EnvironmentConfig

pydantic model phalanx.models.environments.EnvironmentConfig

Configuration for a Phalanx environment.

This is a model for the values-environment.yaml files for each environment and is also used to validate those files. For the complete configuration for an environment, initialize this model with the merger of values.yaml and values-environment.yaml.

Fields listed here are not available to application linting. If the field value has to be injected during linting, the field needs to be defined in EnvironmentBaseConfig instead.

Parameters:

data (Any)

Show JSON schema
{
   "title": "EnvironmentConfig",
   "description": "Configuration for a Phalanx environment.\n\nThis is a model for the :file:`values-{environment}.yaml` files for each\nenvironment and is also used to validate those files. For the complete\nconfiguration for an environment, initialize this model with the merger of\n:file:`values.yaml` and :file:`values-{environment}.yaml`.\n\nFields listed here are not available to application linting. If the field\nvalue has to be injected during linting, the field needs to be defined in\n`EnvironmentBaseConfig` instead.",
   "type": "object",
   "properties": {
      "name": {
         "description": "Name of the environment",
         "title": "Name",
         "type": "string"
      },
      "fqdn": {
         "description": "Fully-qualified domain name on which the environment listens",
         "title": "Domain name",
         "type": "string"
      },
      "appOfAppsName": {
         "anyOf": [
            {
               "type": "string"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Name of the parent Argo CD app-of-apps that manages all of the enabled applications. This is required in the merged values file that includes environment overrides, but the environment override file doesn't need to set it, so it's marked as optional for schema checking purposes to allow the override file to be schema-checked independently.",
         "title": "Argo CD app-of-apps name"
      },
      "butlerRepositoryIndex": {
         "anyOf": [
            {
               "type": "string"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "URL to Butler repository index",
         "title": "Butler repository index URL"
      },
      "butlerServerRepositories": {
         "anyOf": [
            {
               "additionalProperties": {
                  "format": "uri",
                  "minLength": 1,
                  "type": "string"
               },
               "type": "object"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "A mapping from label to repository URI for Butler repositoriesserved by Butler server in this environment.",
         "title": "Butler repositories accessible via Butler server"
      },
      "gcp": {
         "anyOf": [
            {
               "$ref": "#/$defs/GCPMetadata"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "If this environment is hosted on Google Cloud Platform, metadata about the hosting project, location, and other details. Used to generate additional environment documentation.",
         "title": "GCP hosting metadata"
      },
      "namespaceLabels": {
         "anyOf": [
            {
               "additionalProperties": {
                  "additionalProperties": {
                     "type": "string"
                  },
                  "type": "object"
               },
               "type": "object"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "A mapping of application name to a set of labels that are included in the namespace.",
         "title": "Labels for application namespaces"
      },
      "onepassword": {
         "anyOf": [
            {
               "$ref": "#/$defs/OnepasswordConfig"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Configuration for using 1Password as a static secrets source",
         "title": "1Password configuration"
      },
      "vaultUrl": {
         "anyOf": [
            {
               "format": "uri",
               "minLength": 1,
               "type": "string"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "URL of the Vault server. This is required in the merged values file that includes environment overrides, but the environment override file doesn't need to set it, so it's marked as optional for schema checking purposes to allow the override file to be schema-checked independently.",
         "title": "Vault server URL"
      },
      "vaultPathPrefix": {
         "description": "Prefix of Vault paths, including the KV v2 mount point",
         "title": "Vault path prefix",
         "type": "string"
      },
      "controlSystem": {
         "anyOf": [
            {
               "$ref": "#/$defs/ControlSystemConfig"
            },
            {
               "type": "null"
            }
         ],
         "default": null
      },
      "applications": {
         "additionalProperties": {
            "type": "boolean"
         },
         "description": "List of applications and whether they are enabled",
         "title": "Enabled applications",
         "type": "object"
      },
      "repoUrl": {
         "anyOf": [
            {
               "type": "string"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "URL of the Git repository holding Argo CD configuration. This is required in the merged values file that includes environment overrides, but the environment override file doesn't need to set it, so it's marked as optional for schema checking purposes to allow the override file to be schema-checked independently.",
         "title": "URL of Git repository"
      },
      "targetRevision": {
         "anyOf": [
            {
               "type": "string"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Branch of the Git repository holding Argo CD configuration. This is required in the merged values file that includes environment overrides, but the environment override file doesn't need to set it, so it's marked as optional for schema checking purposes to allow the override file to be schema-checked independently.",
         "title": "Git repository branch"
      }
   },
   "$defs": {
      "ControlSystemConfig": {
         "description": "Configuration for the Control System.",
         "properties": {
            "appNamespace": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Set the namespace for the control system components. Each control system application consists of many components that need to know what namespace to which they belong.",
               "title": "Application Namespace"
            },
            "imageTag": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "The image tag to use for control system images.",
               "title": "Image Tag"
            },
            "siteTag": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "The tag that tells the control system component where it is running.",
               "title": "Site Tag"
            },
            "topicName": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "The Kafka identifier for control system topics.",
               "title": "Topic Identifier"
            },
            "kafkaBrokerAddress": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "The Kafka broker address for the control system components.",
               "title": "Kafka Broker Address"
            },
            "kafkaTopicReplicationFactor": {
               "anyOf": [
                  {
                     "type": "integer"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "The Kafka topic replication factor for control system components.",
               "title": "Kafka Topic Replication Factor"
            },
            "schemaRegistryUrl": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "The Schema Registry URL for the control system components.",
               "title": "Schema Registry URL"
            },
            "s3EndpointUrl": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "The S3 URL for the environment specific LFA.",
               "title": "S3 Endpoint URL"
            }
         },
         "title": "ControlSystemConfig",
         "type": "object"
      },
      "GCPMetadata": {
         "description": "Google Cloud Platform hosting metadata.\n\nHolds information about where in Google Cloud Platform this Phalanx\nenvironment is hosted. This supports generating documentation that\nincludes this metadata, making it easier for administrators to know what\noptions to pass to :command:`gcloud` to do things such as get Kubernetes\ncredentials.",
         "properties": {
            "projectId": {
               "description": "Project ID of GCP project hosting this environment",
               "title": "GCP project ID",
               "type": "string"
            },
            "region": {
               "description": "GCP region in which this environment is hosted",
               "title": "GCP region",
               "type": "string"
            },
            "clusterName": {
               "description": "Name of the GKE cluster hosting this environment",
               "title": "Kubernetes cluster name",
               "type": "string"
            }
         },
         "required": [
            "projectId",
            "region",
            "clusterName"
         ],
         "title": "GCPMetadata",
         "type": "object"
      },
      "OnepasswordConfig": {
         "description": "Configuration for 1Password static secrets source.",
         "properties": {
            "connectUrl": {
               "description": "URL to the 1Password Connect API server",
               "format": "uri",
               "minLength": 1,
               "title": "1Password Connect URL",
               "type": "string"
            },
            "vaultTitle": {
               "description": "Title of the 1Password vault from which to retrieve secrets",
               "title": "1Password vault title",
               "type": "string"
            }
         },
         "required": [
            "connectUrl",
            "vaultTitle"
         ],
         "title": "OnepasswordConfig",
         "type": "object"
      }
   },
   "$id": "https://phalanx.lsst.io/schemas/environment.json",
   "additionalProperties": false,
   "required": [
      "name",
      "fqdn",
      "vaultPathPrefix",
      "applications"
   ]
}

Config:
  • alias_generator: function = <function to_camel_case at 0x7fe1b2e91b20>

  • populate_by_name: bool = True

  • extra: str = forbid

Fields:
Validators:
field app_of_apps_name: str | None = None (alias 'appOfAppsName')

Name of the parent Argo CD app-of-apps that manages all of the enabled applications. This is required in the merged values file that includes environment overrides, but the environment override file doesn’t need to set it, so it’s marked as optional for schema checking purposes to allow the override file to be schema-checked independently.

field applications: dict[str, bool] [Required]

List of applications and whether they are enabled

field butler_repository_index: str | None = None (alias 'butlerRepositoryIndex')

URL to Butler repository index

field butler_server_repositories: dict[str, AnyUrl] | None = None (alias 'butlerServerRepositories')

A mapping from label to repository URI for Butler repositoriesserved by Butler server in this environment.

field control_system: ControlSystemConfig | None = None (alias 'controlSystem')
field fqdn: str [Required]

Fully-qualified domain name on which the environment listens

field gcp: GCPMetadata | None = None

If this environment is hosted on Google Cloud Platform, metadata about the hosting project, location, and other details. Used to generate additional environment documentation.

field name: str [Required]

Name of the environment

field namespace_labels: dict[str, dict[str, str]] | None = None (alias 'namespaceLabels')

A mapping of application name to a set of labels that are included in the namespace.

field onepassword: OnepasswordConfig | None = None

Configuration for using 1Password as a static secrets source

Validated by:
  • _validate_onepassword

field repo_url: str | None = None (alias 'repoUrl')

URL of the Git repository holding Argo CD configuration. This is required in the merged values file that includes environment overrides, but the environment override file doesn’t need to set it, so it’s marked as optional for schema checking purposes to allow the override file to be schema-checked independently.

field target_revision: str | None = None (alias 'targetRevision')

Branch of the Git repository holding Argo CD configuration. This is required in the merged values file that includes environment overrides, but the environment override file doesn’t need to set it, so it’s marked as optional for schema checking purposes to allow the override file to be schema-checked independently.

field vault_path_prefix: str [Required] (alias 'vaultPathPrefix')

Prefix of Vault paths, including the KV v2 mount point

field vault_url: AnyHttpUrl | None = None (alias 'vaultUrl')

URL of the Vault server. This is required in the merged values file that includes environment overrides, but the environment override file doesn’t need to set it, so it’s marked as optional for schema checking purposes to allow the override file to be schema-checked independently.

property enabled_applications: list[str]

Names of all applications enabled for this environment.

property vault_path: str

Vault path without the initial Kv2 mount point.

property vault_read_approle: str

Name of the Vault read AppRole for this environment.

property vault_read_policy: str

Name of the Vault read policy for this environment.

property vault_write_policy: str

Name of the Vault write policy for this environment.

property vault_write_token: str

Display name of the Vault write token for this environment.

Unlike AppRole names, this could include a slash, but use the same base name as the AppRole for consistency and simplicity. Vault always prepends token-, which we strip off when creating the token.