PhalanxConfig#
- pydantic model phalanx.models.environments.PhalanxConfig#
Root container for the entire Phalanx configuration.
- Parameters:
data (
Any) –
Show JSON schema
{ "title": "PhalanxConfig", "description": "Root container for the entire Phalanx configuration.", "type": "object", "properties": { "environments": { "title": "Environments", "type": "array", "items": { "$ref": "#/definitions/EnvironmentDetails" } }, "applications": { "title": "Applications", "type": "array", "items": { "$ref": "#/definitions/Application" } } }, "required": [ "environments", "applications" ], "definitions": { "OnepasswordConfig": { "title": "OnepasswordConfig", "description": "Configuration for 1Password static secrets source.", "type": "object", "properties": { "connectUrl": { "title": "Connecturl", "minLength": 1, "maxLength": 65536, "format": "uri", "type": "string" }, "vaultTitle": { "title": "Vaulttitle", "type": "string" } }, "required": [ "connectUrl", "vaultTitle" ] }, "DocLink": { "title": "DocLink", "description": "A documentation link for an application.\n\nThis represents an individual array item in the ``phalanx.lsst.io/docs``\nHelm chart annotation in :file:`Chart.yaml`.", "type": "object", "properties": { "url": { "title": "Url", "type": "string" }, "title": { "title": "Title", "type": "string" }, "id": { "title": "Id", "type": "string" } }, "required": [ "url", "title" ] }, "ConditionalSecretCopyRules": { "title": "ConditionalSecretCopyRules", "description": "Possibly conditional rules for copying a secret value from another.", "type": "object", "properties": { "if": { "title": "Condition", "description": "Configuration only applies if this Helm chart setting is set to a true value", "type": "string" }, "application": { "title": "Application", "type": "string" }, "key": { "title": "Key", "type": "string" } }, "required": [ "application", "key" ], "additionalProperties": false }, "ConditionalSimpleSecretGenerateRules": { "title": "ConditionalSimpleSecretGenerateRules", "description": "Conditional rules for generating a secret value with no source.", "type": "object", "properties": { "if": { "title": "Condition", "description": "Configuration only applies if this Helm chart setting is set to a true value", "type": "string" }, "type": { "title": "Type", "enum": [ "password", "gafaelfawr-token", "fernet-key", "rsa-private-key" ], "type": "string" } }, "required": [ "type" ], "additionalProperties": false }, "ConditionalSourceSecretGenerateRules": { "title": "ConditionalSourceSecretGenerateRules", "description": "Conditional rules for generating a secret from another secret.", "type": "object", "properties": { "if": { "title": "Condition", "description": "Configuration only applies if this Helm chart setting is set to a true value", "type": "string" }, "type": { "title": "Type", "enum": [ "bcrypt-password-hash", "mtime" ], "type": "string" }, "source": { "title": "Source", "type": "string" } }, "required": [ "type", "source" ] }, "SecretOnepasswordConfig": { "title": "SecretOnepasswordConfig", "description": "Configuration for how a static secret is stored in 1Password.", "type": "object", "properties": { "encoded": { "title": "Encoded", "default": false, "type": "boolean" } } }, "ConditionalSecretConfig": { "title": "ConditionalSecretConfig", "description": "Possibly conditional specification for an application secret.", "type": "object", "properties": { "if": { "title": "Condition", "description": "Configuration only applies if this Helm chart setting is set to a true value", "type": "string" }, "description": { "title": "Description", "type": "string" }, "copy": { "title": "Copy", "description": "Rules for where the secret should be copied from", "allOf": [ { "$ref": "#/definitions/ConditionalSecretCopyRules" } ] }, "generate": { "title": "Generate", "anyOf": [ { "$ref": "#/definitions/ConditionalSimpleSecretGenerateRules" }, { "$ref": "#/definitions/ConditionalSourceSecretGenerateRules" } ] }, "onepassword": { "title": "Onepassword", "default": { "encoded": false }, "allOf": [ { "$ref": "#/definitions/SecretOnepasswordConfig" } ] }, "value": { "title": "Value", "type": "string", "writeOnly": true, "format": "password" } }, "required": [ "description" ], "additionalProperties": false }, "Application": { "title": "Application", "description": "A Phalanx application that knows which environments use it.", "type": "object", "properties": { "name": { "title": "Name", "type": "string" }, "namespace": { "title": "Namespace", "type": "string" }, "chart": { "title": "Chart", "type": "object" }, "doc_links": { "title": "Doc Links", "type": "array", "items": { "$ref": "#/definitions/DocLink" } }, "values": { "title": "Values", "type": "object" }, "environment_values": { "title": "Environment Values", "type": "object", "additionalProperties": { "type": "object" } }, "secrets": { "title": "Secrets", "type": "object", "additionalProperties": { "$ref": "#/definitions/ConditionalSecretConfig" } }, "environment_secrets": { "title": "Environment Secrets", "type": "object", "additionalProperties": { "type": "object", "additionalProperties": { "$ref": "#/definitions/ConditionalSecretConfig" } } }, "active_environments": { "title": "Active Environments", "type": "array", "items": { "type": "string" } } }, "required": [ "name", "namespace", "chart", "doc_links", "values", "environment_values", "secrets", "environment_secrets", "active_environments" ] }, "IdentityProvider": { "title": "IdentityProvider", "description": "Type of identity provider used by Gafaelfawr.", "enum": [ "CILogon", "GitHub", "OpenID Connect", "None" ] }, "GafaelfawrGitHubTeam": { "title": "GafaelfawrGitHubTeam", "description": "Designates a GitHub team for use as a Gafaelfawr group.", "type": "object", "properties": { "organization": { "title": "Organization", "type": "string" }, "team": { "title": "Team", "type": "string" } }, "required": [ "organization", "team" ] }, "GafaelfawrGitHubGroup": { "title": "GafaelfawrGitHubGroup", "description": "A group based on a GitHub team.", "type": "object", "properties": { "github": { "$ref": "#/definitions/GafaelfawrGitHubTeam" } }, "required": [ "github" ] }, "GafaelfawrScope": { "title": "GafaelfawrScope", "description": "A Gafaelfawr scope and its associated groups.", "type": "object", "properties": { "scope": { "title": "Scope", "type": "string" }, "groups": { "title": "Groups", "type": "array", "items": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/GafaelfawrGitHubGroup" } ] } } }, "required": [ "scope", "groups" ] }, "EnvironmentDetails": { "title": "EnvironmentDetails", "description": "Full details about an environment, including auth and Argo CD.\n\nUsed primarily for documentation generation, which needs details from the\nArgo CD and Gafaelfawr configurations for that environment. Use\n`EnvironmentConfig` instead when only the basic environment configuration\nis needed.", "type": "object", "properties": { "name": { "title": "Name", "type": "string" }, "fqdn": { "title": "Fqdn", "type": "string" }, "onepassword": { "$ref": "#/definitions/OnepasswordConfig" }, "vaultUrl": { "title": "Vaulturl", "type": "string" }, "vaultPathPrefix": { "title": "Vaultpathprefix", "type": "string" }, "applications": { "title": "Applications", "type": "array", "items": { "$ref": "#/definitions/Application" } }, "argocdUrl": { "title": "Argocdurl", "type": "string" }, "argocdRbac": { "title": "Argocdrbac", "type": "array", "items": { "type": "array", "items": { "type": "string" } } }, "identityProvider": { "$ref": "#/definitions/IdentityProvider" }, "gafaelfawrScopes": { "title": "Gafaelfawrscopes", "type": "array", "items": { "$ref": "#/definitions/GafaelfawrScope" } } }, "required": [ "name", "fqdn", "vaultUrl", "vaultPathPrefix", "applications", "argocdRbac", "identityProvider", "gafaelfawrScopes" ] } } }
- Fields:
-
field applications:
list[Application] [Required]# All Phalanx applications enabled for any environment.
-
field environments:
list[EnvironmentDetails] [Required]# Phalanx environments.