b8a75962a8
OpenovaFlow's FlowNode is deliberately domain-agnostic — Phase 0/1/2/3
+ multi-region structure are conveyed via synthetic group nodes,
contains relationships, and adapter-supplied meta.layout hints (same
primitives a Temporal/Argo/Airflow adapter would use for their own
concepts). Catalyst-specific knowledge stays in the adapter.
What this PR ships
==================
products/openova-flow/adapter-flux:
- mapper.go: phase-suffix constants, BuildPhaseNodes, BuildPhaseEdges,
derivePhase (slot-label / component-label driven, no hardcoded
HR-name → phase table). BuildFromHR now returns two `contains` rels
per leaf (region row + phase column). BuildRegionNode carries
meta.layout=lane-vertical + isGroup.
- rollup.go (new): StatusTracker + RollupStatus (worst-of:
failed > running > pending > succeeded). Mirrors the same worst-of
rollup the catalyst-api status-projection uses for the Sovereign
Console progress widget.
- hr_informer.go: bootstrap emits region + 4 phase nodes + 3 FS edges
per region; HR upserts/deletes update the StatusTracker and re-emit
affected synthetic parents with fresh rolled-up status.
- test/mapper_synthetic_test.go (new): 9 cases — phase nodes,
phase edges, slot/component/name-fallback derivation, 43-mock-HR
acceptance, region-scoped IDs, default region fallback.
- test/rollup_test.go (new): 9 cases — rollup palette, tracker
lifecycle, per-group isolation.
- test/mapper_test.go: updated existing assertions for the new
contains-edge count (2 per HR, was 1).
clusters/_template/bootstrap-kit/*.yaml (45 HRs):
- Added catalyst.openova.io/slot=<NN> label per HR (chart-level slot
surface so the adapter doesn't hardcode HR-name → phase). Mirrors
the existing catalyst.openova.io/component label pattern in
platform/external-secrets-stores/chart/templates/*.yaml +
platform/openclaw/chart/templates/*.yaml.
- 06a-bp-self-sovereign-cutover.yaml + 13-bp-catalyst-platform.yaml
also get catalyst.openova.io/component={cutover,catalyst-platform}
so their phase derivation is explicit, not name-fallback.
Canonical patterns cited
========================
1. catalyst.openova.io/component label on platform/* charts
(platform/external-secrets-stores, platform/openclaw) — same label
vocabulary, extended with slot.
2. worst-of-children rollup matches the existing catalyst-api
status-projection pattern (Sovereign Console progress widget).
Tests
=====
go test ./test/... → 31 PASS, 0 FAIL.
go vet ./... → clean.
Definition of Done (after Build & Deploy + emitter reconcile)
=============================================================
GET /sovereign/api/v1/flows/<deploymentId>/snapshot returns:
- N region root nodes (1 per adapter sidecar)
- 4 phase nodes per region (8 total for 2-region prov)
- N HR nodes per region with TWO `contains` edges each
- 3 phase-FS edges per region
Co-authored-by: hatiyildiz <269457768+hatiyildiz@users.noreply.github.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
69 lines
1.8 KiB
YAML
69 lines
1.8 KiB
YAML
# bp-reflector — Catalyst bootstrap-kit Blueprint (slot 05a).
|
|
# Installs emberstack/reflector — the canonical Kubernetes secret/configmap
|
|
# mirror controller. By annotating flux-system/ghcr-pull with reflector
|
|
# auto-enable, the pull secret propagates to every namespace automatically,
|
|
# eliminating the ImagePullBackOff surface caused by cross-namespace secret
|
|
# propagation gaps (issue #543).
|
|
#
|
|
# Slot ordering: after sealed-secrets (05), before spire (06).
|
|
# dependsOn bp-cert-manager (02) — cert-manager CRDs must exist first.
|
|
#
|
|
# Wrapper chart: platform/reflector/chart/
|
|
# Upstream: emberstack/reflector ~7.x
|
|
# Reconciled by: Flux on the new Sovereign's k3s control plane.
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: reflector
|
|
labels:
|
|
catalyst.openova.io/sovereign: ${SOVEREIGN_FQDN}
|
|
---
|
|
apiVersion: source.toolkit.fluxcd.io/v1beta2
|
|
kind: HelmRepository
|
|
metadata:
|
|
name: bp-reflector
|
|
namespace: flux-system
|
|
spec:
|
|
type: oci
|
|
interval: 15m
|
|
url: oci://ghcr.io/openova-io
|
|
secretRef:
|
|
name: ghcr-pull
|
|
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: bp-reflector
|
|
namespace: flux-system
|
|
labels:
|
|
catalyst.openova.io/slot: "05a"
|
|
spec:
|
|
interval: 15m
|
|
releaseName: reflector
|
|
targetNamespace: reflector
|
|
dependsOn:
|
|
- name: bp-cert-manager
|
|
chart:
|
|
spec:
|
|
chart: bp-reflector
|
|
version: 1.0.0
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: bp-reflector
|
|
namespace: flux-system
|
|
# Event-driven install: single-replica controller; install completes
|
|
# when manifests apply. disableWait per architecture convention —
|
|
# replaces blanket spec.timeout band-aid.
|
|
install:
|
|
timeout: 15m
|
|
disableWait: true
|
|
remediation:
|
|
retries: 3
|
|
upgrade:
|
|
timeout: 15m
|
|
disableWait: true
|
|
remediation:
|
|
retries: 3
|