacy) and object format (new).

String format (legacy): 

uses:
  - server-name

Object format (new): 

uses:
  - server: server-name
    tools: ["tool1", "tool2"]

type ValidationError 

type ValidationError struct {
	Field   string
	Message string
}

ValidationError represents a configuration validation error.

func (ValidationError) Error 

func (e ValidationError) Error() string

type ValidationErrors 

type ValidationErrors []ValidationError

ValidationErrors is a collection of validation errors.

func (ValidationErrors) Error 

func (e ValidationErrors) Error() string

type ValidationIssue 

type ValidationIssue struct {
	Field    string        `json:"field"`
	Message  string        `json:"message"`
	Severity IssueSeverity `json:"severity"`
}

ValidationIssue is a validation finding with severity level.

type ValidationResult 

type ValidationResult struct {
	Valid        bool              `json:"valid"`
	ErrorCount   int               `json:"errorCount"`
	WarningCount int               `json:"warningCount"`
	Issues       []ValidationIssue `json:"issues"`
}

ValidationResult holds the complete output of spec validation.

func ValidateWithIssues 

func ValidateWithIssues(s *Stack) *ValidationResult

ValidateWithIssues runs full validation and returns structured issues with severity. This wraps the existing Validate() and adds warning-level checks.

type ValidationStatus 

type ValidationStatus struct {
	Status       string `json:"status"` // "valid", "warnings", "errors"
	ErrorCount   int    `json:"errorCount"`
	WarningCount int    `json:"warningCount"`
}

ValidationStatus summarizes the spec validation state.

type VaultLookup 

type VaultLookup interface {
	Get(key string) (string, bool)
}

VaultLookup is the interface the vault store must satisfy.

type VaultSecret 

type VaultSecret struct {
	Key   string
	Value string
}

VaultSecret is a minimal secret view for set lookups.

type VaultSetLookup 

type VaultSetLookup interface {
	VaultLookup
	GetSetSecrets(setName string) []VaultSecret
}

VaultSetLookup extends VaultLookup with set operations for secrets.sets support.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.