PhalanxConfig#

pydantic model phalanx.models.environments.PhalanxConfig#

Root container for the entire Phalanx configuration.

Parameters:

data (Any) –

Show JSON schema
{
   "title": "PhalanxConfig",
   "description": "Root container for the entire Phalanx configuration.",
   "type": "object",
   "properties": {
      "environments": {
         "items": {
            "$ref": "#/$defs/EnvironmentDetails"
         },
         "title": "Environments",
         "type": "array"
      },
      "applications": {
         "items": {
            "$ref": "#/$defs/Application"
         },
         "title": "Applications",
         "type": "array"
      }
   },
   "$defs": {
      "Application": {
         "description": "A Phalanx application that knows which environments use it.",
         "properties": {
            "name": {
               "title": "Name",
               "type": "string"
            },
            "namespace": {
               "title": "Namespace",
               "type": "string"
            },
            "chart": {
               "title": "Chart",
               "type": "object"
            },
            "doc_links": {
               "items": {
                  "$ref": "#/$defs/DocLink"
               },
               "title": "Doc Links",
               "type": "array"
            },
            "values": {
               "title": "Values",
               "type": "object"
            },
            "environment_values": {
               "additionalProperties": {
                  "type": "object"
               },
               "title": "Environment Values",
               "type": "object"
            },
            "secrets": {
               "additionalProperties": {
                  "$ref": "#/$defs/ConditionalSecretConfig"
               },
               "title": "Secrets",
               "type": "object"
            },
            "environment_secrets": {
               "additionalProperties": {
                  "additionalProperties": {
                     "$ref": "#/$defs/ConditionalSecretConfig"
                  },
                  "type": "object"
               },
               "title": "Environment Secrets",
               "type": "object"
            },
            "active_environments": {
               "items": {
                  "type": "string"
               },
               "title": "Active Environments",
               "type": "array"
            }
         },
         "required": [
            "name",
            "namespace",
            "chart",
            "doc_links",
            "values",
            "environment_values",
            "secrets",
            "environment_secrets",
            "active_environments"
         ],
         "title": "Application",
         "type": "object"
      },
      "ConditionalSecretConfig": {
         "additionalProperties": false,
         "description": "Possibly conditional specification for an application secret.",
         "properties": {
            "if": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Configuration only applies if this Helm chart setting is set to a true value",
               "title": "Condition"
            },
            "description": {
               "title": "Description",
               "type": "string"
            },
            "copy": {
               "anyOf": [
                  {
                     "$ref": "#/$defs/ConditionalSecretCopyRules"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Rules for where the secret should be copied from"
            },
            "generate": {
               "anyOf": [
                  {
                     "$ref": "#/$defs/ConditionalSimpleSecretGenerateRules"
                  },
                  {
                     "$ref": "#/$defs/ConditionalSourceSecretGenerateRules"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "title": "Generate"
            },
            "onepassword": {
               "allOf": [
                  {
                     "$ref": "#/$defs/SecretOnepasswordConfig"
                  }
               ],
               "default": {
                  "encoded": false
               }
            },
            "value": {
               "anyOf": [
                  {
                     "format": "password",
                     "type": "string",
                     "writeOnly": true
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "title": "Value"
            }
         },
         "required": [
            "description"
         ],
         "title": "ConditionalSecretConfig",
         "type": "object"
      },
      "ConditionalSecretCopyRules": {
         "additionalProperties": false,
         "description": "Possibly conditional rules for copying a secret value from another.",
         "properties": {
            "if": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Configuration only applies if this Helm chart setting is set to a true value",
               "title": "Condition"
            },
            "application": {
               "title": "Application",
               "type": "string"
            },
            "key": {
               "title": "Key",
               "type": "string"
            }
         },
         "required": [
            "application",
            "key"
         ],
         "title": "ConditionalSecretCopyRules",
         "type": "object"
      },
      "ConditionalSimpleSecretGenerateRules": {
         "additionalProperties": false,
         "description": "Conditional rules for generating a secret value with no source.",
         "properties": {
            "if": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Configuration only applies if this Helm chart setting is set to a true value",
               "title": "Condition"
            },
            "type": {
               "enum": [
                  "password",
                  "gafaelfawr-token",
                  "fernet-key",
                  "rsa-private-key"
               ],
               "title": "Type",
               "type": "string"
            }
         },
         "required": [
            "type"
         ],
         "title": "ConditionalSimpleSecretGenerateRules",
         "type": "object"
      },
      "ConditionalSourceSecretGenerateRules": {
         "description": "Conditional rules for generating a secret from another secret.",
         "properties": {
            "if": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Configuration only applies if this Helm chart setting is set to a true value",
               "title": "Condition"
            },
            "type": {
               "enum": [
                  "bcrypt-password-hash",
                  "mtime"
               ],
               "title": "Type",
               "type": "string"
            },
            "source": {
               "title": "Source",
               "type": "string"
            }
         },
         "required": [
            "type",
            "source"
         ],
         "title": "ConditionalSourceSecretGenerateRules",
         "type": "object"
      },
      "DocLink": {
         "description": "A documentation link for an application.\n\nThis represents an individual array item in the ``phalanx.lsst.io/docs``\nHelm chart annotation in :file:`Chart.yaml`.",
         "properties": {
            "url": {
               "title": "Url",
               "type": "string"
            },
            "title": {
               "title": "Title",
               "type": "string"
            },
            "id": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "title": "Id"
            }
         },
         "required": [
            "url",
            "title"
         ],
         "title": "DocLink",
         "type": "object"
      },
      "EnvironmentDetails": {
         "description": "Full details about an environment, including auth and Argo CD.\n\nUsed primarily for documentation generation, which needs details from the\nArgo CD and Gafaelfawr configurations for that environment.  Use\n`EnvironmentConfig` instead when only the basic environment configuration\nis needed.",
         "properties": {
            "name": {
               "title": "Name",
               "type": "string"
            },
            "fqdn": {
               "title": "Fqdn",
               "type": "string"
            },
            "onepassword": {
               "anyOf": [
                  {
                     "$ref": "#/$defs/OnepasswordConfig"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null
            },
            "vaultUrl": {
               "title": "Vaulturl",
               "type": "string"
            },
            "vaultPathPrefix": {
               "title": "Vaultpathprefix",
               "type": "string"
            },
            "applications": {
               "items": {
                  "$ref": "#/$defs/Application"
               },
               "title": "Applications",
               "type": "array"
            },
            "argocdUrl": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "title": "Argocdurl"
            },
            "argocdRbac": {
               "items": {
                  "items": {
                     "type": "string"
                  },
                  "type": "array"
               },
               "title": "Argocdrbac",
               "type": "array"
            },
            "identityProvider": {
               "$ref": "#/$defs/IdentityProvider"
            },
            "gafaelfawrScopes": {
               "items": {
                  "$ref": "#/$defs/GafaelfawrScope"
               },
               "title": "Gafaelfawrscopes",
               "type": "array"
            }
         },
         "required": [
            "name",
            "fqdn",
            "vaultUrl",
            "vaultPathPrefix",
            "applications",
            "argocdUrl",
            "argocdRbac",
            "identityProvider",
            "gafaelfawrScopes"
         ],
         "title": "EnvironmentDetails",
         "type": "object"
      },
      "GafaelfawrGitHubGroup": {
         "description": "A group based on a GitHub team.",
         "properties": {
            "github": {
               "$ref": "#/$defs/GafaelfawrGitHubTeam"
            }
         },
         "required": [
            "github"
         ],
         "title": "GafaelfawrGitHubGroup",
         "type": "object"
      },
      "GafaelfawrGitHubTeam": {
         "description": "Designates a GitHub team for use as a Gafaelfawr group.",
         "properties": {
            "organization": {
               "title": "Organization",
               "type": "string"
            },
            "team": {
               "title": "Team",
               "type": "string"
            }
         },
         "required": [
            "organization",
            "team"
         ],
         "title": "GafaelfawrGitHubTeam",
         "type": "object"
      },
      "GafaelfawrScope": {
         "description": "A Gafaelfawr scope and its associated groups.",
         "properties": {
            "scope": {
               "title": "Scope",
               "type": "string"
            },
            "groups": {
               "items": {
                  "anyOf": [
                     {
                        "type": "string"
                     },
                     {
                        "$ref": "#/$defs/GafaelfawrGitHubGroup"
                     }
                  ]
               },
               "title": "Groups",
               "type": "array"
            }
         },
         "required": [
            "scope",
            "groups"
         ],
         "title": "GafaelfawrScope",
         "type": "object"
      },
      "IdentityProvider": {
         "description": "Type of identity provider used by Gafaelfawr.",
         "enum": [
            "CILogon",
            "GitHub",
            "OpenID Connect",
            "None"
         ],
         "title": "IdentityProvider",
         "type": "string"
      },
      "OnepasswordConfig": {
         "description": "Configuration for 1Password static secrets source.",
         "properties": {
            "connectUrl": {
               "format": "uri",
               "minLength": 1,
               "title": "Connecturl",
               "type": "string"
            },
            "vaultTitle": {
               "title": "Vaulttitle",
               "type": "string"
            }
         },
         "required": [
            "connectUrl",
            "vaultTitle"
         ],
         "title": "OnepasswordConfig",
         "type": "object"
      },
      "SecretOnepasswordConfig": {
         "description": "Configuration for how a static secret is stored in 1Password.",
         "properties": {
            "encoded": {
               "default": false,
               "title": "Encoded",
               "type": "boolean"
            }
         },
         "title": "SecretOnepasswordConfig",
         "type": "object"
      }
   },
   "required": [
      "environments",
      "applications"
   ]
}

Fields:
field applications: list[Application] [Required]#

All Phalanx applications enabled for any environment.

field environments: list[EnvironmentDetails] [Required]#

Phalanx environments.