generated from coulomb/repo-seed
Establish Railiance Fabric graph model
This commit is contained in:
20
fabric/interfaces/artifact-store-object-storage-bucket.yaml
Normal file
20
fabric/interfaces/artifact-store-object-storage-bucket.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: artifact-store.object-storage.bucket
|
||||
name: artifact-store object bucket
|
||||
owner: artifact-store
|
||||
repo: artifact-store
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: planned
|
||||
environments: [dev, staging, prod]
|
||||
description: Bucket and object layout contract for artifact storage.
|
||||
interface_type: object-storage-bucket
|
||||
version: v1
|
||||
service_id: artifact-store.storage-service
|
||||
capability_ids:
|
||||
- artifact-store.object-storage
|
||||
auth:
|
||||
method: sts_token
|
||||
data_classification: confidential
|
||||
20
fabric/interfaces/artifact-store-object-storage-sts.yaml
Normal file
20
fabric/interfaces/artifact-store-object-storage-sts.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: artifact-store.object-storage.sts
|
||||
name: artifact-store STS credential endpoint
|
||||
owner: artifact-store
|
||||
repo: artifact-store
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: planned
|
||||
environments: [dev, staging, prod]
|
||||
description: Temporary scoped credential vending interface for object storage.
|
||||
interface_type: sts-token
|
||||
version: v1
|
||||
service_id: artifact-store.storage-service
|
||||
capability_ids:
|
||||
- artifact-store.object-storage.credentials
|
||||
auth:
|
||||
method: oidc
|
||||
data_classification: secret
|
||||
20
fabric/interfaces/flex-auth-api-http-api.yaml
Normal file
20
fabric/interfaces/flex-auth-api-http-api.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: flex-auth.api.http-api
|
||||
name: flex-auth decision HTTP API
|
||||
owner: flex-auth
|
||||
repo: flex-auth
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: HTTP API for authorization decision requests.
|
||||
interface_type: http-api
|
||||
version: v1
|
||||
service_id: flex-auth.api
|
||||
capability_ids:
|
||||
- flex-auth.api.authorization-decisions
|
||||
auth:
|
||||
method: oidc
|
||||
data_classification: restricted
|
||||
20
fabric/interfaces/flex-auth-api-policy-package.yaml
Normal file
20
fabric/interfaces/flex-auth-api-policy-package.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: flex-auth.api.policy-package
|
||||
name: flex-auth policy package
|
||||
owner: flex-auth
|
||||
repo: flex-auth
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: Versioned authorization policy package consumed by PDP runtimes.
|
||||
interface_type: policy-package
|
||||
version: v1
|
||||
service_id: flex-auth.api
|
||||
capability_ids:
|
||||
- flex-auth.api.authorization-decisions
|
||||
auth:
|
||||
method: oidc
|
||||
data_classification: restricted
|
||||
20
fabric/interfaces/flex-auth-topaz-http-api.yaml
Normal file
20
fabric/interfaces/flex-auth-topaz-http-api.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: flex-auth.topaz.http-api
|
||||
name: Topaz decision HTTP API
|
||||
owner: flex-auth
|
||||
repo: flex-auth
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: HTTP interface for delegated Topaz authorization decisions.
|
||||
interface_type: http-api
|
||||
version: v1
|
||||
service_id: flex-auth.topaz
|
||||
capability_ids:
|
||||
- flex-auth.topaz.authorization-runtime
|
||||
auth:
|
||||
method: oidc
|
||||
data_classification: restricted
|
||||
20
fabric/interfaces/key-cape-iam-profile-http-api.yaml
Normal file
20
fabric/interfaces/key-cape-iam-profile-http-api.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: key-cape.iam-profile.http-api
|
||||
name: key-cape IAM Profile HTTP API
|
||||
owner: key-cape
|
||||
repo: key-cape
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: HTTP API for IAM Profile lookup and claim serving.
|
||||
interface_type: http-api
|
||||
version: v1
|
||||
service_id: key-cape.iam-profile
|
||||
capability_ids:
|
||||
- key-cape.iam-profile.issuer
|
||||
auth:
|
||||
method: oidc
|
||||
data_classification: restricted
|
||||
20
fabric/interfaces/key-cape-iam-profile-oidc-discovery.yaml
Normal file
20
fabric/interfaces/key-cape-iam-profile-oidc-discovery.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: key-cape.iam-profile.oidc-discovery
|
||||
name: key-cape OIDC discovery
|
||||
owner: key-cape
|
||||
repo: key-cape
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: OIDC discovery metadata for IAM Profile claims.
|
||||
interface_type: oidc-discovery
|
||||
version: v1
|
||||
service_id: key-cape.iam-profile
|
||||
capability_ids:
|
||||
- key-cape.iam-profile.issuer
|
||||
auth:
|
||||
method: none
|
||||
data_classification: public
|
||||
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: net-kingdom.iam-profile.oidc-discovery
|
||||
name: NetKingdom IAM Profile discovery
|
||||
owner: net-kingdom
|
||||
repo: net-kingdom
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [all]
|
||||
description: OIDC discovery contract for IAM Profile identity architecture.
|
||||
interface_type: oidc-discovery
|
||||
version: v1
|
||||
service_id: net-kingdom.iam-profile
|
||||
capability_ids:
|
||||
- net-kingdom.iam-profile.issuer
|
||||
auth:
|
||||
method: none
|
||||
data_classification: public
|
||||
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: railiance-platform.cnpg.database-connection
|
||||
name: CloudNativePG database connection
|
||||
owner: railiance-platform
|
||||
repo: railiance-platform
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: PostgreSQL network endpoint and credential contract.
|
||||
interface_type: database-connection
|
||||
version: "16"
|
||||
service_id: railiance-platform.cnpg
|
||||
capability_ids:
|
||||
- railiance-platform.cnpg.postgresql
|
||||
auth:
|
||||
method: database_role
|
||||
data_classification: confidential
|
||||
@@ -0,0 +1,21 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: railiance-platform.openbao.database-roles
|
||||
name: OpenBao database dynamic credential roles
|
||||
owner: railiance-platform
|
||||
repo: railiance-platform
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: Dynamic credential role interface for database access.
|
||||
interface_type: openbao-dynamic-credential-role
|
||||
version: v1
|
||||
service_id: railiance-platform.openbao
|
||||
endpoint:
|
||||
path: database/creds
|
||||
auth:
|
||||
method: kubernetes_service_account
|
||||
audience: openbao
|
||||
data_classification: secret
|
||||
23
fabric/interfaces/railiance-platform-openbao-kv-v2.yaml
Normal file
23
fabric/interfaces/railiance-platform-openbao-kv-v2.yaml
Normal file
@@ -0,0 +1,23 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: railiance-platform.openbao.kv-v2
|
||||
name: OpenBao KV v2 mount
|
||||
owner: railiance-platform
|
||||
repo: railiance-platform
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: KV v2 secret mount for approved Railiance workload secrets.
|
||||
interface_type: openbao-kv-v2-mount
|
||||
version: v1
|
||||
service_id: railiance-platform.openbao
|
||||
capability_ids:
|
||||
- railiance-platform.openbao.runtime-secrets
|
||||
endpoint:
|
||||
path: secret/data/railiance
|
||||
auth:
|
||||
method: kubernetes_service_account
|
||||
audience: openbao
|
||||
data_classification: secret
|
||||
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: railiance-platform.valkey.database-connection
|
||||
name: Valkey Redis-compatible connection
|
||||
owner: railiance-platform
|
||||
repo: railiance-platform
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev, staging, prod]
|
||||
description: Redis protocol compatible cache endpoint and credential contract.
|
||||
interface_type: database-connection
|
||||
version: v1
|
||||
service_id: railiance-platform.valkey
|
||||
capability_ids:
|
||||
- railiance-platform.valkey.cache
|
||||
auth:
|
||||
method: static_secret
|
||||
data_classification: internal
|
||||
20
fabric/interfaces/repo-scoping-scope-generator-cli.yaml
Normal file
20
fabric/interfaces/repo-scoping-scope-generator-cli.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: repo-scoping.scope-generator.cli
|
||||
name: repo-scoping CLI
|
||||
owner: repo-scoping
|
||||
repo: repo-scoping
|
||||
domain: custodian
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [all]
|
||||
description: CLI interface for producing scope descriptions.
|
||||
interface_type: cli
|
||||
version: v1
|
||||
service_id: repo-scoping.scope-generator
|
||||
capability_ids:
|
||||
- repo-scoping.scope-generation
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
20
fabric/interfaces/the-custodian-state-hub-http-api.yaml
Normal file
20
fabric/interfaces/the-custodian-state-hub-http-api.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: the-custodian.state-hub.http-api
|
||||
name: State Hub HTTP API
|
||||
owner: the-custodian
|
||||
repo: the-custodian
|
||||
domain: custodian
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [all]
|
||||
description: HTTP API for coordination state and progress tracking.
|
||||
interface_type: http-api
|
||||
version: v1
|
||||
service_id: the-custodian.state-hub
|
||||
capability_ids:
|
||||
- the-custodian.state-hub.coordination
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
Reference in New Issue
Block a user