diff --git a/docs/envgene-objects.md b/docs/envgene-objects.md index d598cf25e..4648931cd 100644 --- a/docs/envgene-objects.md +++ b/docs/envgene-objects.md @@ -31,6 +31,7 @@ - [Environment Credentials File](#environment-credentials-file) - [Shared Credentials File](#shared-credentials-file) - [System Credentials File (in Instance repository)](#system-credentials-file-in-instance-repository) + - [Shared Template Variable Files](#shared-template-variable-files) - [Environment Specific ParameterSet](#environment-specific-parameterset) - [Environment Specific Resource Profile Override](#environment-specific-resource-profile-override) - [Cloud Passport](#cloud-passport) @@ -1134,6 +1135,40 @@ gitlab-token-cred: secret: "token-placeholder-123" ``` +### Shared Template Variable Files + +This file includes template variables that can be shared across multiple environments. During Environment Instance generation, EnvGene automatically merges variables from these shared files with `additionalTemplateVariables` from the [Environment Inventory](/docs/envgene-configs.md#env_definitionyml). + +The relationship between Shared Template Variable Files and Environment is established through: + +- The `envTemplate.sharedTemplateVariables` property in [Environment Inventory](/docs/envgene-configs.md#env_definitionyml) +- The property value should be the filename (without extension) of the Shared Template Variable File + +Files can be defined at three scopes with different precedence: + +1. **Environment-level** + **Location:** `/environments///shared-template-variables/` +2. **Cluster-level** + **Location:** `/environments//shared-template-variables/` +3. **Site-level** + **Location:** `/environments/shared-template-variables/` + +EnvGene checks these locations in order (environment → cluster → site) and uses the first matching file found. + +The file must contain a key-value hashmap and must NOT be located in a `parameters` directory. + +During Environment Instance generation, variables from Shared Template Variable Files are merged with `additionalTemplateVariables` from the Environment Inventory. Variables from `additionalTemplateVariables` take precedence over variables from Shared Template Variable Files if there are conflicts. + +**Example:** + +```yaml +TEMPLATE_VARIABLE_1: "value-1" +TEMPLATE_VARIABLE_2: "value-2" +nested: + key1: "nested-value-1" + key2: "nested-value-2" +``` + ### Environment Specific ParameterSet TBD diff --git a/docs/features/env-inventory-generation.md b/docs/features/env-inventory-generation.md index e107283c1..bb64ff54d 100644 --- a/docs/features/env-inventory-generation.md +++ b/docs/features/env-inventory-generation.md @@ -8,62 +8,316 @@ - [Goals](#goals) - [Proposed Approach](#proposed-approach) - [Instance Repository Pipeline Parameters](#instance-repository-pipeline-parameters) - - [ENV\_SPECIFIC\_PARAMS](#env_specific_params) - - [ENV\_SPECIFIC\_PARAMS Example](#env_specific_params-example) - - [Generated Environment Inventory Examples](#generated-environment-inventory-examples) + - [`ENV_INVENTORY_CONTENT`](#env_inventory_content) + - [Actions](#actions) + - [Paths by place](#paths-by-place) + - [Processing Model](#processing-model) + - [Validations](#validations) + - [Full `ENV_INVENTORY_CONTENT` Example](#full-env_inventory_content-example) + - [ENV\_INVENTORY\_CONTENT in JSON-in-string format](#env_inventory_content-in-json-in-string-format) + - [`ENV_SPECIFIC_PARAMS`](#env_specific_params) + - [`ENV_SPECIFIC_PARAMS` Example](#env_specific_params-example) + - [Example of Generated Result with `ENV_INVENTORY_CONTENT`](#example-of-generated-result-with-env_inventory_content) + - [Generated Result with `ENV_INVENTORY_CONTENT` (new files)](#generated-result-with-env_inventory_content-new-files) + - [Environment Inventory (`env_definition.yml`)](#environment-inventory-env_definitionyml) + - [Parameter Sets](#parameter-sets) + - [Credentials](#credentials) + - [Resource Profile Overrides](#resource-profile-overrides) + - [Shared Template Variable Files](#shared-template-variable-files) + - [Generated Result when the target file already exists](#generated-result-when-the-target-file-already-exists) + - [env\_definition file already exists](#env_definition-file-already-exists) + - [Existing env\_definition file](#existing-env_definition-file) + - [Input request (ENV\_INVENTORY\_CONTENT)](#input-request-env_inventory_content) + - [Result `env_definition.yml`](#result-env_definitionyml) + - [Parameter Sets file already exists](#parameter-sets-file-already-exists) + - [Existing Parameter Set file](#existing-parameter-set-file) + - [Input request (paramSets)](#input-request-paramsets) + - [Result Parameter Sets](#result-parameter-sets) + - [Example of Generated Result with `ENV_SPECIFIC_PARAMS`](#example-of-generated-result-with-env_specific_params) - [Minimal Environment Inventory](#minimal-environment-inventory) - [Environment Inventory with env-specific parameters](#environment-inventory-with-env-specific-parameters) ## Problem Statements -Current implementations of EnvGene require manual creation of Environment Inventories via working directly with repositories. While external systems can abstract this complexity for their users, EnvGene lacks interface to support such automation for external systems. +Current implementations of EnvGene require manual creation of Environment Inventories via working directly with repositories, and also related Inventory objects such as Parameter Sets, Credentials, Resource Profile Overrides and Shared Template Variable Files. While external systems can abstract this complexity for their users, EnvGene lacks an interface to support such automation for external systems. ### Goals -Develop a interface in EnvGene that enables external systems to create Environment Inventories without direct repository manipulation +Develop an interface in EnvGene that enables external systems to create/replace and delete Environment Inventory and related objects without direct manual repository manipulation, including support for placing files on different levels (site/cluster/env). ## Proposed Approach -It is proposed implementing an EnvGene feature for Environment Inventory generation with a corresponding interface that will allow external systems to create Environment Inventories. +It is proposed to implement an EnvGene feature for Environment Inventory generation with a corresponding interface that will allow external systems to create Environment Inventories. -The external system will initiate Environment Inventory generation by triggering the instance pipeline, passing required variables via the newly introduced [parameters](#instance-repository-pipeline-parameters). The target Environment for Inventory generation is determined by the `ENV_NAMES` attribute. Generating Inventories for multiple Environments in a single pipeline run is not supported. +The external system will initiate Environment Inventory generation by triggering the Instance pipeline, passing required variables via the newly introduced [parameters](#instance-repository-pipeline-parameters). The target Environment for Inventory generation is determined by the `ENV_NAMES` attribute. Generating Inventories for multiple Environments in a single pipeline run **is not supported**. -The solution supports creation of: +The solution supports creation/replace and delete of: -- Environment Inventory -- Environment-specific Parameter Sets -- Credentials - -The created objects are validated according to the corresponding schemes. +- [Environment Inventory](/docs/envgene-configs.md#env_definitionyml) (`env_definition.yml`) +- [Environment-specific Parameter Sets](/docs/envgene-objects.md#environment-specific-parameterset) +- [Shared Credentials](/docs/envgene-objects.md#shared-credentials-file) +- [Resource Profile Overrides](/docs/envgene-objects.md#resource-profile-override) +- [Shared Template Variable Files](/docs/envgene-objects.md#shared-template-variable-files) Generation will occur in a dedicated job within the Instance repository pipeline. The generated Environment Inventory must be reused by other jobs in the same pipeline. In order to be able to generate an Environment Inventory and get an Environment Instance or Effective Set in a single run of the pipeline. To make this possible, it must be executed before any jobs that consume the inventory. -When the inventory already exists, update rules vary depending on parameters. See details in [ENV_SPECIFIC_PARAMS](#env_specific_params) +`ENV_INVENTORY_CONTENT` is the primary way to manage Inventory via pipeline. It allows external systems to create, fully replace and delete `env_definition.yml` and related Inventory objects. The parameter also supports creating files on different levels (`site`, `cluster`, `env`) via the `place` field. + +> **Note** +> If `ENV_TEMPLATE_VERSION` is provided in the instance pipeline, it has higher priority than the template version specified in `env_definition.yml` + +`ENV_SPECIFIC_PARAMS` and `ENV_INVENTORY_INIT` are legacy parameters and are deprecated. They do not cover the full set of Inventory management scenarios, therefore new integrations should use `ENV_INVENTORY_CONTENT`. ### Instance Repository Pipeline Parameters | Parameter | Type | Mandatory | Description | Example | -|-----------|-------------|------|---------|----------| -| `ENV_INVENTORY_INIT` | string | no | If `true`, the new Env Inventory will be generated in the path `/environments///Inventory/env_definition.yml`. If `false` can be updated only | `true` OR `false` | -| `ENV_SPECIFIC_PARAMS` | JSON in string | no | If specified, Env Inventory is updated. See details in [ENV_SPECIFIC_PARAMS](#env_specific_params) | See [example below](#env_specific_params-example) | +| ----------- | ------------- | ------ | --------- | ---------- | +| `ENV_INVENTORY_CONTENT` | JSON in string | no | Allows to create/ replace, delete `env_definition.yml` and related Inventory objects. Must be valid according to [JSON schema](/schemas/env-inventory-content.schema.json). See details in [ENV_INVENTORY_CONTENT](#env_inventory_content) | See [example below](#full-env_inventory_content-example) | +| `ENV_INVENTORY_INIT` | string | no | **Deprecated**. If `true`, the new Environment Inventory will be generated in the path `/environments///Inventory/env_definition.yml`. If `false` can be updated only | `true` OR `false` | +| `ENV_SPECIFIC_PARAMS` | JSON in string | no | **Deprecated**. If specified, Environment Inventory is updated. See details in [ENV_SPECIFIC_PARAMS](#env_specific_params) | See [example below](#env_specific_params-example) | -#### ENV_SPECIFIC_PARAMS +#### `ENV_INVENTORY_CONTENT` | Field | Type | Mandatory | Description | Example | -|-------|-------------|------|---------|----------| +| --- | --- | --- | --- | --- | +| `envDefinition` | object | no | Block that controls `env_definition.yml` | | +| `envDefinition.action` | enum [`create_or_replace`, `delete`] | yes | Operation mode for `env_definition.yml`. See [Actions](#actions) | `create_or_replace` | +| `envDefinition.content` | object | no | Full content of `env_definition.yml`. Must be valid according [schema](/schemas/env-definition.schema.json). See details in [env_definition](/docs/envgene-configs.md#env_definitionyml) | See [example below](#full-env_inventory_content-example) | +| `paramSets` | array | no | Block that controls Parameter Set file operations. | See [example below](#full-env_inventory_content-example) | +| `paramSets[].action` | enum [`create_or_replace`, `delete`] | yes | Operation mode for the target Parameter Set file. See [Actions](#actions) | `create_or_replace` | +| `paramSets[].place` | enum[`site`,`cluster`,`env`] | yes | Defines where the Parameter Set file is stored. See [Paths by place](#paths-by-place) | `env` | +| `paramSets[].content` | hashmap | no | Parameter Set definition as file content. Must be valid according [schema](/schemas/paramset.schema.json) | See [example below](#full-env_inventory_content-example) | +| `credentials` | array | no | Block that controls Shared Credentials operations | See [example below](#full-env_inventory_content-example) | +| `credentials[].action` | enum [`create_or_replace`, `delete`] | yes | Operation mode for the Shared Credentials file. See [Actions](#actions) | `create_or_replace` | +| `credentials[].place` | enum[`site`,`cluster`,`env`] | yes | Defines where the Shared Credentials file is stored. See [Paths by place](#paths-by-place) | `site` | +| `credentials[].content` | hashmap | no | Shared Credential as file content. Must be valid according [schema](/schemas/credential.schema.json) | See [example below](#full-env_inventory_content-example) | +| `resourceProfiles` | array | no | List of Resource Profile Override operations | See [example below](#full-env_inventory_content-example) | +| `resourceProfiles[].action` | enum [`create_or_replace`, `delete`] | yes | Operation mode for the Resource Profile Override file. See [Actions](#actions) | `create_or_replace` | +| `resourceProfiles[].place` | enum[`site`,`cluster`,`env`] | yes | Defines where the Resource Profile Override file is stored. See [Paths by place](#paths-by-place) | `cluster` | +| `resourceProfiles[].content` | hashmap | no | Resource Profile Override as file content. Must be valid according [schema](/schemas/resource-profile.schema.json) | See [example below](#full-env_inventory_content-example) | +| `sharedTemplateVariables` | array | no | Block that controls Shared Template Variable File operations | See [example below](#full-env_inventory_content-example) | +| `sharedTemplateVariables[].action` | enum [`create_or_replace`, `delete`] | yes | Operation mode for the Shared Template Variable File. See [Actions](#actions) | `create_or_replace` | +| `sharedTemplateVariables[].place` | enum[`site`,`cluster`,`env`] | yes | Defines where the Shared Template Variable File is stored. See [Paths by place](#paths-by-place) | `site` | +| `sharedTemplateVariables[].name` | string | yes | Name of the Shared Template Variable File (without extension). The file will be saved as `.yml` | `prod-template-variables` | +| `sharedTemplateVariables[].content` | hashmap | no | Shared Template Variable File content as key-value hashmap. Must NOT be located in a `parameters` directory | See [example below](#full-env_inventory_content-example) | + +##### Actions + +The `action` field defines the operation mode for Inventory objects. + +| Action | Description | +| --- | --- | +| `create_or_replace` | Creates the file if not exist; if the file exists, fully replaces it. All required directories in the path are created automatically if they don't exist | +| `delete` | Deletes the target file if it exists. For `envDefinition`, the entire environment directory `/environments///` is removed. For other object types, only the file is deleted; directories are not removed | + +##### Paths by place + +The pipeline handles Inventory files in the **Instance repository**. +The exact target folder depends on the object type and the `place` value. + +| Object | place=env | place=cluster | place=site | +| --- | --- | --- | --- | +| `envDefinition` | `/environments///Inventory/env_definition.yml` (fixed) | n/a | n/a | +| Parameter Set file | `/environments///Inventory/parameters/.yml` | `/environments//parameters/.yml` | `/environments/parameters/.yml` | +| Shared Credentials file | `/environments///Inventory/credentials/.yml` | `/environments//credentials/.yml` | `/environments/credentials/.yml` | +| Resource Profile Override file | `/environments///Inventory/resource_profiles/.yml` | `/environments//resource_profiles/.yml` | `/environments/resource_profiles/.yml` | +| Shared Template Variable File | `/environments///shared_template_variables/.yml` | `/environments//shared_template_variables/.yml` | `/environments/shared_template_variables/.yml` | + +##### Processing Model + +All operations specified in `ENV_INVENTORY_CONTENT` are processed atomically: either all requested changes are applied successfully, or none of them are applied. If any validation fails or any operation encounters an error, the entire transaction is rolled back and no files are modified. + +The order in which different object types are processed is not guaranteed and may vary. Objects within the same type (e.g., multiple items in `paramSets` array) are also processed in an arbitrary order. + +##### Validations + +Before processing any files, the system performs the following validations: + +**Parameter exclusivity validation:** + +If both `ENV_INVENTORY_CONTENT` and any of `ENV_INVENTORY_INIT` or `ENV_SPECIFIC_PARAMS` are provided, validation fails + +**JSON schema validation:** + +`ENV_INVENTORY_CONTENT` is validated against the [JSON schema](/schemas/env-inventory-content.schema.json) + +If any validation fails, the pipeline stops with a readable validation error in logs and no files are modified. + +##### Full `ENV_INVENTORY_CONTENT` Example + +This example shows how to generate a new Environment Inventory (`env_definition.yml`) and create related objects in the Instance repository: Parameter Sets, Credentials, Resource Profile Overrides, and Shared Template Variable Files. + +```json +{ + "envDefinition": { + "action": "create_or_replace", + "content": { + "inventory": { + "environmentName": "env-1", + "tenantName": "Applications", + "cloudName": "cluster-1", + "description": "Full sample", + "owners": "Qubership team", + "config": { + "updateRPOverrideNameWithEnvName": false, + "updateCredIdsWithEnvName": true + } + }, + "envTemplate": { + "name": "composite-prod", + "artifact": "project-env-template:master_20231024-080204", + "additionalTemplateVariables": { + "ci": { + "CI_PARAM_1": "ci-param-val-1", + "CI_PARAM_2": "ci-param-val-2" + }, + "e2eParameters": { + "E2E_PARAM_1": "e2e-param-val-1", + "E2E_PARAM_2": "e2e-param-val-2" + } + }, + "sharedTemplateVariables": [ + "prod-template-variables", + "sample-cloud-template-variables" + ], + "envSpecificParamsets": { + "bss": [ + "env-specific-bss" + ] + }, + "envSpecificTechnicalParamsets": { + "bss": [ + "env-specific-tech" + ] + }, + "envSpecificE2EParamsets": { + "cloud": [ + "cloud-level-params" + ] + }, + "sharedMasterCredentialFiles": [ + "prod-integration-creds" + ], + "envSpecificResourceProfiles": { + "cloud": + "cloud-specific-profile" + } + } + } + }, + "paramSets": [ + { + "action": "create_or_replace", + "place": "env", + "content": { + "version": 1, + "name": "env-specific-bss", + "parameters": { + "key": "value" + }, + "applications": [] + } + } + ], + "credentials": [ + { + "action": "create_or_replace", + "place": "site", + "content": { + "prod-integration-creds": { + "type": "", + "data": { + "username": "", + "password": "" + } + } + } + } + ], + "resourceProfiles": [ + { + "action": "create_or_replace", + "place": "cluster", + "content": { + "name": "cloud-specific-profile", + "baseline": "dev", + "description": "", + "applications": [ + { + "name": "core", + "version": "release-20241103.225817", + "sd": "", + "services": [ + { + "name": "operator", + "parameters": [ + { + "name": "GATEWAY_MEMORY_LIMIT", + "value": "96Mi" + }, + { + "name": "GATEWAY_CPU_REQUEST", + "value": "50m" + } + ] + } + ] + } + ], + "version": 0 + } + } + ], + "sharedTemplateVariables": [ + { + "action": "create_or_replace", + "place": "site", + "name": "prod-template-variables", + "content": { + "TEMPLATE_VAR_1": "prod-value-1", + "TEMPLATE_VAR_2": "prod-value-2", + "nested": { + "key1": "nested-prod-value-1", + "key2": "nested-prod-value-2" + } + } + }, + { + "action": "create_or_replace", + "place": "cluster", + "name": "sample-cloud-template-variables", + "content": { + "CLOUD_VAR_1": "cloud-value-1", + "CLOUD_VAR_2": "cloud-value-2" + } + } + ] +} +``` + +##### ENV_INVENTORY_CONTENT in JSON-in-string format + +```json +"{\"envDefinition\":{\"action\":\"create_or_replace\",\"content\":{\"inventory\":{\"environmentName\":\"env-1\",\"tenantName\":\"Applications\",\"cloudName\":\"cluster-1\",\"description\":\"Fullsample\",\"owners\":\"Qubershipteam\",\"config\":{\"updateRPOverrideNameWithEnvName\":false,\"updateCredIdsWithEnvName\":true}},\"envTemplate\":{\"name\":\"composite-prod\",\"artifact\":\"project-env-template:master_20231024-080204\",\"additionalTemplateVariables\":{\"ci\":{\"CI_PARAM_1\":\"ci-param-val-1\",\"CI_PARAM_2\":\"ci-param-val-2\"},\"e2eParameters\":{\"E2E_PARAM_1\":\"e2e-param-val-1\",\"E2E_PARAM_2\":\"e2e-param-val-2\"}},\"sharedTemplateVariables\":[\"prod-template-variables\",\"sample-cloud-template-variables\"],\"envSpecificParamsets\":{\"bss\":[\"env-specific-bss\"]},\"envSpecificTechnicalParamsets\":{\"bss\":[\"env-specific-tech\"]},\"envSpecificE2EParamsets\":{\"cloud\":[\"cloud-level-params\"]},\"sharedMasterCredentialFiles\":[\"prod-integration-creds\"],\"envSpecificResourceProfiles\":{\"cloud\":\"cloud-specific-profile\"}}}},\"paramSets\":[{\"action\":\"create_or_replace\",\"place\":\"env\",\"content\":{\"version\":1,\"name\":\"env-specific-bss\",\"parameters\":{\"key\":\"value\"},\"applications\":[]}}],\"credentials\":[{\"action\":\"create_or_replace\",\"place\":\"site\",\"content\":{\"prod-integration-creds\":{\"type\":\"\",\"data\":{\"username\":\"\",\"password\":\"\"}}}}],\"resourceProfiles\":[{\"action\":\"create_or_replace\",\"place\":\"cluster\",\"content\":{\"name\":\"cloud-specific-profile\",\"baseline\":\"dev\",\"description\":\"\",\"applications\":[{\"name\":\"core\",\"version\":\"release-20241103.225817\",\"sd\":\"\",\"services\":[{\"name\":\"operator\",\"parameters\":[{\"name\":\"GATEWAY_MEMORY_LIMIT\",\"value\":\"96Mi\"},{\"name\":\"GATEWAY_CPU_REQUEST\",\"value\":\"50m\"}]}]}],\"version\":0}}],\"sharedTemplateVariables\":[{\"action\":\"create_or_replace\",\"place\":\"site\",\"name\":\"prod-template-variables\",\"content\":{\"TEMPLATE_VAR_1\":\"prod-value-1\",\"TEMPLATE_VAR_2\":\"prod-value-2\",\"nested\":{\"key1\":\"nested-prod-value-1\",\"key2\":\"nested-prod-value-2\"}}},{\"action\":\"create_or_replace\",\"place\":\"cluster\",\"name\":\"sample-cloud-template-variables\",\"content\":{\"CLOUD_VAR_1\":\"cloud-value-1\",\"CLOUD_VAR_2\":\"cloud-value-2\"}}]}" +``` + +#### `ENV_SPECIFIC_PARAMS` + +| Field | Type | Mandatory | Description | Example | +| ------- | ------------- | ------ | --------- | ---------- | | `clusterParams` | hashmap | no | Cluster connection parameters | None | -| `clusterParams.clusterEndpoint` | string | no | System **overrides** the value of `inventory.clusterUrl` in corresponding Env Inventory | `https://api.cluster.example.com:6443` | -| `clusterParams.clusterToken` | string | no | System **adds** Credential in the `/environments///Credentials/inventory_generation_creds.yml`. If Credential already exists, the value will **not be overridden**. System also creates an association with the credential file in corresponding Env Inventory via `envTemplate.sharedMasterCredentialFiles` | None | -| `additionalTemplateVariables` | hashmap | no | System **merges** the value into `envTemplate.additionalTemplateVariables` in corresponding Env Inventory | `{"keyA": "valueA", "keyB": "valueB"}` | -| `cloudName` | string | no | System **overrides** the value of `inventory.cloudName` in corresponding Env Inventory | `cloud01` | -| `tenantName` | string | no | System **overrides** the value of `inventory.tenantName` in corresponding Env Inventory | `Application` | -| `deployer` | string | no | System **overrides** the value of `inventory.deployer` in corresponding Env Inventory | `abstract-CMDB-1` | -| `envSpecificParamsets` | hashmap | no | System **merges** the value into envTemplate.envSpecificParamsets in corresponding Env Inventory | See [example](#env_specific_params-example) | -| `paramsets` | hashmap | no | System creates Parameter Set file for each first level key in the path `environments///Inventory/parameters/KEY-NAME.yml`. If Parameter Set already exists, the value will be **overridden** | See [example](#env_specific_params-example) | -| `credentials` | hashmap | no | System **adds** Credential object for each first level key in the `/environments///credentials/inventory_generation_creds.yml`. If Credential already exists, the value will be **overridden**. System also creates an association with the credential file in corresponding Env Inventory via `envTemplate.sharedMasterCredentialFiles` | See [example](#env_specific_params-example) | - -##### ENV_SPECIFIC_PARAMS Example +| `clusterParams.clusterEndpoint` | string | no | System **overrides** the value of `inventory.clusterUrl` in corresponding Environment Inventory | `https://api.cluster.example.com:6443` | +| `clusterParams.clusterToken` | string | no | System **adds** Credential in the `/environments///Inventory/credentials/inventory_generation_creds.yml`. If Credential already exists, the value will **not be overridden**. System also creates an association with the credential file in corresponding Environment Inventory via `envTemplate.sharedMasterCredentialFiles` | None | +| `additionalTemplateVariables` | hashmap | no | System **merges** the value into `envTemplate.additionalTemplateVariables` in corresponding Environment Inventory | `{"keyA": "valueA", "keyB": "valueB"}` | +| `cloudName` | string | no | System **overrides** the value of `inventory.cloudName` in corresponding Environment Inventory | `cloud01` | +| `tenantName` | string | no | System **overrides** the value of `inventory.tenantName` in corresponding Environment Inventory | `Application` | +| `deployer` | string | no | System **overrides** the value of `inventory.deployer` in corresponding Environment Inventory | `abstract-CMDB-1` | +| `envSpecificParamsets` | hashmap | no | System **merges** the value into `envTemplate.envSpecificParamsets` in corresponding Environment Inventory | See [example](#env_specific_params-example) | +| `paramsets` | hashmap | no | System creates Parameter Set file for each first level key in the path `/environments///Inventory/parameters/KEY-NAME.yml`. If Parameter Set already exists, the value will be **overridden** | See [example](#env_specific_params-example) | +| `credentials` | hashmap | no | System **adds** Credential object for each first level key in the `/environments///Inventory/credentials/inventory_generation_creds.yml`. If Credential already exists, the value will be **overridden**. System also creates an association with the credential file in corresponding Environment Inventory via `envTemplate.sharedMasterCredentialFiles` | See [example](#env_specific_params-example) | + +##### `ENV_SPECIFIC_PARAMS` Example ```json { @@ -128,12 +382,262 @@ When the inventory already exists, update rules vary depending on parameters. Se } ``` -### Generated Environment Inventory Examples +### Example of Generated Result with `ENV_INVENTORY_CONTENT` + +#### Generated Result with `ENV_INVENTORY_CONTENT` (new files) + +##### Environment Inventory (`env_definition.yml`) + +**Result:** `env_definition.yml` is generated from envDefinition.content. + +```yaml +# /environments///Inventory/env_definition.yml + +inventory: + environmentName: "env-1" + tenantName: "Applications" + cloudName: "cluster-1" + description: "Full sample" + owners: "Qubership team" + config: + updateRPOverrideNameWithEnvName: false + updateCredIdsWithEnvName: true + +envTemplate: + name: "composite-prod" + artifact: "project-env-template:master_20231024-080204" + + additionalTemplateVariables: + ci: + CI_PARAM_1: "ci-param-val-1" + CI_PARAM_2: "ci-param-val-2" + e2eParameters: + E2E_PARAM_1: "e2e-param-val-1" + E2E_PARAM_2: "e2e-param-val-2" + + sharedTemplateVariables: + - "prod-template-variables" + - "sample-cloud-template-variables" + + envSpecificParamsets: + bss: + - "env-specific-bss" + + envSpecificTechnicalParamsets: + bss: + - "env-specific-tech" + + envSpecificE2EParamsets: + cloud: + - "cloud-level-params" + + sharedMasterCredentialFiles: + - "prod-integration-creds" + + envSpecificResourceProfiles: + cloud: "cloud-specific-profile" +``` + +##### Parameter Sets + +**Result**: a Parameter Set file is generated from paramSets[].content and stored based on paramSets[].place. + +```yaml +# /environments///Inventory/parameters/env-specific-bss.yml + +version: 1 +name: "env-specific-bss" +parameters: + key: "value" +applications: [] +``` + +##### Credentials + +**Result**: a Credentials file is generated from credentials[].content and stored based on credentials[].place. + +```yaml +# /environments/credentials/prod-integration-creds.yml + +prod-integration-creds: + type: + data: + username: "" + password: "" + +``` + +##### Resource Profile Overrides + +**Result**: a Resource Profile Override file is generated from resourceProfiles[].content and stored based on resourceProfiles[].place. + +```yaml +# /environments//resource_profiles/cloud-specific-profile.yml + +name: "cloud-specific-profile" +baseline: "dev" +description: "" +applications: +- name: "core" + version: "release-20241103.225817" + sd: "" + services: + - name: "operator" + parameters: + - name: "GATEWAY_MEMORY_LIMIT" + value: "96Mi" + - name: "GATEWAY_CPU_REQUEST" + value: "50m" +version: 0 +``` + +##### Shared Template Variable Files + +**Result**: a Shared Template Variable File is generated from sharedTemplateVariables[].content and stored based on sharedTemplateVariables[].place. + +```yaml +# /environments/shared_template_variables/prod-template-variables.yml + +TEMPLATE_VAR_1: "prod-value-1" +TEMPLATE_VAR_2: "prod-value-2" +nested: + key1: "nested-prod-value-1" + key2: "nested-prod-value-2" +``` + +```yaml +# /environments//shared_template_variables/sample-cloud-template-variables.yml + +CLOUD_VAR_1: "cloud-value-1" +CLOUD_VAR_2: "cloud-value-2" +``` + +#### Generated Result when the target file already exists + +##### env_definition file already exists + +###### Existing env_definition file + +```yaml +# /environments///Inventory/env_definition.yml +inventory: + environmentName: "env-1" + tenantName: "Applications" + cloudName: "cluster-1" + +envTemplate: + name: "composite-prod" + artifact: "project-env-template:old" + envSpecificParamsets: + bss: + - "env-specific-bss" +``` + +###### Input request (ENV_INVENTORY_CONTENT) + +```json +{ + "envDefinition": { + "action": "create_or_replace", + "content": { + "inventory": { + "environmentName": "env-1", + "tenantName": "Applications", + "cloudName": "cluster-1", + "description": "Updated description", + "config": { + "updateCredIdsWithEnvName": true + } + }, + "envTemplate": { + "name": "composite-prod", + "artifact": "project-env-template:new", + "envSpecificE2EParamsets": { + "cloud": [ + "cloud-level-params" + ] + }, + "sharedMasterCredentialFiles": [ + "prod-integration-creds" + ] + } + } + } +} +``` + +###### Result `env_definition.yml` + +```yaml +# /environments///Inventory/env_definition.yml +inventory: + environmentName: "env-1" + tenantName: "Applications" + cloudName: "cluster-1" + description: "Updated description" + config: + updateCredIdsWithEnvName: true + +envTemplate: + name: "composite-prod" + artifact: "project-env-template:new" + envSpecificE2EParamsets: + cloud: + - "cloud-level-params" + sharedMasterCredentialFiles: + - "prod-integration-creds" +``` + +##### Parameter Sets file already exists + +###### Existing Parameter Set file + +```yaml +# /environments///Inventory/parameters/env-specific-bss.yml +name: "env-specific-bss" +parameters: + featureFlag: "false" +applications: [] +``` + +###### Input request (paramSets) + +```json +{ + "paramSets": [ + { + "action": "create_or_replace", + "place": "env", + "content": { + "version": 1, + "name": "env-specific-bss", + "parameters": { + "featureFlag": "true" + }, + "applications": [] + } + } + ] +} +``` + +###### Result Parameter Sets + +```yaml +# /environments///Inventory/parameters/env-specific-bss.yml +version: 1 +name: "env-specific-bss" +parameters: + featureFlag: "true" +applications: [] +``` + +### Example of Generated Result with `ENV_SPECIFIC_PARAMS` #### Minimal Environment Inventory ```yaml -# /environments///Inventory/env_definition.yml +# /environments///Inventory/env_definition.yml inventory: environmentName: clusterUrl: @@ -145,7 +649,7 @@ envTemplate: #### Environment Inventory with env-specific parameters ```yaml -# /environments///Inventory/env_definition.yml +# /environments///Inventory/env_definition.yml inventory: environmentName: clusterUrl: @@ -161,7 +665,7 @@ envTemplate: ``` ```yaml -# /environments///Credentials/credentials.yml +# /environments///Credentials/credentials.yml cloud-admin-token: type: "secret" data: @@ -169,7 +673,7 @@ cloud-admin-token: ``` ```yaml -# environments///Inventory/parameters/paramsetA.yml +# /environments///Inventory/parameters/paramsetA.yml paramsetA: version: name: @@ -182,7 +686,7 @@ paramsetA: ``` ```yaml -# environments///Inventory/parameters/paramsetB.yml +# /environments///Inventory/parameters/paramsetB.yml paramsetB: version: name: @@ -192,7 +696,7 @@ paramsetB: ``` ```yaml -# environments///Inventory/credentials/inventory_generation_creds.yml +# /environments///Inventory/credentials/inventory_generation_creds.yml credX: type: data: diff --git a/docs/instance-pipeline-parameters.md b/docs/instance-pipeline-parameters.md index 66814f4ab..d254c3616 100644 --- a/docs/instance-pipeline-parameters.md +++ b/docs/instance-pipeline-parameters.md @@ -9,11 +9,9 @@ - [`CMDB_IMPORT`](#cmdb_import) - [`DEPLOYMENT_TICKET_ID`](#deployment_ticket_id) - [`ENV_TEMPLATE_VERSION`](#env_template_version) - - [`ENV_TEMPLATE_VERSION_ORIGIN`](#env_template_version_origin) - - [`ENV_TEMPLATE_VERSION_PEER`](#env_template_version_peer) - - [`ENV_INVENTORY_INIT`](#env_inventory_init) - - [`ENV_TEMPLATE_NAME`](#env_template_name) + - [`ENV_TEMPLATE_VERSION_UPDATE_MODE`](#env_template_version_update_mode) - [`ENV_SPECIFIC_PARAMS`](#env_specific_params) + - [`ENV_INVENTORY_CONTENT`](#env_inventory_content) - [`GENERATE_EFFECTIVE_SET`](#generate_effective_set) - [`EFFECTIVE_SET_CONFIG`](#effective_set_config) - [`APP_REG_DEFS_JOB`](#app_reg_defs_job) @@ -28,9 +26,6 @@ - [`CRED_ROTATION_PAYLOAD`](#cred_rotation_payload) - [Affected Parameters and Troubleshooting](#affected-parameters-and-troubleshooting) - [`CRED_ROTATION_FORCE`](#cred_rotation_force) - - [`SD_REPO_MERGE_MODE`](#sd_repo_merge_mode) - - [`NS_BUILD_FILTER`](#ns_build_filter) - - [`GITHUB_PIPELINE_API_INPUT`](#github_pipeline_api_input) - [`GH_ADDITIONAL_PARAMS`](#gh_additional_params) - [`BG_MANAGE`](#bg_manage) - [`BG_STATE`](#bg_state) @@ -118,6 +113,30 @@ This parameter serves as a configuration for an extension point. Integration wit **Example**: `env-template:v1.2.3` +### `ENV_TEMPLATE_VERSION_UPDATE_MODE` + +**Description**: Controls how ENV_TEMPLATE_VERSION is applied during the pipeline run. + +**Allowed values**: + +- `PERSISTENT` (default) + Applies the standard behavior: the pipeline updates the template version in Environment Inventory by updating `envTemplate.artifact` (or `envTemplate.templateArtifact.artifact.version`) in `env_definition.yml`. + +- `TEMPORARY` + Applies `ENV_TEMPLATE_VERSION` **only for the current pipeline execution** and **does not** update `envTemplate.artifact` (or `envTemplate.templateArtifact.artifact.version`) in `env_definition.yml`. + The pipeline updates `generatedVersions.generateEnvironmentLatestVersion` in `env_definition.yml` to reflect the template artifact version that was actually applied in this run, for example: + + ```yaml + # env_definition.yml + generatedVersions: + generateEnvironmentLatestVersion: "template-project:feature-diis1125-20251125.045717-2" + +**Default Value**: `PERSISTENT` + +**Mandatory**: No + +**Example**: `PERSISTENT` + ### `ENV_TEMPLATE_VERSION_ORIGIN` **Description**: If provided, system updates the Blue-Green origin template artifact version in the Environment Inventory. System overrides `envTemplate.bgNsArtifacts.origin` at `/environments//Inventory/env_definition.yml` @@ -168,6 +187,8 @@ envTemplate: ... ``` +**Note:** This parameter is deprecated and will be removed in future releases. Use `ENV_INVENTORY_CONTENT`. + **Default Value**: None **Mandatory**: No @@ -178,6 +199,8 @@ envTemplate: **Description**: Specifies Environment Inventory and env-specific parameters. This is can used together with `ENV_INVENTORY_INIT`. **JSON in string** format. See details in [Environment Inventory Generation](/docs/features/env-inventory-generation.md) +**Note:** This parameter is deprecated and will be removed in future releases. Use `ENV_INVENTORY_CONTENT` instead. + **Default Value**: None **Mandatory**: No @@ -188,6 +211,25 @@ envTemplate: '{"clusterParams":{"clusterEndpoint":"","clusterToken":""},"additionalTemplateVariables":{"":""},"cloudName":"","envSpecificParamsets":{"":["paramsetA"],"cloud":["paramsetB"]},"paramsets":{"paramsetA":{"version":"","name":"","parameters":{"":""},"applications":[{"appName":"","parameters":{"":""}}]},"paramsetB":{"version":"","name":"","parameters":{"":""},"applications":[]}},"credentials":{"credX":{"type":"","data":{"username":"","password":""}},"credY":{"type":"","data":{"secret":""}}}}' ``` +### `ENV_INVENTORY_CONTENT` + +**Description**: + +Provides the Environment Inventory and related artifacts to be created or updated. +It allows external systems to manage `env_definition.yml` and additional files paramsets, credentials, resource profiles without manual changes in the Instance repository. + +See details in Environment Inventory Generation feature documentation [Environment Inventory Generation](/docs/features/env-inventory-generation.md) + +**Default Value**: None + +**Mandatory**: No + +**Example in string format**: + +```json +"{\"envDefinition\":{\"action\":\"create_or_replace\",\"content\":{\"inventory\":{\"environmentName\":\"env-1\",\"tenantName\":\"Applications\",\"cloudName\":\"cluster-1\",\"description\":\"Fullsample\",\"owners\":\"Qubershipteam\",\"config\":{\"updateRPOverrideNameWithEnvName\":false,\"updateCredIdsWithEnvName\":true}},\"envTemplate\":{\"name\":\"composite-prod\",\"artifact\":\"project-env-template:master_20231024-080204\",\"additionalTemplateVariables\":{\"ci\":{\"CI_PARAM_1\":\"ci-param-val-1\",\"CI_PARAM_2\":\"ci-param-val-2\"},\"e2eParameters\":{\"E2E_PARAM_1\":\"e2e-param-val-1\",\"E2E_PARAM_2\":\"e2e-param-val-2\"}},\"sharedTemplateVariables\":[\"prod-template-variables\",\"sample-cloud-template-variables\"],\"envSpecificParamsets\":{\"bss\":[\"env-specific-bss\"]},\"envSpecificTechnicalParamsets\":{\"bss\":[\"env-specific-tech\"]},\"envSpecificE2EParamsets\":{\"cloud\":[\"cloud-level-params\"]},\"sharedMasterCredentialFiles\":[\"prod-integration-creds\"],\"envSpecificResourceProfiles\":{\"cloud\":[\"cloud-specific-profile\"]}}}},\"paramsets\":[{\"action\":\"create_or_replace\",\"place\":\"env\",\"content\":{\"version\":\"\",\"name\":\"env-specific-bss\",\"parameters\":{\"key\":\"value\"},\"applications\":[]}}],\"credentials\":[{\"action\":\"create_or_replace\",\"place\":\"site\",\"content\":{\"prod-integration-creds\":{\"type\":\"\",\"data\":{\"username\":\"\",\"password\":\"\"}}}}],\"resourceProfiles\":[{\"action\":\"create_or_replace\",\"place\":\"cluster\",\"content\":{\"name\":\"cloud-specific-profile\",\"baseline\":\"dev\",\"description\":\"\",\"applications\":[{\"name\":\"core\",\"version\":\"release-20241103.225817\",\"sd\":\"\",\"services\":[{\"name\":\"operator\",\"parameters\":[{\"name\":\"GATEWAY_MEMORY_LIMIT\",\"value\":\"96Mi\"},{\"name\":\"GATEWAY_CPU_REQUEST\",\"value\":\"50m\"}]}]}],\"version\":0}}]}" +``` + ### `GENERATE_EFFECTIVE_SET` **Description**: Feature flag. Valid values ​​are `true` or `false`. diff --git a/docs/use-cases/environment-instance-generation.md b/docs/use-cases/environment-instance-generation.md index 072e79f22..43c91f22d 100644 --- a/docs/use-cases/environment-instance-generation.md +++ b/docs/use-cases/environment-instance-generation.md @@ -363,7 +363,7 @@ Instance pipeline (GitLab or GitHub) is started with parameters: **Results:** 1. All Namespaces are rendered using `project-env-template:v1.2.3` -2. All other objects (Tenant, Cloud, Applications, etc.) are rendered using `project-env-template:v1.2.3` +2. All other objects are rendered using `project-env-template:v1.2.3` ### UC-EIG-TA-2: Environment Instance Generation with `artifact` and `bgNsArtifacts` and BG Domain diff --git a/docs/use-cases/environment-inventory-generation.md b/docs/use-cases/environment-inventory-generation.md new file mode 100644 index 000000000..45193a158 --- /dev/null +++ b/docs/use-cases/environment-inventory-generation.md @@ -0,0 +1,837 @@ +# Environment Inventory Generation Use Cases + +## Table of Contents + +- [Overview](#overview) +- [Environment Inventory: env_definition.yml](#environment-inventory-env_definitionyml) + - [UC-EINV-ED-1: Create `env_definition.yml` (`create_or_replace`, file does not exist)](#uc-einv-ed-1-create-env_definitionyml-create_or_replace-file-does-not-exist) + - [UC-EINV-ED-2: Replace `env_definition.yml` (`create_or_replace`, file exists)](#uc-einv-ed-2-replace-env_definitionyml-create_or_replace-file-exists) + - [UC-EINV-ED-3: Delete `env_definition.yml`](#uc-einv-ed-3-delete-env_definitionyml) +- [Environment Inventory: Paramsets](#environment-inventory-paramsets) + - [UC-EINV-PS-1: Create paramset file (`create_or_replace`, file does not exist)](#uc-einv-ps-1-create-paramset-file-create_or_replace-file-does-not-exist) + - [UC-EINV-PS-2: Replace paramset file (`create_or_replace`, file exists)](#uc-einv-ps-2-replace-paramset-file-create_or_replace-file-exists) + - [UC-EINV-PS-3: Delete paramset file](#uc-einv-ps-3-delete-paramset-file) +- [Environment Inventory: Credentials](#environment-inventory-credentials) + - [UC-EINV-CR-1: Create credentials file (`create_or_replace`, file does not exist)](#uc-einv-cr-1-create-credentials-file-create_or_replace-file-does-not-exist) + - [UC-EINV-CR-2: Replace credentials file (`create_or_replace`, file exists)](#uc-einv-cr-2-replace-credentials-file-create_or_replace-file-exists) + - [UC-EINV-CR-3: Delete credentials file](#uc-einv-cr-3-delete-credentials-file) +- [Environment Inventory: Resource Profile Overrides](#environment-inventory-resource-profile-overrides) + - [UC-EINV-RP-1: Create resource profile override file (`create_or_replace`, file does not exist)](#uc-einv-rp-1-create-resource-profile-override-file-create_or_replace-file-does-not-exist) + - [UC-EINV-RP-2: Replace resource profile override file (`create_or_replace`, file exists)](#uc-einv-rp-2-replace-resource-profile-override-file-create_or_replace-file-exists) + - [UC-EINV-RP-3: Delete resource profile override file](#uc-einv-rp-3-delete-resource-profile-override-file) +- [Environment Inventory: Shared Template Variable Files](#environment-inventory-shared-template-variable-files) + - [UC-EINV-STV-1: Create Shared Template Variable file (`create_or_replace`, file does not exist)](#uc-einv-stv-1-create-shared-template-variable-file-create_or_replace-file-does-not-exist) + - [UC-EINV-STV-2: Replace Shared Template Variable file (`create_or_replace`, file exists)](#uc-einv-stv-2-replace-shared-template-variable-file-create_or_replace-file-exists) + - [UC-EINV-STV-3: Delete Shared Template Variable file](#uc-einv-stv-3-delete-shared-template-variable-file) + - [UC-EINV-AT-ALL-1: Rollback all Inventory changes if any operation fails (negative, atomic processing)](#uc-einv-at-all-1-rollback-all-inventory-changes-if-any-operation-fails-negative-atomic-processing) +- [Template Version Update](#template-version-update) + - [UC-EINV-TV-1: Apply `ENV_TEMPLATE_VERSION` (`PERSISTENT` vs `TEMPORARY`)](#uc-einv-tv-1-apply-env_template_version-persistent-vs-temporary) + +--- + +## Overview + +This document describes use cases for **Environment Inventory Generation** — creating or replacing `env_definition.yml`, `paramsets`, `resource_profiles`, and `credentials` using `ENV_INVENTORY_CONTENT`, as well as template version update in `PERSISTENT` and `TEMPORARY` modes. + +> **Note (template version priority):** +> If `ENV_TEMPLATE_VERSION` is passed to the Instance pipeline, it has **higher priority** than the template version specified in `env_definition.yml` (`envDefinition.content.envTemplate.*`). + +--- + +## Environment Inventory: env_definition.yml + +### UC-EINV-ED-1: Create `env_definition.yml` (`create_or_replace`, file does not exist) + +**Pre-requisites:** + +1. The Environment Inventory file does not exist: + - `/environments///Inventory/env_definition.yml` + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) +- `ENV_TEMPLATE_VERSION: ` (optional; if provided, it has higher priority than the version from `envDefinition.content.envTemplate.*`) + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates `envDefinition` against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `envDefinition.action == create_or_replace` + - `envDefinition.content` is present + 3. Validates `envDefinition.content` against `env_definition.yml` schema: + - [`/docs/envgene-configs.md#env_definitionyml`](/docs/envgene-configs.md#env_definitionyml) + 4. Resolves target path: + - `/environments///Inventory/env_definition.yml` + 5. Creates `Inventory/` directory if missing. + 6. Creates `env_definition.yml` using `envDefinition.content`. + 7. If `ENV_TEMPLATE_VERSION` is provided, applies it as the template version (higher priority). +2. The `git_commit` job runs: + 1. Commits created files into the Instance repository. + +**Results:** + +1. The file is created: + - `/environments///Inventory/env_definition.yml` +2. If `ENV_TEMPLATE_VERSION` is provided, it overrides the version from `envDefinition.content.envTemplate.*`. +3. Changes are committed. + +--- + +### UC-EINV-ED-2: Replace `env_definition.yml` (`create_or_replace`, file exists) + +**Pre-requisites:** + +1. The Environment Inventory file exists: + - `/environments///Inventory/env_definition.yml` + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) +- `ENV_TEMPLATE_VERSION: ` (optional; if provided, it has higher priority than the version from `envDefinition.content.envTemplate.*`) + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates `envDefinition` against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `envDefinition.action == create_or_replace` + - `envDefinition.content` is present + 3. Validates `envDefinition.content` against `env_definition.yml` schema: + - [`/docs/envgene-configs.md#env_definitionyml`](/docs/envgene-configs.md#env_definitionyml) + 4. Resolves target path: + - `/environments///Inventory/env_definition.yml` + 5. Replaces `env_definition.yml` using `envDefinition.content` (fully overwrites the file). + 6. If `ENV_TEMPLATE_VERSION` is provided, applies it as the template version (higher priority). +2. The `git_commit` job runs: + 1. Commits updated files into the Instance repository. + +**Results:** + +1. The file is replaced (fully overwritten): + - `/environments///Inventory/env_definition.yml` +2. If `ENV_TEMPLATE_VERSION` is provided, it overrides the version from `envDefinition.content.envTemplate.*`. +3. Changes are committed. + +--- + +### UC-EINV-ED-3: Delete `env_definition.yml` + +**Pre-requisites:** + +1. The Environment Inventory file exists: + - `/environments///Inventory/env_definition.yml` + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates `envDefinition` against the request schema: + - `envDefinition.action == delete` + - `envDefinition.content` is not required + 3. Resolves target environment folder: + - `/environments///` + 4. Deletes the entire environment directory: + - `/environments///` + +2. The `git_commit` job runs: + 1. Commits repository changes into the Instance repository. + +**Results:** + +1. The environment directory is removed: + - `/environments///` + +2. `env_definition.yml` is removed as part of the environment directory deletion (if it existed): + - `/environments///Inventory/env_definition.yml` + +3. All Inventory-related files under the environment are removed as part of the environment directory deletion (if they existed): + - `/environments///Inventory/parameters/*` + - `/environments///Inventory/credentials/*` + - `/environments///Inventory/resource_profiles/*` + - `/environments///shared_template_variables/*` +4. Changes are committed. + +--- + +## Environment Inventory: Paramsets + +### UC-EINV-PS-1: Create paramset file (`create_or_replace`, file does not exist) + +**Pre-requisites:** + +1. The target paramset file does not exist (for the resolved `place` and `content.name`). + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `paramsets[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `content.name: ` +- `content` is a valid Paramset file content + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `paramsets[]` item against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `action == create_or_replace` + - `place ∈ { env, cluster, site }` + - `content` is present and contains `name` + 3. Extracts `` from `content.name`. + 4. Resolves target path by `place`: + - `place=env` → `/environments///Inventory/parameters/.yml` + - `place=cluster` → `/environments//Inventory/parameters/.yml` + - `place=site` → `/environments/Inventory/parameters/.yml` + 5. Creates `parameters/` directory if missing. + 6. Creates the paramset file using `content` (create-or-replace semantics; in this UC the file is expected to be missing). +2. The `git_commit` job runs: + 1. Commits created files into the Instance repository. + +**Results:** + +1. Paramset file is created at the resolved path. +2. File content matches `paramsets[].content`. +3. Changes are committed. + +--- + +### UC-EINV-PS-2: Replace paramset file (`create_or_replace`, file exists) + +**Pre-requisites:** + +1. The target paramset file exists (for the resolved `place` and `content.name`). + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `paramsets[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `content.name: ` +- `content` is a valid Paramset file content + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `paramsets[]` item against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `action == create_or_replace` + - `place == { env, cluster, site }` + - `content` is present and contains `name` + 3. Extracts `` from `content.name`. + 4. Resolves target path by `place`. + 5. Replaces the paramset file using `content` (fully overwrites the file). +2. The `git_commit` job runs: + 1. Commits updated files into the Instance repository. + +**Results:** + +1. Paramset file is replaced at the resolved path. +2. File content matches `paramsets[].content`. +3. Changes are committed. + +--- + +### UC-EINV-PS-3: Delete paramSet file + +**Pre-requisites:** + +1. The target ParamSet file exists + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `paramsets[]`: + +- `action: delete` +- `place: env | cluster | site` +- `content.name: ` +- `content` is a valid Paramset file content + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `paramSets[]` item against the request schema: + - `action == delete` + - `place == { env, cluster, site }` + - `content` is present and contains `name` + 3. Extracts `` from `content.name`. + 4. Resolves target path by `place`: + - `place=env` → `/environments///Inventory/parameters/.yml` + - `place=cluster` → `/environments//Inventory/parameters/.yml` + - `place=site` → `/environments/Inventory/parameters/.yml` + 5. Deletes the target paramset file if it exists. + - Directories are not removed. + +2. The `git_commit` job runs: + 1. Commits repository changes into the Instance repository. + +**Results:** + +1. The paramset file is removed at the resolved path (if it existed). +2. Parent directories remain unchanged. +3. Changes are committed. + +--- + +## Environment Inventory: Credentials + +### UC-EINV-CR-1: Create credentials file (`create_or_replace`, file does not exist) + +**Pre-requisites:** + +1. The target credentials file does not exist (for the resolved `place`). + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `credentials[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `content` is a credentials map (one or multiple credentials) + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `credentials[]` item against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `action == create_or_replace` + - `place ∈ { env, cluster, site }` + - `content` is present + 3. Resolves target path by `place`: + - `place=env` → `/environments///Inventory/credentials/inventory_generation_creds.yml` + - `place=cluster` → `/environments//Inventory/credentials/inventory_generation_creds.yml` + - `place=site` → `/environments/credentials/inventory_generation_creds.yml` + 4. Creates `credentials/` directory if missing (for `env`/`cluster` levels). + 5. Creates the credentials file using `content` (create-or-replace semantics; in this UC the file is expected to be missing). +2. The `git_commit` job runs: + 1. Commits created files into the Instance repository. + +**Results:** + +1. Credentials file is created at the resolved path. +2. File content matches `credentials[].content`. +3. Changes are committed. + +--- + +### UC-EINV-CR-2: Replace credentials file (`create_or_replace`, file exists) + +**Pre-requisites:** + +1. The target credentials file exists (for the resolved `place`). + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `credentials[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `content` is a credentials map (one or multiple credentials) + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `credentials[]` item against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `action == create_or_replace` + - `place ∈ { env, cluster, site }` + - `content` is present + 3. Resolves target path by `place`. + 4. Replaces the credentials file using `content` (fully overwrites the file). +2. The `git_commit` job runs: + 1. Commits updated files into the Instance repository. + +**Results:** + +1. Credentials file is replaced at the resolved path. +2. File content matches `credentials[].content`. +3. Changes are committed. + +--- + +### UC-EINV-CR-3: Delete credentials file + +**Pre-requisites:** + +1. The target credentials file exists + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `credentials[]` with at least one item where: + +- `action: delete` +- `place: env | cluster | site` +- `content` is present + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `credentials[]` item against the request schema: + - `action == delete` + - `place ∈ { env, cluster, site }` + - `content` is present + 3. Resolves target credentials file path by `place`. + 4. Deletes the target credentials file if it exists. + - Directories are not removed. + +2. The `git_commit` job runs: + 1. Commits repository changes into the Instance repository. + +**Results:** + +1. Credentials file is removed at the resolved path (if it existed). +2. Parent directories remain unchanged (no directory cleanup). +3. Changes are committed. + +--- + +## Environment Inventory: Resource Profile Overrides + +### UC-EINV-RP-1: Create resource profile override file (`create_or_replace`, file does not exist) + +**Pre-requisites:** + +1. The target override file does not exist (for the resolved `place` and `content.name`). + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `resourceProfiles[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `content.name: ` +- `content` is a valid Resource Profile Override file content + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `resourceProfiles[]` item against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `action == create_or_replace` + - `place ∈ { env, cluster, site }` + - `content` is present and contains `name` + 3. Extracts `` from `content.name`. + 4. Resolves target path by `place`: + - `place=env` → `/environments///Inventory/resource_profiles/.yml` + - `place=cluster` → `/environments//Inventory/resource_profiles/.yml` + - `place=site` → `/environments/Inventory/resource_profiles/.yml` + 5. Creates `resource_profiles/` directory if missing. + 6. Creates the override file using `content` (create-or-replace semantics; in this UC the file is expected to be missing). +2. The `git_commit` job runs: + 1. Commits created files into the Instance repository. + +**Results:** + +1. Override file is created at the resolved path. +2. File content matches `resourceProfiles[].content`. +3. Changes are committed. + +--- + +### UC-EINV-RP-2: Replace resource profile override file (`create_or_replace`, file exists) + +**Pre-requisites:** + +1. The target override file exists (for the resolved `place` and `content.name`). + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `resourceProfiles[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `content.name: ` +- `content` is a valid Resource Profile Override file content + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `resourceProfiles[]` item against the request schema: + - [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + - `action == create_or_replace` + - `place ∈ { env, cluster, site }` + - `content` is present and contains `name` + 3. Extracts `` from `content.name`. + 4. Resolves target path by `place`. + 5. Replaces the override file using `content` (fully overwrites the file). +2. The `git_commit` job runs: + 1. Commits updated files into the Instance repository. + +**Results:** + +1. Override file is replaced at the resolved path. +2. File content matches `resourceProfiles[].content`. +3. Changes are committed. + +--- + +### UC-EINV-RP-3: Delete resource profile override file + +**Pre-requisites:** + +1. The target Resource Profile Override file exists + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `resourceProfiles[]` with at least one item where: + +- `action: delete` +- `place: env | cluster | site` +- `content.name: ` +- `content` is present (used to resolve the target filename) + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `resourceProfiles[]` item against the request schema: + - `action == delete` + - `place ∈ { env, cluster, site }` + - `content` is present and contains `name` + 3. Extracts `` from `content.name`. + 4. Resolves target path by `place`: + - `place=env` → `/environments///Inventory/resource_profiles/.yml` + - `place=cluster` → `/environments//resource_profiles/.yml` + - `place=site` → `/environments/resource_profiles/.yml` + 5. Deletes the target override file if it exists. + - Directories are not removed. + +2. The `git_commit` job runs: + 1. Commits repository changes into the Instance repository. + +**Results:** + +1. Resource Profile Override file is removed at the resolved path (if it existed). +2. Parent directories remain unchanged (no directory cleanup). +3. Changes are committed. + +--- + +## Environment Inventory: Shared Template Variable Files + +### UC-EINV-STV-1: Create Shared Template Variable file (`create_or_replace`, file does not exist) + +**Pre-requisites:** + +1. The target Shared Template Variable file does not exist (for the resolved `place` and `name`): + - `place=env` → `/environments///shared_template_variables/.yml` + - `place=cluster` → `/environments//shared_template_variables/.yml` + - `place=site` → `/environments/shared_template_variables/.yml` + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: [`/docs/features/env-inventory-generation.md`](/docs/features/env-inventory-generation.md) + +`ENV_INVENTORY_CONTENT` includes `sharedTemplateVariables[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `name: ` +- `content` + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `sharedTemplateVariables[]` item against the request schema: + - `/docs/features/env-inventory-generation.md` + - `action == create_or_replace` + - `place ∈ { env, cluster, site }` + - `name` is present + - `content` is present + 3. Resolves target path by `place`: + - `place=env` → `/environments///shared_template_variables/.yml` + - `place=cluster` → `/environments//shared_template_variables/.yml` + - `place=site` → `/environments/shared_template_variables/.yml` + 4. Creates `shared_template_variables/` directory if missing. + 5. Creates the Shared Template Variable file using `content` (create-or-replace semantics; in this UC the file is expected to be missing). + +2. The `git_commit` job runs: + 1. Commits created files into the Instance repository. + +**Results:** + +1. Shared Template Variable file is created at the resolved path. +2. Filename is saved as `.yml`. +3. File content matches `sharedTemplateVariables[].content`. +4. Changes are committed. + +--- + +### UC-EINV-STV-2: Replace Shared Template Variable file (create_or_replace, file exists) + +**Pre-requisites:** + +1. The target Shared Template Variable file exists (for the resolved `place` and `name`): + - `place=env` → `/environments///shared_template_variables/.yml` + - `place=cluster` → `/environments//shared_template_variables/.yml` + - `place=site` → `/environments/shared_template_variables/.yml` + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: `/docs/features/env-inventory-generation.md` + +`ENV_INVENTORY_CONTENT` includes `sharedTemplateVariables[]` with at least one item where: + +- `action: create_or_replace` +- `place: env | cluster | site` +- `name: ` +- `content` + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `sharedTemplateVariables[]` item against the request schema: + - `/docs/features/env-inventory-generation.md` + - `action == create_or_replace` + - `place ∈ { env, cluster, site }` + - `name` is present + - `content` is present + 3. Resolves target path by `place`. + 4. Replaces the Shared Template Variable file using `content` (fully overwrites the file). + +2. The `git_commit` job runs: + 1. Commits updated files into the Instance repository. + +**Results:** + +1. Shared Template Variable file is replaced at the resolved path. +2. File content matches `sharedTemplateVariables[].content`. +3. Changes are committed. + +--- + +### UC-EINV-STV-3: Delete Shared Template Variable file + +**Pre-requisites:** + +1. The target Shared Template Variable file exists (for the resolved `place` and `name`): + - `place=env` → `/environments///shared_template_variables/.yml` + - `place=cluster` → `/environments//shared_template_variables/.yml` + - `place=site` → `/environments/shared_template_variables/.yml` + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: `/docs/features/env-inventory-generation.md` + +`ENV_INVENTORY_CONTENT` includes `sharedTemplateVariables[]` with at least one item where: + +- `action: delete` +- `place: env | cluster | site` +- `name: ` + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Validates the `sharedTemplateVariables[]` item against the request schema: + - `action == delete` + - `place ∈ { env, cluster, site }` + - `name` is present + 3. Resolves target path by `place`: + - `place=env` → `/environments///shared_template_variables/.yml` + - `place=cluster` → `/environments//shared_template_variables/.yml` + - `place=site` → `/environments/shared_template_variables/.yml` + 4. Deletes the target Shared Template Variable file if it exists. + - Directories are not removed. + +2. The `git_commit` job runs: + 1. Commits repository changes into the Instance repository. + +**Results:** + +1. Shared Template Variable file is removed at the resolved path (if it existed). +2. Parent directories remain unchanged (no directory cleanup). +3. Changes are committed. + +--- + +### UC-EINV-AT-ALL-1: Rollback all Inventory changes if any operation fails (negative, atomic processing) + +**Pre-requisites:** + +1. Instance pipeline is started with `ENV_INVENTORY_CONTENT` that includes one or more Inventory operations (any combination of): + - `envDefinition` + - `paramSets[]` + - `credentials[]` + - `resourceProfiles[]` + - `sharedTemplateVariables[]` +2. Repository has an initial state (files may exist or not exist). +3. At least one requested operation will fail during processing (validation error or file operation error). + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_INVENTORY_CONTENT: ` + - Examples: `/docs/features/env-inventory-generation.md` + +During processing of `ENV_INVENTORY_CONTENT`, at least one operation fails . + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads and parses `ENV_INVENTORY_CONTENT`. + 2. Runs validations: + - Parameter exclusivity validation: + - If `ENV_INVENTORY_CONTENT` is provided together with `ENV_INVENTORY_INIT` or `ENV_SPECIFIC_PARAMS`, validation fails. + - JSON schema validation: + - `ENV_INVENTORY_CONTENT` is validated against `/schemas/env-inventory-content.schema.json`. + 3. Starts atomic processing of all requested operations (order between object types is not guaranteed). + 4. Applies some operations (examples of partial progress): + - Creates required directories (e.g., `Inventory`, `parameters`, `credentials`, `resource_profiles`, `shared_template_variables`). + - Creates or replaces files (e.g., `env_definition.yml`, paramset files, credential files, resource profile overrides, shared template variables). + 5. While processing one of operations, an error occurs: + - Schema validation fails for one object content, **or** + - Any file write/delete operation fails. + 6. Performs rollback: + - Reverts all files created/changed during this job run. + - Restores overwritten files to their previous state. + - Removes directories/files created only during this run. + 7. Fails the job with a readable error message in logs. + +2. The `git_commit` job does **not** commit any changes (because there must be no net changes after rollback). + +**Results:** + +1. No files are modified in the Instance repository after the pipeline run ). +2. Any files created during this run are removed. +3. Any overwritten files are restored to the original state. +4. Any directories created only during this run are removed. +5. Pipeline logs contain a readable error message explaining the failure reason. +6. No changes are committed. + +--- + +## Template Version Update + +### UC-EINV-TV-1: Apply `ENV_TEMPLATE_VERSION` (`PERSISTENT` vs `TEMPORARY`) + +**Pre-requisites:** + +1. Environment Inventory exists: + - `/environments///Inventory/env_definition.yml` + +**Trigger:** + +Instance pipeline (GitLab or GitHub) is started with: + +- `ENV_NAMES: /` +- `ENV_TEMPLATE_VERSION: ` +- `ENV_TEMPLATE_VERSION_UPDATE_MODE: PERSISTENT | TEMPORARY` (optional; default: `PERSISTENT`) + +**Steps:** + +1. The `env_inventory_generation` job runs: + 1. Reads `ENV_TEMPLATE_VERSION_UPDATE_MODE` (default: `PERSISTENT`). + 2. Applies `ENV_TEMPLATE_VERSION`: + - **PERSISTENT**: + - Updates template version in `env_definition.yml` + (`envTemplate.artifact` or `envTemplate.templateArtifact.artifact.version`). + - **TEMPORARY**: + - Does not change `envTemplate.*` in `env_definition.yml`. + - Writes the applied version into: + - `generatedVersions.generateEnvironmentLatestVersion: ""` +2. The `git_commit` job runs: + 1. Commits updated `env_definition.yml` into the Instance repository. + +**Results:** + +1. **PERSISTENT**: template version in `env_definition.yml` is updated and committed. +2. **TEMPORARY**: `generatedVersions.generateEnvironmentLatestVersion` is updated and committed; `envTemplate.*` remains unchanged. diff --git a/schemas/env-inventory-content.schema.json b/schemas/env-inventory-content.schema.json new file mode 100644 index 000000000..fc4ef80cd --- /dev/null +++ b/schemas/env-inventory-content.schema.json @@ -0,0 +1,204 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "type": "object", + "title": "Environment Inventory Content", + "description": "Schema for ENV_INVENTORY_CONTENT parameter that allows to create, replace, and delete Environment Inventory and related objects", + "additionalProperties": false, + "properties": { + "envDefinition": { + "type": "object", + "title": "Environment Definition Block", + "description": "Block that controls env_definition.yml", + "additionalProperties": false, + "properties": { + "action": { + "type": "string", + "enum": ["create_or_replace", "delete"], + "title": "Action", + "description": "Operation mode for env_definition.yml" + }, + "content": { + "$ref": "env-definition.schema.json", + "title": "Environment Definition Content", + "description": "Full content of env_definition.yml" + } + }, + "required": ["action"], + "if": { + "properties": { + "action": { + "const": "create_or_replace" + } + } + }, + "then": { + "required": ["content"] + } + }, + "paramSets": { + "type": "array", + "title": "Parameter Sets", + "description": "Block that controls Parameter Set file operations", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "action": { + "type": "string", + "enum": ["create_or_replace", "delete"], + "title": "Action", + "description": "Operation mode for the target Parameter Set file" + }, + "place": { + "type": "string", + "enum": ["site", "cluster", "env"], + "title": "Place", + "description": "Defines where the Parameter Set file is stored" + }, + "content": { + "$ref": "paramset.schema.json", + "title": "Parameter Set Content", + "description": "Parameter Set definition as file content" + } + }, + "required": ["action", "place"], + "if": { + "properties": { + "action": { + "const": "create_or_replace" + } + } + }, + "then": { + "required": ["content"] + } + } + }, + "credentials": { + "type": "array", + "title": "Shared Credentials", + "description": "Block that controls Shared Credentials operations", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "action": { + "type": "string", + "enum": ["create_or_replace", "delete"], + "title": "Action", + "description": "Operation mode for the Shared Credentials file" + }, + "place": { + "type": "string", + "enum": ["site", "cluster", "env"], + "title": "Place", + "description": "Defines where the Shared Credentials file is stored" + }, + "content": { + "$ref": "credential.schema.json", + "title": "Shared Credentials Content", + "description": "Shared Credential as file content" + } + }, + "required": ["action", "place"], + "if": { + "properties": { + "action": { + "const": "create_or_replace" + } + } + }, + "then": { + "required": ["content"] + } + } + }, + "resourceProfiles": { + "type": "array", + "title": "Resource Profile Overrides", + "description": "List of Resource Profile Override operations", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "action": { + "type": "string", + "enum": ["create_or_replace", "delete"], + "title": "Action", + "description": "Operation mode for the Resource Profile Override file" + }, + "place": { + "type": "string", + "enum": ["site", "cluster", "env"], + "title": "Place", + "description": "Defines where the Resource Profile Override file is stored" + }, + "content": { + "$ref": "resource-profile.schema.json", + "title": "Resource Profile Override Content", + "description": "Resource Profile Override as file content" + } + }, + "required": ["action", "place"], + "if": { + "properties": { + "action": { + "const": "create_or_replace" + } + } + }, + "then": { + "required": ["content"] + } + } + }, + "sharedTemplateVariables": { + "type": "array", + "title": "Shared Template Variable Files", + "description": "Block that controls Shared Template Variable File operations", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "action": { + "type": "string", + "enum": ["create_or_replace", "delete"], + "title": "Action", + "description": "Operation mode for the Shared Template Variable File" + }, + "place": { + "type": "string", + "enum": ["site", "cluster", "env"], + "title": "Place", + "description": "Defines where the Shared Template Variable File is stored" + }, + "name": { + "type": "string", + "title": "File Name", + "description": "Name of the Shared Template Variable File (without extension). The file will be saved as .yml", + "pattern": "^[^/\\\\\\.\\.]+$", + "examples": ["prod-template-variables"] + }, + "content": { + "type": "object", + "title": "Shared Template Variable File Content", + "description": "Shared Template Variable File content as key-value hashmap. Must NOT be located in a parameters directory", + "additionalProperties": true + } + }, + "required": ["action", "place", "name"], + "if": { + "properties": { + "action": { + "const": "create_or_replace" + } + } + }, + "then": { + "required": ["content"] + } + } + } + } +} +