openova

History

e3mrah 25ef20a8e5 feat(catalyst-chart): land Blueprint CRD + fix 5 string-form depends (slice B4, #1095 ) (#1112 ) Realizes the Blueprint CRD per docs/BLUEPRINT-AUTHORING.md §3 and design doc §3.2.4. Promotes the doc-contract (apiVersion catalyst.openova.io) from a YAML-loaded contract to a schema-validated CRD. Schema design: - Two versions served from one inline schema (YAML anchors): v1alpha1 (legacy, served, not storage) and v1 (canonical, served, storage). The shared schema means the 38 existing v1alpha1 files in platform/ + products/ continue to validate; migration to v1 is a follow-up slice. - Required at this layer: spec.version (strict semver pattern), spec.card.title (minLength=1). - Card variants accommodated as documented: summary \| description \| tagline interchangeable; category \| family interchangeable; docs \| documentation interchangeable. All optional except title. - visibility enum: listed \| unlisted \| private. - placementSchema.modes enum: single-region \| active-active \| active- hotstandby — same set Application.spec.placement validates against. - depends[].blueprint pattern accepts both bp-* and bare-name (legacy). - manifests accepts both manifests.chart (legacy short-form) AND manifests.source.{kind,ref} (canonical). Three source kinds: HelmChart, Kustomize, OAM. - rotation[].ttl pattern '^[0-9]+(s\|m\|h\|d)$'. - x-kubernetes-preserve-unknown-fields liberally on configSchema (per- Blueprint JSON Schema is arbitrary by design), card, manifests, owner, observability, outputs, depends[].values, manifests.values, etc. Existing files validation: - Surveyed all blueprint.yaml in platform/ + products/ (59 files). - Card field frequency: title (59), summary (38), description (20+1), category (25), family (20), docs (20), documentation (14+1), icon (25), tags (14), license (14). - 54 of 59 files passed the schema unchanged. - 5 files used `depends: [- bp-name]` (string form) instead of the canonical `[- blueprint: bp-name]` object form per BLUEPRINT-AUTHORING §3. Those 5 files are fixed in this commit: * platform/cert-manager-powerdns-webhook/blueprint.yaml * platform/cert-manager-dynadot-webhook/blueprint.yaml * platform/crossplane-claims/blueprint.yaml * platform/powerdns/blueprint.yaml * platform/self-sovereign-cutover/blueprint.yaml - After fix: ALL 59 files pass server-side validation (kubectl apply --dry-run=server) against the new CRD. Negative validation (tests/blueprint-sample-invalid.yaml): - spec.version "1.3" → semver pattern - spec.card missing → required - spec.card.title missing → required - spec.visibility "secret" → enum listed\|unlisted\|private - spec.placementSchema.modes "round-robin" → enum - spec.depends[0] bare string "bp-bad-string" → must be object - spec.depends[1].blueprint "Foo" → pattern fails (uppercase) - spec.rotation[0].ttl "5 days" → pattern '^[0-9]+(s\|m\|h\|d)$' All 8 seeded vectors rejected. This commit ONLY touches new CRD + test files + the 5 depends fixes — leaves the in-flight router.tsx + rootBeforeLoad.test.ts work from a parallel agent and the .claude/worktrees/ directory untouched. Refs: #1094, #1095, docs/EPICS-1-6-unified-design.md §3.2.4, docs/BLUEPRINT-AUTHORING.md §3 Co-authored-by: hatiyildiz <hatiyildiz@noreply.openova.io> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-08 22:25:08 +04:00
..
chart	fix(bp-powerdns): zone-bootstrap Job needs /tmp emptyDir (curl -o + readOnlyRootFS) (#843 )	2026-05-05 00:28:44 +04:00
blueprint.yaml	feat(catalyst-chart): land Blueprint CRD + fix 5 string-form depends (slice B4, #1095 ) (#1112 )	2026-05-08 22:25:08 +04:00

feat(catalyst-chart): land Blueprint CRD + fix 5 string-form depends (slice B4, #1095 ) (#1112 )

Realizes the Blueprint CRD per docs/BLUEPRINT-AUTHORING.md §3 and design
doc §3.2.4. Promotes the doc-contract (apiVersion catalyst.openova.io)
from a YAML-loaded contract to a schema-validated CRD.

Schema design:
- Two versions served from one inline schema (YAML anchors): v1alpha1
  (legacy, served, not storage) and v1 (canonical, served, storage). The
  shared schema means the 38 existing v1alpha1 files in platform/ +
  products/ continue to validate; migration to v1 is a follow-up slice.
- Required at this layer: spec.version (strict semver pattern),
  spec.card.title (minLength=1).
- Card variants accommodated as documented: summary | description |
  tagline interchangeable; category | family interchangeable; docs |
  documentation interchangeable. All optional except title.
- visibility enum: listed | unlisted | private.
- placementSchema.modes enum: single-region | active-active | active-
  hotstandby — same set Application.spec.placement validates against.
- depends[].blueprint pattern accepts both bp-* and bare-name (legacy).
- manifests accepts both manifests.chart (legacy short-form) AND
  manifests.source.{kind,ref} (canonical). Three source kinds: HelmChart,
  Kustomize, OAM.
- rotation[].ttl pattern '^[0-9]+(s|m|h|d)$'.
- x-kubernetes-preserve-unknown-fields liberally on configSchema (per-
  Blueprint JSON Schema is arbitrary by design), card, manifests, owner,
  observability, outputs, depends[].values, manifests.values, etc.

Existing files validation:
- Surveyed all blueprint.yaml in platform/ + products/ (59 files).
- Card field frequency: title (59), summary (38), description (20+1),
  category (25), family (20), docs (20), documentation (14+1), icon (25),
  tags (14), license (14).
- 54 of 59 files passed the schema unchanged.
- 5 files used `depends: [- bp-name]` (string form) instead of the
  canonical `[- blueprint: bp-name]` object form per BLUEPRINT-AUTHORING
  §3. Those 5 files are fixed in this commit:
    * platform/cert-manager-powerdns-webhook/blueprint.yaml
    * platform/cert-manager-dynadot-webhook/blueprint.yaml
    * platform/crossplane-claims/blueprint.yaml
    * platform/powerdns/blueprint.yaml
    * platform/self-sovereign-cutover/blueprint.yaml
- After fix: ALL 59 files pass server-side validation (kubectl apply
  --dry-run=server) against the new CRD.

Negative validation (tests/blueprint-sample-invalid.yaml):
- spec.version "1.3" → semver pattern
- spec.card missing → required
- spec.card.title missing → required
- spec.visibility "secret" → enum listed|unlisted|private
- spec.placementSchema.modes "round-robin" → enum
- spec.depends[0] bare string "bp-bad-string" → must be object
- spec.depends[1].blueprint "Foo" → pattern fails (uppercase)
- spec.rotation[0].ttl "5 days" → pattern '^[0-9]+(s|m|h|d)$'
All 8 seeded vectors rejected.

This commit ONLY touches new CRD + test files + the 5 depends fixes —
leaves the in-flight router.tsx + rootBeforeLoad.test.ts work from a
parallel agent and the .claude/worktrees/ directory untouched.

Refs: #1094, #1095, docs/EPICS-1-6-unified-design.md §3.2.4,
docs/BLUEPRINT-AUTHORING.md §3

Co-authored-by: hatiyildiz <hatiyildiz@noreply.openova.io>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-08 22:25:08 +04:00

chart

fix(bp-powerdns): zone-bootstrap Job needs /tmp emptyDir (curl -o + readOnlyRootFS) (#843 )

2026-05-05 00:28:44 +04:00

blueprint.yaml

feat(catalyst-chart): land Blueprint CRD + fix 5 string-form depends (slice B4, #1095 ) (#1112 )

2026-05-08 22:25:08 +04:00