diff --git a/README.md b/README.md index 16fe5f1..0e46f94 100644 --- a/README.md +++ b/README.md @@ -66,17 +66,18 @@ The bundles are required to run the validation and to start the server. mkdir -p $BUNDLES_DIR docker run --rm \ -v $SCHEMAS_DIR:/schemas:z \ + -v $GRAPHQL_SCHEMA_DIR:/graphql:z \ -v $DATA_DIR:/data:z \ -v $RESOURCES_DIR:/resources:z \ quay.io/app-sre/qontract-validator:latest \ - qontract-bundler /schemas /data /resources > $BUNDLES_DIR/bundle.json + qontract-bundler /schemas /graphql/schema.yml /data /resources > $BUNDLES_DIR/bundle.json ``` -* `SCHEMAS_DIR` - `assets/schemas/` dir in the `qontract-server` git repository - * in the future it will be removed from this repository -* `DATA_DIR` - `/data` dir in the `app-interface` git repository -* `RESOURCES_DIR` - `/resources` dir in the `app-interface` git repository -* `$BUNDLES_DIR` - a directory that will contain the created `bundle.json` file +* `SCHEMAS_DIR` - dir that contains the JSON schemas (this is not used by this server). +* `GRAPHQL_SCHEMA_DIR` - dir that contains the file `schema.yml` representing the GraphQL schema. +* `DATA_DIR` - dir that contains the datafiles. +* `RESOURCES_DIR` - dir that contains the resources. +* `$BUNDLES_DIR` - a directory that will contain the created `bundle.json` file. ## Validating the bundle diff --git a/assets/schema.yml b/assets/schema.yml deleted file mode 100644 index b526c6d..0000000 --- a/assets/schema.yml +++ /dev/null @@ -1,407 +0,0 @@ -- name: VaultAuditOptions - version: '1' - isInterface: true - interfaceResolve: - strategy: fieldMap - field: _type - fieldMap: - file: VaultAuditOptionsFile - fields: - - { name: _type, type: string, isRequired: true } - -- name: VaultAuditOptionsFile - version: '1' - interface: VaultAuditOptions - fields: - - { name: _type, type: string, isRequired: true } - - { name: file_path, type: string, isRequired: true } - - { name: log_raw, type: string, isRequired: true } - - { name: hmac_accessor, type: string, isRequired: true } - - { name: mode, type: string, isRequired: true } - - { name: format, type: string, isRequired: true } - - { name: prefix, type: string, isRequired: true } - -- name: VaultAudit - version: '1' - fields: - - { name: _path, type: string, isRequired: true } - - { name: type, type: string, isRequired: true } - - { name: description, type: string, isRequired: true } - - { name: options, type: VaultAuditOptions, isInterface: true, isRequired: true } - -- name: VaultAuthConfig - version: '1' - isInterface: true - interfaceResolve: - strategy: fieldMap - field: _type - fieldMap: - github: VaultAuthConfigGithub - fields: - - { name: _type, type: string, isRequired: true } - -- name: VaultAuthConfigGithub - version: '1' - interface: VaultAuthConfig - fields: - - { name: _type, type: string, isRequired: true } - - { name: organization, type: string, isRequired: true } - - { name: base_url, type: string, isRequired: true } - - { name: max_ttl, type: string, isRequired: true } - - { name: ttl, type: string, isRequired: true } - -- name: VaultAuthSettings - version: '1' - fields: - - { name: config, type: VaultAuthConfig, isInterface: true, isRequired: true } - -- name: VaultSecretEngineOptions - version: '1' - isInterface: true - interfaceResolve: - strategy: fieldMap - field: _type - fieldMap: - kv: VaultSecretEngineOptionsKV - fields: - - { name: _type, type: string, isRequired: true } - -- name: VaultSecretEngineOptionsKV - version: '1' - interface: VaultSecretEngineOptions - fields: - - { name: _type, type: string, isRequired: true } - - { name: version, type: string, isRequired: true } - -- name: VaultSecretEngine - version: '1' - fields: - - { name: _path, type: string, isRequired: true } - - { name: type, type: string, isRequired: true } - - { name: description, type: string, isRequired: true} - - { name: options, type: VaultSecretEngineOptions, isInterface: true, isRequired: true } - -- name: VaultRoleOptions - version: '1' - isInterface: true - interfaceResolve: - strategy: fieldMap - field: _type - fieldMap: - approle: VaultApproleOptions - fields: - - { name: _type, type: string, isRequired: true } - -- name: VaultApproleOptions - version: '1' - interface: VaultRoleOptions - fields: - - { name: _type, type: string, isRequired: true } - - { name: bind_secret_id, type: string, isRequired: true } - - { name: local_secret_ids, type: string, isRequired: true } - - { name: period, type: string, isRequired: true } - - { name: secret_id_num_uses, type: string, isRequired: true } - - { name: secret_id_ttl, type: string, isRequired: true } - - { name: token_max_ttl, type: string, isRequired: true } - - { name: token_num_uses, type: string, isRequired: true } - - { name: token_ttl, type: string, isRequired: true } - - { name: token_type, type: string, isRequired: true } - - { name: bound_cidr_list, type: string, isList: true, isRequired: true } - - { name: policies, type: string, isList: true, isRequired: true } - - { name: secret_id_bound_cidrs, type: string, isList: true, isRequired: true } - - { name: token_bound_cidrs, type: string, isList: true, isRequired: true } - -- name: VaultRole - version: '1' - fields: - - { name: name, type: string, isRequired: true } - - { name: type, type: string, isRequired: true } - - { name: mount, type: string, isRequired: true } - - { name: options, type: VaultRoleOptions, isInterface: true, isRequired: true } - -- name: VaultPolicy - version: '1' - fields: - - { name: name, type: string, isRequired: true } - - { name: rules, type: string, isRequired: true } - -- name: Resource - version: '1' - fields: - - { name: path, type: string, isRequired: true} - - { name: content, type: string, isRequired: true} - - { name: sha256sum, type: string, isRequired: true} - -- name: VaultSecret - version: '1' - fields: - - { name: path, type: string, isRequired: true } - - { name: field, type: string, isRequired: true } - - { name: format, type: string } - -- name: QuayOrg - version: '1' - fields: - - { name: schema, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: labels, type: json } - - { name: name, type: string, isRequired: true } - - { name: description, type: string, isRequired: true } - - { name: managedTeams, type: string, isList: true, isRequired: true } - - { name: automationToken, type: VaultSecret } - -- name: Cluster - version: '1' - fields: - - { name: schema, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: labels, type: json } - - { name: name, type: string, isRequired: true } - - { name: description, type: string, isRequired: true } - - { name: serverUrl, type: string, isRequired: true } - - { name: automationToken, type: VaultSecret } - -- name: NamespaceOpenshiftResource - version: '1' - isInterface: true - interfaceResolve: - strategy: fieldMap - field: provider - fieldMap: - resource: NamespaceOpenshiftResourceResource - vault-secret: NamespaceOpenshiftResourceVaultSecret - route: NamespaceOpenshiftResourceRoute - fields: - - { name: provider, type: string, isRequired: true } - -- name: NamespaceOpenshiftResourceResource - version: '1' - interface: NamespaceOpenshiftResource - fields: - - { name: provider, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - -- name: NamespaceOpenshiftResourceVaultSecret - version: '1' - interface: NamespaceOpenshiftResource - fields: - - { name: provider, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: version, type: int, isRequired: true } - - { name: name, type: string } - - { name: labels, type: json } - - { name: annotations, type: json } - -- name: NamespaceOpenshiftResourceRoute - version: '1' - interface: NamespaceOpenshiftResource - fields: - - { name: provider, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: vault_tls_secret_path, type: string } - - { name: vault_tls_secret_version, type: int } - -- name: Namespace - version: '1' - fields: - - { name: schema, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: labels, type: json } - - { name: name, type: string, isRequired: true } - - { name: description, type: string, isRequired: true } - - { name: cluster, type: Cluster, isRequired: true } - - { name: managedRoles, type: string, isList: true} - - { name: managedResourceTypes, type: string, isList: true} - - { name: openshiftResources, type: NamespaceOpenshiftResource, isList: true, isInterface: true} - -- name: AppServiceOwner - version: '1' - fields: - - { name: name, type: string, isRequired: true } - - { name: email, type: string, isRequired: true } - -- name: AppPerformanceParameters - version: '1' - fields: - - { name: SLO, type: float, isRequired: true } - - { name: SLA, type: float } - - { name: statusPage, type: string } - -- name: AppDependencies - version: '1' - fields: - - { name: name, type: string, isRequired: true } - - { name: statefulness, type: string, isRequired: true } - - { name: opsModel, type: string, isRequired: true } - - { name: statusPage, type: string } - - { name: SLA, type: float, isRequired: true } - - { name: dependencyFailureImpact, type: string, isRequired: true } - -- name: AppQuayReposItems - version: '1' - fields: - - { name: name, type: string, isRequired: true } - - { name: description, type: string, isRequired: true } - - { name: public, type: boolean, isRequired: true } - -- name: AppQuayRepos - version: '1' - fields: - - { name: org, type: QuayOrg, isRequired: true } - - { name: items, type: AppQuayReposItems, isRequired: true, isList: true } - -- name: AppEscalationsEscalation - version: '1' - fields: - - { name: labels, type: json } - - { name: slackRecipients, type: string, isList: true } - - { name: emailRecipients, type: string, isList: true } - - { name: mattermostRecipients, type: string, isList: true } - -- name: AppEscalations - version: '1' - fields: - - { name: default, type: AppEscalationsEscalation } - - { name: warning, type: AppEscalationsEscalation } - - { name: critical, type: AppEscalationsEscalation } - -- name: App - version: '1' - fields: - - { name: schema, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: labels, type: json } - - { name: title, type: string, isRequired: true } - - { name: serviceDocs, type: string, isList: true } - - { name: serviceOwner, type: AppServiceOwner, isRequired: true } - - { name: dependencies, type: AppDependencies, isList: true } - - { name: quayRepos, type: AppQuayRepos, isList: true } - - { name: escalations, type: AppEscalations, isList: true } - -- name: Permission - version: '1' - isInterface: true - interfaceResolve: - strategy: fieldMap - field: service - fieldMap: - aws-analytics: PermissionAWSAnalytics - github-org: PermissionGithubOrg - github-org-team: PermissionGithubOrgTeam - openshift-rolebinding: PermissionOpenshiftRolebinding - quay-membership: PermissionQuayOrgTeam - fields: - - { name: service, type: string, isRequired: true } - -- name: PermissionAWSAnalytics - version: '1' - interface: Permission - fields: - - { name: service, type: string, isRequired: true } - -- name: PermissionGithubOrg - version: '1' - interface: Permission - fields: - - { name: service, type: string, isRequired: true } - - { name: org, type: string, isRequired: true } - -- name: PermissionGithubOrgTeam - version: '1' - interface: Permission - fields: - - { name: service, type: string, isRequired: true } - - { name: org, type: string, isRequired: true } - - { name: team, type: string, isRequired: true } - -- name: VaultPolicyMapping - version: '1' - fields: - - { name: github_team, type: PermissionGithubOrgTeam, isRequired: true } - - { name: policies, type: VaultPolicy, isList: true, isRequired: true } - -- name: VaultAuth - version: '1' - fields: - - { name: _path, type: string, isRequired: true } - - { name: type, type: string, isRequired: true } - - { name: description, type: string, isRequired: true } - - { name: settings, type: VaultAuthSettings } - - { name: policy_mappings, type: VaultPolicyMapping, isList: true } - -- name: PermissionOpenshiftRolebinding - version: '1' - interface: Permission - fields: - - { name: service, type: string, isRequired: true } - - { name: cluster, type: string, isRequired: true } - - { name: namespace, type: string, isRequired: true } - - { name: role, type: string, isRequired: true } - -- name: PermissionQuayOrgTeam - version: '1' - interface: Permission - fields: - - { name: service, type: string, isRequired: true } - - { name: org, type: string, isRequired: true } - - { name: team, type: string, isRequired: true } - -- name: User - version: '1' - fields: - - { name: schema, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: labels, type: json } - - { name: name, type: string, isRequired: true } - - { name: redhat_username, type: string, isRequired: true } - - { name: github_username, type: string, isRequired: true } - - { name: quay_username, type: string } - -- name: Bot - version: '1' - fields: - - { name: schema, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: labels, type: json } - - { name: name, type: string, isRequired: true } - - { name: github_username, type: string } - - { name: quay_username, type: string } - - { name: owner, type: User } - -- name: Role - version: '1' - datafile: /access/role-1.yml - fields: - - { name: schema, type: string, isRequired: true } - - { name: path, type: string, isRequired: true } - - { name: labels, type: json } - - { name: name, type: string, isRequired: true } - - { name: permissions, type: Permission, isList: true, isInterface: true } - - name: users - type: User - isList: true - synthetic: - schema: /access/user-1.yml - subAttr: roles - - name: bots - type: Bot - isList: true - synthetic: - schema: /access/bot-1.yml - subAttr: roles - -- name: Query - fields: - - { name: users, type: User, isList: true, datafileSchema: /access/user-1.yml } - - { name: bots, type: Bot, isList: true, datafileSchema: /access/bot-1.yml } - - { name: roles, type: Role, isList: true, datafileSchema: /access/role-1.yml } - - { name: clusters, type: Cluster, isList: true, datafileSchema: /openshift/cluster-1.yml } - - { name: namespaces, type: Namespace, isList: true, datafileSchema: /openshift/namespace-1.yml } - - { name: quay_orgs, type: QuayOrg, isList: true, datafileSchema: /dependencies/quay-org-1.yml } - - { name: apps, type: App, isList: true, datafileSchema: /app-sre/app-1.yml } - - { name: resources, type: Resource, isResource: true, isRequired: true, isList: true } - - { name: vault_audit_backends, type: VaultAudit, isList: true, datafileSchema: /vault-config/audit-1.yml } - - { name: vault_auth_backends, type: VaultAuth, isList: true, datafileSchema: /vault-config/auth-1.yml } - - { name: vault_secret_engines, type: VaultSecretEngine, isList: true, datafileSchema: /vault-config/secret-engine-1.yml } - - { name: vault_roles, type: VaultRole, isList: true, datafileSchema: /vault-config/role-1.yml } - - { name: vault_policies, type: VaultPolicy, isList: true, datafileSchema: /vault-config/policy-1.yml } diff --git a/assets/schemas-wip/cloud/aws.yml b/assets/schemas-wip/cloud/aws.yml deleted file mode 100644 index 9559620..0000000 --- a/assets/schemas-wip/cloud/aws.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -"$schema": metaschema.json -version: 0.0.1 -type: object - -properties: - "$schema": - type: string - labels: - "$ref": "common.json#/definitions/labels" diff --git a/assets/schemas-wip/monitoring/alerting.yml b/assets/schemas-wip/monitoring/alerting.yml deleted file mode 100644 index 2eb4de7..0000000 --- a/assets/schemas-wip/monitoring/alerting.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -"$schema": metaschema.json -version: 0.0.1 -type: object - -properties: - "$schema": - type: string - labels: - "$ref": "common.json#/definitions/labels" - diff --git a/assets/schemas-wip/monitoring/dashboard.yml b/assets/schemas-wip/monitoring/dashboard.yml deleted file mode 100644 index 2eb4de7..0000000 --- a/assets/schemas-wip/monitoring/dashboard.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -"$schema": metaschema.json -version: 0.0.1 -type: object - -properties: - "$schema": - type: string - labels: - "$ref": "common.json#/definitions/labels" - diff --git a/assets/schemas-wip/olm/operator.yml b/assets/schemas-wip/olm/operator.yml deleted file mode 100644 index 2eb4de7..0000000 --- a/assets/schemas-wip/olm/operator.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -"$schema": metaschema.json -version: 0.0.1 -type: object - -properties: - "$schema": - type: string - labels: - "$ref": "common.json#/definitions/labels" - diff --git a/assets/schemas-wip/openshift/deployment.yml b/assets/schemas-wip/openshift/deployment.yml deleted file mode 100644 index 9559620..0000000 --- a/assets/schemas-wip/openshift/deployment.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -"$schema": metaschema.json -version: 0.0.1 -type: object - -properties: - "$schema": - type: string - labels: - "$ref": "common.json#/definitions/labels" diff --git a/assets/schemas-wip/vault/vault.yml b/assets/schemas-wip/vault/vault.yml deleted file mode 100644 index 9559620..0000000 --- a/assets/schemas-wip/vault/vault.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -"$schema": metaschema.json -version: 0.0.1 -type: object - -properties: - "$schema": - type: string - labels: - "$ref": "common.json#/definitions/labels" diff --git a/assets/schemas/access/bot-1.yml b/assets/schemas/access/bot-1.yml deleted file mode 100644 index 55851f7..0000000 --- a/assets/schemas/access/bot-1.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: "1.0" -type: object -properties: - "$schema": - type: string - enum: - - /access/bot-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - github_username: - "$ref": "/common-1.json#/definitions/identifier" - owner: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": "/access/user-1.yml" - roles: - type: array - items: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": "/access/role-1.yml" - -required: -- $schema -- labels -- name diff --git a/assets/schemas/access/permission-1.yml b/assets/schemas/access/permission-1.yml deleted file mode 100644 index eb692d8..0000000 --- a/assets/schemas/access/permission-1.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: "1.0" -type: object -properties: - "$schema": - type: string - enum: - - /access/permission-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - description: - type: string - service: - type: string -oneOf: -- properties: - service: - enum: - - aws-analytics -- properties: - service: - enum: - - github-org - org: - type: string - required: - - org -- properties: - service: - enum: - - github-org-team - org: - type: string - team: - type: string - required: - - org - - team -- properties: - service: - enum: - - openshift-rolebinding - cluster: - type: string - namespace: - type: string - role: - type: string - required: - - cluster - - namespace - - role -- properties: - service: - enum: - - quay-membership - org: - type: string - team: - type: string - required: - - org - - team -required: -- $schema -- labels -- name -- description -- service diff --git a/assets/schemas/access/role-1.yml b/assets/schemas/access/role-1.yml deleted file mode 100644 index c1f5448..0000000 --- a/assets/schemas/access/role-1.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: "1.0" -type: object -properties: - "$schema": - type: string - enum: - - /access/role-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - permissions: - type: array - items: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": "/access/permission-1.yml" -required: -- $schema -- labels -- permissions diff --git a/assets/schemas/access/user-1.yml b/assets/schemas/access/user-1.yml deleted file mode 100644 index 7fc6d39..0000000 --- a/assets/schemas/access/user-1.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: "1.0" -type: object -properties: - "$schema": - type: string - enum: - - /access/user-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - redhat_username: - "$ref": "/common-1.json#/definitions/identifier" - github_username: - "$ref": "/common-1.json#/definitions/identifier" - roles: - type: array - items: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": "/access/role-1.yml" -required: -- $schema -- labels -- name -- redhat_username -- github_username diff --git a/assets/schemas/app-sre/app-1.yml b/assets/schemas/app-sre/app-1.yml deleted file mode 100644 index cd16f88..0000000 --- a/assets/schemas/app-sre/app-1.yml +++ /dev/null @@ -1,153 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' -type: object - -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /app-sre/app-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - - title: - type: string - - serviceDocs: - description: List of service docs - type: array - items: - description: Service document link - type: string - - serviceOwner: - description: Team or individual who is/are responsible for the running instance of the software. - type: object - additionalProperties: false - properties: - name: - type: string - email: - type: string - format: email - required: - - name - - email - - performanceParameters: - type: object - additionalProperties: false - properties: - SLO: - "$ref": "/common-1.json#/definitions/serviceLevel" - SLA: - "$ref": "/common-1.json#/definitions/serviceLevel" - statusPage: - type: string - format: uri-reference - required: - - SLO - - dependencies: - type: array - items: - type: object - additionalProperties: false - properties: - name: - type: string - statefulness: - type: string - enum: - - Durable - - Cache - - Stateless - opsModel: - type: string - enum: - - Hosted - - External - statusPage: - type: string - format: uri - SLA: - "$ref": "/common-1.json#/definitions/serviceLevel" - dependencyFailureImpact: - type: string - enum: - - No Impact - - Partial Outage - - Major Outage - - Complete Outage - required: - - name - - statefulness - - opsModel - - SLA - - dependencyFailureImpact - - quayRepos: - type: array - items: - type: object - additionalProperties: false - properties: - org: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": "/dependencies/quay-org-1.yml" - items: - type: array - items: - type: object - additionalProperties: false - properties: - name: - type: string - description: - type: string - public: - type: boolean - required: - - name - - description - - public - required: - - org - - items - escalations: - type: object - additionalProperties: false - properties: - default: &escalations_default - type: object - additionalProperties: false - properties: - labels: - type: array - items: - type: string - slackRecipients: - type: array - items: - type: string - emailRecipients: - type: array - items: - type: string - mattermostRecipients: - type: array - items: - type: string - warning: *escalations_default - critical: *escalations_default - required: - - warning - - critical - -required: -- title -- serviceOwner -- "$schema" -- "labels" diff --git a/assets/schemas/common-1.json b/assets/schemas/common-1.json deleted file mode 100644 index 4c2a980..0000000 --- a/assets/schemas/common-1.json +++ /dev/null @@ -1,102 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-04/schema", - "version": "1.0", - "type": "object", - "definitions": { - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "annotations": { - "type": "object", - "additionalProperties": { - "type": "string" - } - }, - "identifier": { - "type": "string", - "pattern": "^[A-Za-z0-9][A-Za-z0-9-_]{0,30}[A-Za-z0-9]$" - }, - "version": { - "type": "string", - "pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$" - }, - "stableIndexList": { - "type": "array", - "items": { - "type": "object", - "properties": { - "state": { - "type": "string", - "enum": [ - "deleted", - "active" - ], - "default": "active", - "description": "List items must never be removed. To signal that a list item should be deleted the state should be set to deleted and downstream integrations will remove the corresponding object if it exists." - } - } - } - }, - "stableIdentifierList": { - "type": "object", - "properties": { - "items": { - "type": "array" - }, - "stableIdentifierField": { - "type": "string" - } - }, - "required": [ - "items", - "stableIdentifierField" - ] - }, - "serviceLevel": { - "type": "number", - "minimum": 90, - "maximum": 100, - "exclusiveMaximum": true - }, - "crossref": { - "type": "object", - "properties": { - "$ref": { - "type": "string", - "format": "uri-reference" - } - }, - "required": [ - "$ref" - ], - "additionalProperties": false - }, - "vaultSecret": { - "additionalProperties": false, - "type": "object", - "properties": { - "path": { - "type": "string" - }, - "field": { - "type": "string" - }, - "format": { - "type": "string", - "enum": [ - "plain", - "base64" - ], - "default": "plain" - } - }, - "required": [ - "path", - "field" - ] - } - } -} diff --git a/assets/schemas/dependencies/quay-org-1.yml b/assets/schemas/dependencies/quay-org-1.yml deleted file mode 100644 index caf7f50..0000000 --- a/assets/schemas/dependencies/quay-org-1.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' -type: object - -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /dependencies/quay-org-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - managedTeams: - type: array - items: - type: string - description: - type: string - automationToken: - "$ref": "/common-1.json#/definitions/vaultSecret" -required: -- "$schema" -- labels -- name -- managedTeams -- description diff --git a/assets/schemas/metaschema-1.json b/assets/schemas/metaschema-1.json deleted file mode 100644 index 2761c07..0000000 --- a/assets/schemas/metaschema-1.json +++ /dev/null @@ -1,53 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-04/schema", - "version": "1.0", - "type": "object", - "properties": { - "$schema": { - "type": "string", - "enum": [ "/metaschema-1.json" ] - }, - "version": { - "$ref": "/common-1.json#/definitions/version" - }, - "labels": { - "type": "object" - }, - "properties": { - "type": "object", - "properties": { - "labels": { - "type": "object", - "additionalProperties": false, - "properties": { - "$ref": { - "type": "string", - "enum": [ "/common-1.json#/definitions/labels" ] - } - }, - "required": [ - "$ref" - ] - }, - "$schema": { - "type": "object", - "properties": { - "type": { - "type": "string", - "enum": [ "string" ] - } - } - } - }, - "required": [ - "labels", - "$schema" - ] - } - }, - "required": [ - "version", - "$schema", - "properties" - ] -} diff --git a/assets/schemas/openshift/cluster-1.yml b/assets/schemas/openshift/cluster-1.yml deleted file mode 100644 index 64d2bee..0000000 --- a/assets/schemas/openshift/cluster-1.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' -type: object - -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /openshift/cluster-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - serverUrl: - type: string - format: uri - automationToken: - "$ref": "/common-1.json#/definitions/vaultSecret" - description: - type: string -required: -- "$schema" -- labels -- name -- serverUrl -- description diff --git a/assets/schemas/openshift/namespace-1.yml b/assets/schemas/openshift/namespace-1.yml deleted file mode 100644 index f0d89c3..0000000 --- a/assets/schemas/openshift/namespace-1.yml +++ /dev/null @@ -1,111 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' -type: object - -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /openshift/namespace-1.yml - - labels: - "$ref": "/common-1.json#/definitions/labels" - - name: - type: string - - description: - type: string - - cluster: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": "/openshift/cluster-1.yml" - - managedRoles: - type: array - items: - type: string - enum: - - view - - edit - - admin - - managedResourceTypes: - type: array - items: - type: string - # For the moment we want to limit this list. - # A complete list can be obtained from here: - # oc api-resources --verbs=list --no-headers | awk '{print $NF}' | sort -u - enum: - - ConfigMap - - Secret - - Route - - openshiftResources: - type: array - items: - type: object - properties: - provider: - type: string - oneOf: - - additionalProperties: false - properties: - provider: - type: string - enum: - - resource - path: - type: string - required: - - path - - additionalProperties: false - properties: - provider: - type: string - enum: - - vault-secret - name: - type: string - path: - type: string - version: - type: integer - labels: - "$ref": "/common-1.json#/definitions/labels" - annotations: - "$ref": "/common-1.json#/definitions/annotations" - required: - - path - - version - - additionalProperties: false - properties: - provider: - type: string - enum: - - route - path: - type: string - vault_tls_secret_path: - type: string - vault_tls_secret_version: - type: integer - required: - - path - dependencies: - vault_tls_secret_path: - - vault_tls_secret_version - vault_tls_secret_version: - - vault_tls_secret_path - required: - - provider - -required: -- "$schema" -- labels -- name -- description -- cluster diff --git a/assets/schemas/vault-config/audit-1.yml b/assets/schemas/vault-config/audit-1.yml deleted file mode 100644 index e33f11d..0000000 --- a/assets/schemas/vault-config/audit-1.yml +++ /dev/null @@ -1,70 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' - -type: object -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /vault-config/audit-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - _path: - type: string - pattern: '.+\/$' - type: - type: string - enum: - - file - - syslog - - socket - description: - type: string - options: - type: object - oneOf: - - properties: - _type: - type: string - enum: - - file - file_path: - type: string - log_raw: - type: string - enum: - - 'true' - - 'false' - hmac_accessor: - type: string - enum: - - 'true' - - 'false' - mode: - type: string - pattern: '^\d+$' - format: - type: string - enum: - - "json" - - "jsonx" - prefix: - type: string - required: - - file_path - - log_raw - - hmac_accessor - - mode - - format - - prefix - required: - - _type -required: -- "$schema" -- labels -- _path -- type -- description -- options diff --git a/assets/schemas/vault-config/auth-1.yml b/assets/schemas/vault-config/auth-1.yml deleted file mode 100644 index 28c745a..0000000 --- a/assets/schemas/vault-config/auth-1.yml +++ /dev/null @@ -1,89 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' - -type: object -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /vault-config/auth-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - _path: - type: string - pattern: '.+\/$' - type: - type: string - enum: - - approle - - github - description: - type: string - settings: - type: object - additionalProperties: false - properties: - config: - type: object - oneOf: - - properties: - _type: - type: string - enum: - - github - organization: - type: string - base_url: - type: string - max_ttl: - type: string - pattern: '^(\d+(h|m|s))+$' - ttl: - type: string - pattern: '^(\d+(h|m|s))+$' - required: - - organization - - base_url - - max_ttl - - ttl - policy_mappings: - type: array - items: - type: object - additionalProperties: false - properties: - github_team: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": - type: object - properties: - '$schema': - type: string - enum: - - /access/permission-1.yml - service: - type: string - enum: - - github-org-team - policies: - type: array - items: - "$ref": "/common-1.json#/definitions/crossref" - "$schemaRef": - type: object - properties: - '$schema': - type: string - enum: - - /vault-config/policy-1.yml - required: - - github_team - - policies -required: -- "$schema" -- labels -- _path -- type -- description diff --git a/assets/schemas/vault-config/policy-1.yml b/assets/schemas/vault-config/policy-1.yml deleted file mode 100644 index a74b7d6..0000000 --- a/assets/schemas/vault-config/policy-1.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' - -type: object -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /vault-config/policy-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - rules: - type: string -required: -- "$schema" -- labels -- name -- rules diff --git a/assets/schemas/vault-config/role-1.yml b/assets/schemas/vault-config/role-1.yml deleted file mode 100644 index 1d92162..0000000 --- a/assets/schemas/vault-config/role-1.yml +++ /dev/null @@ -1,97 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' - -type: object -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /vault-config/role-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - name: - type: string - mount: - type: string - pattern: '.+\/$' - type: - type: string - options: - type: object - oneOf: - - properties: - _type: - type: string - enum: - - approle - bind_secret_id: - type: string - enum: - - 'true' - - 'false' - local_secret_ids: - type: string - enum: - - 'true' - - 'false' - period: - type: string - pattern: '^(\d+(h|m|s))+$' - secret_id_num_uses: - type: string - pattern: '^\d+$' - secret_id_ttl: - type: string - pattern: '^(\d+(h|m|s))+$' - token_max_ttl: - type: string - pattern: '^(\d+(h|m|s))+$' - token_num_uses: - type: string - pattern: '^\d+$' - token_ttl: - type: string - pattern: '^(\d+(h|m|s))+$' - token_type: - type: string - bound_cidr_list: - type: array - items: - type: string - policies: - type: array - items: - type: string - secret_id_bound_cidrs: - type: array - items: - type: string - token_bound_cidrs: - type: array - items: - type: string - required: - - bind_secret_id - - local_secret_ids - - period - - secret_id_num_uses - - secret_id_ttl - - token_max_ttl - - token_num_uses - - token_ttl - - token_type - - bound_cidr_list - - policies - - secret_id_bound_cidrs - - token_bound_cidrs - required: - - _type -required: -- "$schema" -- labels -- name -- mount -- type -- options diff --git a/assets/schemas/vault-config/secret-engine-1.yml b/assets/schemas/vault-config/secret-engine-1.yml deleted file mode 100644 index ef833e7..0000000 --- a/assets/schemas/vault-config/secret-engine-1.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -"$schema": /metaschema-1.json -version: '1.0' - -type: object -additionalProperties: false -properties: - "$schema": - type: string - enum: - - /vault-config/secret-engine-1.yml - labels: - "$ref": "/common-1.json#/definitions/labels" - _path: - type: string - pattern: '.+\/$' - type: - type: string - enum: - - kv - description: - type: string - options: - type: object - oneOf: - - properties: - _type: - type: string - enum: - - kv - version: - type: string - enum: - - '1' - - '2' - required: - - version - required: - - _type -required: -- "$schema" -- labels -- _path -- type -- description -- options diff --git a/src/db.ts b/src/db.ts index 2d30315..5c5413d 100644 --- a/src/db.ts +++ b/src/db.ts @@ -23,6 +23,7 @@ export type Resourcefile = { export type Bundle = { datafiles: im.Map; resourcefiles: im.Map; + schema: any[]; fileHash: string; }; @@ -63,6 +64,7 @@ const parseBundle = (contents: string) : Bundle => { datafiles: parseDatafiles(parsedContents.data), resourcefiles: parseResourcefiles(parsedContents.resources), fileHash: hashDatafile(contents), + schema: parsedContents.graphql, } as Bundle; }; @@ -137,6 +139,7 @@ export const bundleFromEnvironment = async() => { return { datafiles: im.Map(), resourcefiles: im.Map(), + schema: {}, fileHash: '', } as Bundle; } diff --git a/src/schema.ts b/src/schema.ts index 6ea8e18..89fae99 100644 --- a/src/schema.ts +++ b/src/schema.ts @@ -223,8 +223,8 @@ const resourceType = new GraphQLObjectType({ }, }); -export const generateAppSchema = (app: express.Express, contents: string) : GraphQLSchema => { - const schemaData = yaml.safeLoad(contents); +export const generateAppSchema = (app: express.Express) : GraphQLSchema => { + const schemaData = app.get('bundle').schema; const schemaTypes: any = {}; const interfaceTypes: any = {}; diff --git a/src/server.ts b/src/server.ts index aa7449e..abd9d27 100644 --- a/src/server.ts +++ b/src/server.ts @@ -23,20 +23,27 @@ export const appFromBundle = async(bundle: Promise) => { next(); }); - const schema = await readFile('assets/schema.yml'); - const server = new ApolloServer({ - schema: generateAppSchema(app, String(schema)), + schema: generateAppSchema(app), playground: true, introspection: true, fieldResolver: defaultResolver(app), }); + app.set('server', server); server.applyMiddleware({ app }); app.get('/reload', async (req: express.Request, res: express.Response) => { - req.app.set('bundle', await db.bundleFromEnvironment()); - res.send(); + try { + const bundle = await db.bundleFromEnvironment(); + req.app.set('bundle', bundle); + req.app.get('server').schema = generateAppSchema(req.app as express.Express); + + console.log('reloaded'); + res.send(); + } catch (e) { + res.status(503).send('error parsing bundle, not replacing'); + } }); app.get('/sha256', (req: express.Request, res: express.Response) => { diff --git a/test/schemas/cluster.data.json b/test/schemas/cluster.data.json index 3e68cc6..c09c21d 100644 --- a/test/schemas/cluster.data.json +++ b/test/schemas/cluster.data.json @@ -8,5 +8,1213 @@ "$schema": "/openshift/cluster-1.yml", "description": "example cluster" } - } + }, + "graphql": [ + { + "name": "VaultAuditOptions", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "file": "VaultAuditOptionsFile" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAuditOptionsFile", + "version": "1", + "interface": "VaultAuditOptions", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "file_path", + "type": "string", + "isRequired": true + }, + { + "name": "log_raw", + "type": "string", + "isRequired": true + }, + { + "name": "hmac_accessor", + "type": "string", + "isRequired": true + }, + { + "name": "mode", + "type": "string", + "isRequired": true + }, + { + "name": "format", + "type": "string", + "isRequired": true + }, + { + "name": "prefix", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAudit", + "version": "1", + "fields": [ + { + "name": "_path", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "options", + "type": "VaultAuditOptions", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultAuthConfig", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "github": "VaultAuthConfigGithub" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAuthConfigGithub", + "version": "1", + "interface": "VaultAuthConfig", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "organization", + "type": "string", + "isRequired": true + }, + { + "name": "base_url", + "type": "string", + "isRequired": true + }, + { + "name": "max_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "ttl", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAuthSettings", + "version": "1", + "fields": [ + { + "name": "config", + "type": "VaultAuthConfig", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultSecretEngineOptions", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "kv": "VaultSecretEngineOptionsKV" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultSecretEngineOptionsKV", + "version": "1", + "interface": "VaultSecretEngineOptions", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "version", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultSecretEngine", + "version": "1", + "fields": [ + { + "name": "_path", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "options", + "type": "VaultSecretEngineOptions", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultRoleOptions", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "approle": "VaultApproleOptions" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultApproleOptions", + "version": "1", + "interface": "VaultRoleOptions", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "bind_secret_id", + "type": "string", + "isRequired": true + }, + { + "name": "local_secret_ids", + "type": "string", + "isRequired": true + }, + { + "name": "period", + "type": "string", + "isRequired": true + }, + { + "name": "secret_id_num_uses", + "type": "string", + "isRequired": true + }, + { + "name": "secret_id_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "token_max_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "token_num_uses", + "type": "string", + "isRequired": true + }, + { + "name": "token_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "token_type", + "type": "string", + "isRequired": true + }, + { + "name": "bound_cidr_list", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "policies", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "secret_id_bound_cidrs", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "token_bound_cidrs", + "type": "string", + "isList": true, + "isRequired": true + } + ] + }, + { + "name": "VaultRole", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "mount", + "type": "string", + "isRequired": true + }, + { + "name": "options", + "type": "VaultRoleOptions", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultPolicy", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "rules", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "Resource", + "version": "1", + "fields": [ + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "content", + "type": "string", + "isRequired": true + }, + { + "name": "sha256sum", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultSecret", + "version": "1", + "fields": [ + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "field", + "type": "string", + "isRequired": true + }, + { + "name": "format", + "type": "string" + } + ] + }, + { + "name": "QuayOrg", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "managedTeams", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "automationToken", + "type": "VaultSecret" + } + ] + }, + { + "name": "Cluster", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "serverUrl", + "type": "string", + "isRequired": true + }, + { + "name": "automationToken", + "type": "VaultSecret" + } + ] + }, + { + "name": "NamespaceOpenshiftResource", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "provider", + "fieldMap": { + "resource": "NamespaceOpenshiftResourceResource", + "vault-secret": "NamespaceOpenshiftResourceVaultSecret", + "route": "NamespaceOpenshiftResourceRoute" + } + }, + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "NamespaceOpenshiftResourceResource", + "version": "1", + "interface": "NamespaceOpenshiftResource", + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "NamespaceOpenshiftResourceVaultSecret", + "version": "1", + "interface": "NamespaceOpenshiftResource", + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "version", + "type": "int", + "isRequired": true + }, + { + "name": "name", + "type": "string" + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "annotations", + "type": "json" + } + ] + }, + { + "name": "NamespaceOpenshiftResourceRoute", + "version": "1", + "interface": "NamespaceOpenshiftResource", + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "vault_tls_secret_path", + "type": "string" + }, + { + "name": "vault_tls_secret_version", + "type": "int" + } + ] + }, + { + "name": "Namespace", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "cluster", + "type": "Cluster", + "isRequired": true + }, + { + "name": "managedRoles", + "type": "string", + "isList": true + }, + { + "name": "managedResourceTypes", + "type": "string", + "isList": true + }, + { + "name": "openshiftResources", + "type": "NamespaceOpenshiftResource", + "isList": true, + "isInterface": true + } + ] + }, + { + "name": "AppServiceOwner", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "email", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "AppPerformanceParameters", + "version": "1", + "fields": [ + { + "name": "SLO", + "type": "float", + "isRequired": true + }, + { + "name": "SLA", + "type": "float" + }, + { + "name": "statusPage", + "type": "string" + } + ] + }, + { + "name": "AppDependencies", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "statefulness", + "type": "string", + "isRequired": true + }, + { + "name": "opsModel", + "type": "string", + "isRequired": true + }, + { + "name": "statusPage", + "type": "string" + }, + { + "name": "SLA", + "type": "float", + "isRequired": true + }, + { + "name": "dependencyFailureImpact", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "AppQuayReposItems", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "public", + "type": "boolean", + "isRequired": true + } + ] + }, + { + "name": "AppQuayRepos", + "version": "1", + "fields": [ + { + "name": "org", + "type": "QuayOrg", + "isRequired": true + }, + { + "name": "items", + "type": "AppQuayReposItems", + "isRequired": true, + "isList": true + } + ] + }, + { + "name": "AppEscalationsEscalation", + "version": "1", + "fields": [ + { + "name": "labels", + "type": "json" + }, + { + "name": "slackRecipients", + "type": "string", + "isList": true + }, + { + "name": "emailRecipients", + "type": "string", + "isList": true + }, + { + "name": "mattermostRecipients", + "type": "string", + "isList": true + } + ] + }, + { + "name": "AppEscalations", + "version": "1", + "fields": [ + { + "name": "default", + "type": "AppEscalationsEscalation" + }, + { + "name": "warning", + "type": "AppEscalationsEscalation" + }, + { + "name": "critical", + "type": "AppEscalationsEscalation" + } + ] + }, + { + "name": "App", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "title", + "type": "string", + "isRequired": true + }, + { + "name": "serviceDocs", + "type": "string", + "isList": true + }, + { + "name": "serviceOwner", + "type": "AppServiceOwner", + "isRequired": true + }, + { + "name": "dependencies", + "type": "AppDependencies", + "isList": true + }, + { + "name": "quayRepos", + "type": "AppQuayRepos", + "isList": true + }, + { + "name": "escalations", + "type": "AppEscalations", + "isList": true + } + ] + }, + { + "name": "Permission", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "service", + "fieldMap": { + "aws-analytics": "PermissionAWSAnalytics", + "github-org": "PermissionGithubOrg", + "github-org-team": "PermissionGithubOrgTeam", + "openshift-rolebinding": "PermissionOpenshiftRolebinding", + "quay-membership": "PermissionQuayOrgTeam" + } + }, + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionAWSAnalytics", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionGithubOrg", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "org", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionGithubOrgTeam", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "org", + "type": "string", + "isRequired": true + }, + { + "name": "team", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultPolicyMapping", + "version": "1", + "fields": [ + { + "name": "github_team", + "type": "PermissionGithubOrgTeam", + "isRequired": true + }, + { + "name": "policies", + "type": "VaultPolicy", + "isList": true, + "isRequired": true + } + ] + }, + { + "name": "VaultAuth", + "version": "1", + "fields": [ + { + "name": "_path", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "settings", + "type": "VaultAuthSettings" + }, + { + "name": "policy_mappings", + "type": "VaultPolicyMapping", + "isList": true + } + ] + }, + { + "name": "PermissionOpenshiftRolebinding", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "cluster", + "type": "string", + "isRequired": true + }, + { + "name": "namespace", + "type": "string", + "isRequired": true + }, + { + "name": "role", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionQuayOrgTeam", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "org", + "type": "string", + "isRequired": true + }, + { + "name": "team", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "User", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "redhat_username", + "type": "string", + "isRequired": true + }, + { + "name": "github_username", + "type": "string", + "isRequired": true + }, + { + "name": "quay_username", + "type": "string" + } + ] + }, + { + "name": "Bot", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "github_username", + "type": "string" + }, + { + "name": "quay_username", + "type": "string" + }, + { + "name": "owner", + "type": "User" + } + ] + }, + { + "name": "Role", + "version": "1", + "datafile": "/access/role-1.yml", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "permissions", + "type": "Permission", + "isList": true, + "isInterface": true + }, + { + "name": "users", + "type": "User", + "isList": true, + "synthetic": { + "schema": "/access/user-1.yml", + "subAttr": "roles" + } + }, + { + "name": "bots", + "type": "Bot", + "isList": true, + "synthetic": { + "schema": "/access/bot-1.yml", + "subAttr": "roles" + } + } + ] + }, + { + "name": "Query", + "fields": [ + { + "name": "users", + "type": "User", + "isList": true, + "datafileSchema": "/access/user-1.yml" + }, + { + "name": "bots", + "type": "Bot", + "isList": true, + "datafileSchema": "/access/bot-1.yml" + }, + { + "name": "roles", + "type": "Role", + "isList": true, + "datafileSchema": "/access/role-1.yml" + }, + { + "name": "clusters", + "type": "Cluster", + "isList": true, + "datafileSchema": "/openshift/cluster-1.yml" + }, + { + "name": "namespaces", + "type": "Namespace", + "isList": true, + "datafileSchema": "/openshift/namespace-1.yml" + }, + { + "name": "quay_orgs", + "type": "QuayOrg", + "isList": true, + "datafileSchema": "/dependencies/quay-org-1.yml" + }, + { + "name": "apps", + "type": "App", + "isList": true, + "datafileSchema": "/app-sre/app-1.yml" + }, + { + "name": "resources", + "type": "Resource", + "isResource": true, + "isRequired": true, + "isList": true + }, + { + "name": "vault_audit_backends", + "type": "VaultAudit", + "isList": true, + "datafileSchema": "/vault-config/audit-1.yml" + }, + { + "name": "vault_auth_backends", + "type": "VaultAuth", + "isList": true, + "datafileSchema": "/vault-config/auth-1.yml" + }, + { + "name": "vault_secret_engines", + "type": "VaultSecretEngine", + "isList": true, + "datafileSchema": "/vault-config/secret-engine-1.yml" + }, + { + "name": "vault_roles", + "type": "VaultRole", + "isList": true, + "datafileSchema": "/vault-config/role-1.yml" + }, + { + "name": "vault_policies", + "type": "VaultPolicy", + "isList": true, + "datafileSchema": "/vault-config/policy-1.yml" + } + ] + } + ] } diff --git a/test/server.data.json b/test/server.data.json index f338303..ffed771 100644 --- a/test/server.data.json +++ b/test/server.data.json @@ -56,5 +56,1213 @@ "managedTeams": [ "teamA" ], "description": "desc" } - } + }, + "graphql": [ + { + "name": "VaultAuditOptions", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "file": "VaultAuditOptionsFile" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAuditOptionsFile", + "version": "1", + "interface": "VaultAuditOptions", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "file_path", + "type": "string", + "isRequired": true + }, + { + "name": "log_raw", + "type": "string", + "isRequired": true + }, + { + "name": "hmac_accessor", + "type": "string", + "isRequired": true + }, + { + "name": "mode", + "type": "string", + "isRequired": true + }, + { + "name": "format", + "type": "string", + "isRequired": true + }, + { + "name": "prefix", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAudit", + "version": "1", + "fields": [ + { + "name": "_path", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "options", + "type": "VaultAuditOptions", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultAuthConfig", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "github": "VaultAuthConfigGithub" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAuthConfigGithub", + "version": "1", + "interface": "VaultAuthConfig", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "organization", + "type": "string", + "isRequired": true + }, + { + "name": "base_url", + "type": "string", + "isRequired": true + }, + { + "name": "max_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "ttl", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultAuthSettings", + "version": "1", + "fields": [ + { + "name": "config", + "type": "VaultAuthConfig", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultSecretEngineOptions", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "kv": "VaultSecretEngineOptionsKV" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultSecretEngineOptionsKV", + "version": "1", + "interface": "VaultSecretEngineOptions", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "version", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultSecretEngine", + "version": "1", + "fields": [ + { + "name": "_path", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "options", + "type": "VaultSecretEngineOptions", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultRoleOptions", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "_type", + "fieldMap": { + "approle": "VaultApproleOptions" + } + }, + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultApproleOptions", + "version": "1", + "interface": "VaultRoleOptions", + "fields": [ + { + "name": "_type", + "type": "string", + "isRequired": true + }, + { + "name": "bind_secret_id", + "type": "string", + "isRequired": true + }, + { + "name": "local_secret_ids", + "type": "string", + "isRequired": true + }, + { + "name": "period", + "type": "string", + "isRequired": true + }, + { + "name": "secret_id_num_uses", + "type": "string", + "isRequired": true + }, + { + "name": "secret_id_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "token_max_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "token_num_uses", + "type": "string", + "isRequired": true + }, + { + "name": "token_ttl", + "type": "string", + "isRequired": true + }, + { + "name": "token_type", + "type": "string", + "isRequired": true + }, + { + "name": "bound_cidr_list", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "policies", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "secret_id_bound_cidrs", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "token_bound_cidrs", + "type": "string", + "isList": true, + "isRequired": true + } + ] + }, + { + "name": "VaultRole", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "mount", + "type": "string", + "isRequired": true + }, + { + "name": "options", + "type": "VaultRoleOptions", + "isInterface": true, + "isRequired": true + } + ] + }, + { + "name": "VaultPolicy", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "rules", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "Resource", + "version": "1", + "fields": [ + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "content", + "type": "string", + "isRequired": true + }, + { + "name": "sha256sum", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultSecret", + "version": "1", + "fields": [ + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "field", + "type": "string", + "isRequired": true + }, + { + "name": "format", + "type": "string" + } + ] + }, + { + "name": "QuayOrg", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "managedTeams", + "type": "string", + "isList": true, + "isRequired": true + }, + { + "name": "automationToken", + "type": "VaultSecret" + } + ] + }, + { + "name": "Cluster", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "serverUrl", + "type": "string", + "isRequired": true + }, + { + "name": "automationToken", + "type": "VaultSecret" + } + ] + }, + { + "name": "NamespaceOpenshiftResource", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "provider", + "fieldMap": { + "resource": "NamespaceOpenshiftResourceResource", + "vault-secret": "NamespaceOpenshiftResourceVaultSecret", + "route": "NamespaceOpenshiftResourceRoute" + } + }, + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "NamespaceOpenshiftResourceResource", + "version": "1", + "interface": "NamespaceOpenshiftResource", + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "NamespaceOpenshiftResourceVaultSecret", + "version": "1", + "interface": "NamespaceOpenshiftResource", + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "version", + "type": "int", + "isRequired": true + }, + { + "name": "name", + "type": "string" + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "annotations", + "type": "json" + } + ] + }, + { + "name": "NamespaceOpenshiftResourceRoute", + "version": "1", + "interface": "NamespaceOpenshiftResource", + "fields": [ + { + "name": "provider", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "vault_tls_secret_path", + "type": "string" + }, + { + "name": "vault_tls_secret_version", + "type": "int" + } + ] + }, + { + "name": "Namespace", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "cluster", + "type": "Cluster", + "isRequired": true + }, + { + "name": "managedRoles", + "type": "string", + "isList": true + }, + { + "name": "managedResourceTypes", + "type": "string", + "isList": true + }, + { + "name": "openshiftResources", + "type": "NamespaceOpenshiftResource", + "isList": true, + "isInterface": true + } + ] + }, + { + "name": "AppServiceOwner", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "email", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "AppPerformanceParameters", + "version": "1", + "fields": [ + { + "name": "SLO", + "type": "float", + "isRequired": true + }, + { + "name": "SLA", + "type": "float" + }, + { + "name": "statusPage", + "type": "string" + } + ] + }, + { + "name": "AppDependencies", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "statefulness", + "type": "string", + "isRequired": true + }, + { + "name": "opsModel", + "type": "string", + "isRequired": true + }, + { + "name": "statusPage", + "type": "string" + }, + { + "name": "SLA", + "type": "float", + "isRequired": true + }, + { + "name": "dependencyFailureImpact", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "AppQuayReposItems", + "version": "1", + "fields": [ + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "public", + "type": "boolean", + "isRequired": true + } + ] + }, + { + "name": "AppQuayRepos", + "version": "1", + "fields": [ + { + "name": "org", + "type": "QuayOrg", + "isRequired": true + }, + { + "name": "items", + "type": "AppQuayReposItems", + "isRequired": true, + "isList": true + } + ] + }, + { + "name": "AppEscalationsEscalation", + "version": "1", + "fields": [ + { + "name": "labels", + "type": "json" + }, + { + "name": "slackRecipients", + "type": "string", + "isList": true + }, + { + "name": "emailRecipients", + "type": "string", + "isList": true + }, + { + "name": "mattermostRecipients", + "type": "string", + "isList": true + } + ] + }, + { + "name": "AppEscalations", + "version": "1", + "fields": [ + { + "name": "default", + "type": "AppEscalationsEscalation" + }, + { + "name": "warning", + "type": "AppEscalationsEscalation" + }, + { + "name": "critical", + "type": "AppEscalationsEscalation" + } + ] + }, + { + "name": "App", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "title", + "type": "string", + "isRequired": true + }, + { + "name": "serviceDocs", + "type": "string", + "isList": true + }, + { + "name": "serviceOwner", + "type": "AppServiceOwner", + "isRequired": true + }, + { + "name": "dependencies", + "type": "AppDependencies", + "isList": true + }, + { + "name": "quayRepos", + "type": "AppQuayRepos", + "isList": true + }, + { + "name": "escalations", + "type": "AppEscalations", + "isList": true + } + ] + }, + { + "name": "Permission", + "version": "1", + "isInterface": true, + "interfaceResolve": { + "strategy": "fieldMap", + "field": "service", + "fieldMap": { + "aws-analytics": "PermissionAWSAnalytics", + "github-org": "PermissionGithubOrg", + "github-org-team": "PermissionGithubOrgTeam", + "openshift-rolebinding": "PermissionOpenshiftRolebinding", + "quay-membership": "PermissionQuayOrgTeam" + } + }, + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionAWSAnalytics", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionGithubOrg", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "org", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionGithubOrgTeam", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "org", + "type": "string", + "isRequired": true + }, + { + "name": "team", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "VaultPolicyMapping", + "version": "1", + "fields": [ + { + "name": "github_team", + "type": "PermissionGithubOrgTeam", + "isRequired": true + }, + { + "name": "policies", + "type": "VaultPolicy", + "isList": true, + "isRequired": true + } + ] + }, + { + "name": "VaultAuth", + "version": "1", + "fields": [ + { + "name": "_path", + "type": "string", + "isRequired": true + }, + { + "name": "type", + "type": "string", + "isRequired": true + }, + { + "name": "description", + "type": "string", + "isRequired": true + }, + { + "name": "settings", + "type": "VaultAuthSettings" + }, + { + "name": "policy_mappings", + "type": "VaultPolicyMapping", + "isList": true + } + ] + }, + { + "name": "PermissionOpenshiftRolebinding", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "cluster", + "type": "string", + "isRequired": true + }, + { + "name": "namespace", + "type": "string", + "isRequired": true + }, + { + "name": "role", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "PermissionQuayOrgTeam", + "version": "1", + "interface": "Permission", + "fields": [ + { + "name": "service", + "type": "string", + "isRequired": true + }, + { + "name": "org", + "type": "string", + "isRequired": true + }, + { + "name": "team", + "type": "string", + "isRequired": true + } + ] + }, + { + "name": "User", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "redhat_username", + "type": "string", + "isRequired": true + }, + { + "name": "github_username", + "type": "string", + "isRequired": true + }, + { + "name": "quay_username", + "type": "string" + } + ] + }, + { + "name": "Bot", + "version": "1", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "github_username", + "type": "string" + }, + { + "name": "quay_username", + "type": "string" + }, + { + "name": "owner", + "type": "User" + } + ] + }, + { + "name": "Role", + "version": "1", + "datafile": "/access/role-1.yml", + "fields": [ + { + "name": "schema", + "type": "string", + "isRequired": true + }, + { + "name": "path", + "type": "string", + "isRequired": true + }, + { + "name": "labels", + "type": "json" + }, + { + "name": "name", + "type": "string", + "isRequired": true + }, + { + "name": "permissions", + "type": "Permission", + "isList": true, + "isInterface": true + }, + { + "name": "users", + "type": "User", + "isList": true, + "synthetic": { + "schema": "/access/user-1.yml", + "subAttr": "roles" + } + }, + { + "name": "bots", + "type": "Bot", + "isList": true, + "synthetic": { + "schema": "/access/bot-1.yml", + "subAttr": "roles" + } + } + ] + }, + { + "name": "Query", + "fields": [ + { + "name": "users", + "type": "User", + "isList": true, + "datafileSchema": "/access/user-1.yml" + }, + { + "name": "bots", + "type": "Bot", + "isList": true, + "datafileSchema": "/access/bot-1.yml" + }, + { + "name": "roles", + "type": "Role", + "isList": true, + "datafileSchema": "/access/role-1.yml" + }, + { + "name": "clusters", + "type": "Cluster", + "isList": true, + "datafileSchema": "/openshift/cluster-1.yml" + }, + { + "name": "namespaces", + "type": "Namespace", + "isList": true, + "datafileSchema": "/openshift/namespace-1.yml" + }, + { + "name": "quay_orgs", + "type": "QuayOrg", + "isList": true, + "datafileSchema": "/dependencies/quay-org-1.yml" + }, + { + "name": "apps", + "type": "App", + "isList": true, + "datafileSchema": "/app-sre/app-1.yml" + }, + { + "name": "resources", + "type": "Resource", + "isResource": true, + "isRequired": true, + "isList": true + }, + { + "name": "vault_audit_backends", + "type": "VaultAudit", + "isList": true, + "datafileSchema": "/vault-config/audit-1.yml" + }, + { + "name": "vault_auth_backends", + "type": "VaultAuth", + "isList": true, + "datafileSchema": "/vault-config/auth-1.yml" + }, + { + "name": "vault_secret_engines", + "type": "VaultSecretEngine", + "isList": true, + "datafileSchema": "/vault-config/secret-engine-1.yml" + }, + { + "name": "vault_roles", + "type": "VaultRole", + "isList": true, + "datafileSchema": "/vault-config/role-1.yml" + }, + { + "name": "vault_policies", + "type": "VaultPolicy", + "isList": true, + "datafileSchema": "/vault-config/policy-1.yml" + } + ] + } + ] }