feat(gitops): config-as-code via .tinyforge.yml for repo-backed workloads
A dockerfile or static workload can opt in to reading its deploy config from a
.tinyforge.yml in its own repo. Tinyforge fetches the file, shows field-level
drift vs the live config, and an admin applies it with an explicit Sync. The
repo becomes the source of truth for the declared fields. Manual-sync only;
no auto-apply on deploy, no multi-workload reconcile, no create/delete in v1.
Scope is deliberately source-aware and source_config-resident: dockerfile
declares port/healthcheck/deploy_strategy, static declares deploy_strategy.
The file never carries repo coords or secrets (those stay in the encrypted
DB), which keeps credentials out of the repo.
Backend:
- internal/gitops: Spec/ParseSpec (KnownFields rejects unknown keys), a
source-aware ApplyPlan/BuildPlan, MergeAndValidate (omitted-field-preserving
deep merge + validate-the-merged-result-then-commit — never a partial
config), declared-only Drift with normalization, and Fetch with
ok/no_file/fetch_failed/invalid statuses and token-redacted messages.
- staticsite: DownloadFile added to GitProvider + Gitea/GitHub/GitLab impls,
reusing each provider's SSRF-safe client; 64 KiB cap; ErrFileNotFound.
- store: 4 additive gitops_* columns + setters (disjoint from UpdateWorkload
so the edit-form save and a sync never clobber each other).
- api: GET /workloads/{id}/gitops (status + raw + live drift + managed_fields),
PUT /gitops (admin, enable/path, traversal-safe), POST /gitops/sync (admin,
per-workload locked read->merge->validate->write, audited to event_log).
Frontend:
- GitOpsPanel.svelte: status pill, a purpose-built field-level drift view,
.tinyforge.yml preview, enable ToggleSwitch, Sync via ConfirmDialog; all five
statuses handled, admin affordances gated on the real viewer role.
- GitOps-managed badge (list + detail hero) and a read-only edit-form banner.
- api.ts fetchers + types; i18n apps.detail.gitops.* (en + ru parity).
Built phase-by-phase with an adversarial plan review (caught 5 design flaws
pre-implementation) and an independent review per phase (go / security / ts /
final) — all APPROVE, 0 CRITICAL/HIGH. docs/gitops.md documents the schema and
what's intentionally out of v1. Plan: plans/gitops/.
This commit is contained in:
@@ -976,6 +976,52 @@ export function rollbackWorkload(
|
||||
return post(`/api/workloads/${id}/rollback`, { deploy_id: deployId });
|
||||
}
|
||||
|
||||
// ── GitOps (config-as-code) ─────────────────────────────────────────
|
||||
// One rich payload per workload folds the file preview, parsed status, and
|
||||
// field-level drift into a single GET so the panel makes one call. The shape
|
||||
// mirrors the Go `gitOpsStatusResponse` (snake_case is preserved end-to-end,
|
||||
// matching the rest of this file). Drift entries list only the declared
|
||||
// fields that DIFFER from live; `managed_fields` lists every key the file
|
||||
// declares (the read-only gate keys on these).
|
||||
export interface GitOpsDriftEntry {
|
||||
field: string;
|
||||
repo_value: string;
|
||||
live_value: string;
|
||||
}
|
||||
|
||||
export type GitOpsStatusKind = 'disabled' | 'ok' | 'no_file' | 'fetch_failed' | 'invalid';
|
||||
|
||||
export interface GitOpsStatus {
|
||||
eligible: boolean;
|
||||
enabled: boolean;
|
||||
path: string;
|
||||
status: GitOpsStatusKind;
|
||||
raw: string;
|
||||
message: string;
|
||||
commit_sha: string;
|
||||
last_sync_at: string;
|
||||
drift: GitOpsDriftEntry[];
|
||||
drift_count: number;
|
||||
managed_fields: string[];
|
||||
}
|
||||
|
||||
export function fetchWorkloadGitOps(id: string, signal?: AbortSignal): Promise<GitOpsStatus> {
|
||||
return get<GitOpsStatus>(`/api/workloads/${id}/gitops`, signal);
|
||||
}
|
||||
|
||||
export function setWorkloadGitOps(
|
||||
id: string,
|
||||
body: { enabled: boolean; path: string }
|
||||
): Promise<{ enabled: boolean; path: string }> {
|
||||
return put<{ enabled: boolean; path: string }>(`/api/workloads/${id}/gitops`, body);
|
||||
}
|
||||
|
||||
export function syncWorkloadGitOps(
|
||||
id: string
|
||||
): Promise<{ status: string; commit_sha: string; applied_fields: string[]; triggered_by: string }> {
|
||||
return post(`/api/workloads/${id}/gitops/sync`);
|
||||
}
|
||||
|
||||
// ── Per-workload metrics history ────────────────────────────────────
|
||||
// CPU% and memory (bytes) summed across the workload's containers, one
|
||||
// point per sampled timestamp. Empty when stats collection is off / Docker
|
||||
|
||||
Reference in New Issue
Block a user