@epilot/sdk 2.8.7 → 2.8.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (169) hide show
  1. package/definitions/access-token-runtime.json +1 -1
  2. package/definitions/access-token.json +155 -1
  3. package/definitions/app.json +101 -8
  4. package/definitions/automation.json +120 -0
  5. package/definitions/blueprint-manifest-runtime.json +1 -1
  6. package/definitions/blueprint-manifest.json +1651 -357
  7. package/definitions/configuration-hub-runtime.json +1 -1
  8. package/definitions/configuration-hub.json +623 -0
  9. package/definitions/customer-portal-runtime.json +1 -1
  10. package/definitions/customer-portal.json +383 -78
  11. package/definitions/design-runtime.json +1 -1
  12. package/definitions/design.json +52 -12
  13. package/definitions/event-catalog-runtime.json +1 -1
  14. package/definitions/event-catalog.json +168 -12
  15. package/definitions/file-runtime.json +1 -1
  16. package/definitions/file.json +152 -4
  17. package/definitions/integration-toolkit-runtime.json +1 -1
  18. package/definitions/integration-toolkit.json +782 -13
  19. package/definitions/journey-runtime.json +1 -1
  20. package/definitions/journey.json +38 -1
  21. package/definitions/notes-runtime.json +1 -1
  22. package/definitions/notes.json +123 -1
  23. package/definitions/pricing.json +224 -406
  24. package/definitions/snapshot-runtime.json +1 -0
  25. package/definitions/snapshot.json +973 -0
  26. package/definitions/targeting-runtime.json +1 -1
  27. package/definitions/targeting.json +258 -7
  28. package/definitions/user-runtime.json +1 -1
  29. package/definitions/user.json +441 -0
  30. package/definitions/webhooks.json +31 -0
  31. package/dist/{ai-agents.d-OkXfr2bz.d.cts → ai-agents.d-CC5IjXrs.d.cts} +0 -2
  32. package/dist/{ai-agents.d-OkXfr2bz.d.ts → ai-agents.d-CC5IjXrs.d.ts} +0 -2
  33. package/dist/apis/access-token.cjs +6 -6
  34. package/dist/apis/access-token.js +1 -1
  35. package/dist/apis/address-suggestions.cjs +6 -6
  36. package/dist/apis/address-suggestions.js +1 -1
  37. package/dist/apis/address.cjs +6 -6
  38. package/dist/apis/address.js +1 -1
  39. package/dist/apis/ai-agents.cjs +6 -6
  40. package/dist/apis/ai-agents.d.cts +2 -2
  41. package/dist/apis/ai-agents.d.ts +2 -2
  42. package/dist/apis/ai-agents.js +1 -1
  43. package/dist/apis/app.cjs +6 -6
  44. package/dist/apis/app.js +1 -1
  45. package/dist/apis/audit-logs.cjs +6 -6
  46. package/dist/apis/audit-logs.js +1 -1
  47. package/dist/apis/automation.cjs +6 -6
  48. package/dist/apis/automation.js +1 -1
  49. package/dist/apis/billing.cjs +6 -6
  50. package/dist/apis/billing.js +1 -1
  51. package/dist/apis/blueprint-manifest.cjs +6 -6
  52. package/dist/apis/blueprint-manifest.js +1 -1
  53. package/dist/apis/calendar.cjs +6 -6
  54. package/dist/apis/calendar.js +1 -1
  55. package/dist/apis/configuration-hub.cjs +6 -6
  56. package/dist/apis/configuration-hub.js +1 -1
  57. package/dist/apis/consent.cjs +6 -6
  58. package/dist/apis/consent.js +1 -1
  59. package/dist/apis/customer-portal.cjs +6 -6
  60. package/dist/apis/customer-portal.js +1 -1
  61. package/dist/apis/dashboard.cjs +6 -6
  62. package/dist/apis/dashboard.js +1 -1
  63. package/dist/apis/data-governance.cjs +6 -6
  64. package/dist/apis/data-governance.js +1 -1
  65. package/dist/apis/deduplication.cjs +6 -6
  66. package/dist/apis/deduplication.js +1 -1
  67. package/dist/apis/design.cjs +6 -6
  68. package/dist/apis/design.js +1 -1
  69. package/dist/apis/document.cjs +6 -6
  70. package/dist/apis/document.js +1 -1
  71. package/dist/apis/email-settings.cjs +6 -6
  72. package/dist/apis/email-settings.js +1 -1
  73. package/dist/apis/email-template.cjs +6 -6
  74. package/dist/apis/email-template.js +1 -1
  75. package/dist/apis/entity-mapping.cjs +6 -6
  76. package/dist/apis/entity-mapping.js +1 -1
  77. package/dist/apis/entity.cjs +6 -6
  78. package/dist/apis/entity.js +1 -1
  79. package/dist/apis/environments.cjs +6 -6
  80. package/dist/apis/environments.js +1 -1
  81. package/dist/apis/event-catalog.cjs +6 -6
  82. package/dist/apis/event-catalog.js +1 -1
  83. package/dist/apis/file.cjs +6 -6
  84. package/dist/apis/file.js +1 -1
  85. package/dist/apis/iban.cjs +6 -6
  86. package/dist/apis/iban.js +1 -1
  87. package/dist/apis/integration-toolkit.cjs +6 -6
  88. package/dist/apis/integration-toolkit.js +1 -1
  89. package/dist/apis/journey.cjs +6 -6
  90. package/dist/apis/journey.d.cts +2 -2
  91. package/dist/apis/journey.d.ts +2 -2
  92. package/dist/apis/journey.js +1 -1
  93. package/dist/apis/kanban.cjs +6 -6
  94. package/dist/apis/kanban.js +1 -1
  95. package/dist/apis/message.cjs +6 -6
  96. package/dist/apis/message.js +1 -1
  97. package/dist/apis/metering.cjs +6 -6
  98. package/dist/apis/metering.js +1 -1
  99. package/dist/apis/notes.cjs +6 -6
  100. package/dist/apis/notes.js +1 -1
  101. package/dist/apis/notification.cjs +6 -6
  102. package/dist/apis/notification.js +1 -1
  103. package/dist/apis/organization.cjs +6 -6
  104. package/dist/apis/organization.js +1 -1
  105. package/dist/apis/partner-directory.cjs +6 -6
  106. package/dist/apis/partner-directory.js +1 -1
  107. package/dist/apis/permissions.cjs +6 -6
  108. package/dist/apis/permissions.js +1 -1
  109. package/dist/apis/pricing-tier.cjs +6 -6
  110. package/dist/apis/pricing-tier.js +1 -1
  111. package/dist/apis/pricing.cjs +6 -6
  112. package/dist/apis/pricing.js +1 -1
  113. package/dist/apis/purpose.cjs +6 -6
  114. package/dist/apis/purpose.js +1 -1
  115. package/dist/apis/query.cjs +6 -6
  116. package/dist/apis/query.js +1 -1
  117. package/dist/apis/sandbox.cjs +6 -6
  118. package/dist/apis/sandbox.js +1 -1
  119. package/dist/apis/sharing.cjs +6 -6
  120. package/dist/apis/sharing.js +1 -1
  121. package/dist/apis/snapshot.cjs +8 -8
  122. package/dist/apis/snapshot.d.cts +2 -2
  123. package/dist/apis/snapshot.d.ts +2 -2
  124. package/dist/apis/snapshot.js +2 -2
  125. package/dist/apis/submission.cjs +6 -6
  126. package/dist/apis/submission.js +1 -1
  127. package/dist/apis/target.cjs +6 -6
  128. package/dist/apis/target.js +1 -1
  129. package/dist/apis/targeting.cjs +6 -6
  130. package/dist/apis/targeting.js +1 -1
  131. package/dist/apis/template-variables.cjs +6 -6
  132. package/dist/apis/template-variables.js +1 -1
  133. package/dist/apis/user.cjs +6 -6
  134. package/dist/apis/user.js +1 -1
  135. package/dist/apis/validation-rules.cjs +6 -6
  136. package/dist/apis/validation-rules.js +1 -1
  137. package/dist/apis/webhooks.cjs +6 -6
  138. package/dist/apis/webhooks.js +1 -1
  139. package/dist/apis/workflow-definition.cjs +6 -6
  140. package/dist/apis/workflow-definition.js +1 -1
  141. package/dist/apis/workflow.cjs +6 -6
  142. package/dist/apis/workflow.js +1 -1
  143. package/dist/{chunk-7LIGFCRI.cjs → chunk-4GI6KGKZ.cjs} +3 -3
  144. package/dist/chunk-54QNWEPZ.js +14 -0
  145. package/dist/{chunk-CMANJ4LY.js → chunk-VMKT7UQS.js} +3 -3
  146. package/dist/chunk-YXJ4PBFQ.cjs +14 -0
  147. package/dist/index.cjs +10 -10
  148. package/dist/index.d.cts +3 -3
  149. package/dist/index.d.ts +3 -3
  150. package/dist/index.js +2 -2
  151. package/dist/journey-LHVSSVTG.cjs +7 -0
  152. package/dist/journey-NXL264XW.js +7 -0
  153. package/dist/{journey.d-BenIUWaO.d.cts → journey.d-B1sOeMHw.d.cts} +16 -3
  154. package/dist/{journey.d-BenIUWaO.d.ts → journey.d-B1sOeMHw.d.ts} +16 -3
  155. package/dist/snapshot-6CCO4NYL.js +7 -0
  156. package/dist/snapshot-GWB56VPP.cjs +7 -0
  157. package/dist/{snapshot-runtime-5TT575JS.cjs → snapshot-runtime-6DV42FVY.cjs} +2 -2
  158. package/dist/{snapshot-runtime-KWRGOKF4.js → snapshot-runtime-IW57MINC.js} +1 -1
  159. package/dist/{snapshot.d-C-n4wkIu.d.cts → snapshot.d-D5z6-hzE.d.cts} +30 -22
  160. package/dist/{snapshot.d-C-n4wkIu.d.ts → snapshot.d-D5z6-hzE.d.ts} +30 -22
  161. package/docs/journey.md +28 -8
  162. package/docs/snapshot.md +8 -6
  163. package/package.json +1 -1
  164. package/dist/chunk-4SZCKUY2.js +0 -14
  165. package/dist/chunk-ULKFBO7E.cjs +0 -14
  166. package/dist/journey-4DIIPRU4.js +0 -7
  167. package/dist/journey-ATC3Y5AW.cjs +0 -7
  168. package/dist/snapshot-GDJOEFJQ.js +0 -7
  169. package/dist/snapshot-UKV54UQQ.cjs +0 -7
package/definitions/snapshot.json ADDED
@@ -0,0 +1,973 @@
1
+ {
2
+ "openapi": "3.0.3",
3
+ "info": {
4
+ "title": "Snapshot API",
5
+ "description": "Point-in-time backups of epilot configuration with restore.\n\nProvides a safety net for configuration changes: every blueprint install,\nevery Configuration Hub sync, and every manual config change can be preceded\nby a snapshot — giving operators a rollback point if something breaks.\n\nSee `docs/rfcs/RFC-snapshot-api.md` in the `blueprint-manifest-api` repo\nfor the full design.\n",
6
+ "version": "0.1.0"
7
+ },
8
+ "servers": [
9
+ {
10
+ "url": "https://snapshot.sls.epilot.io"
11
+ },
12
+ {
13
+ "url": "https://snapshot.dev.sls.epilot.io",
14
+ "description": "Dev"
15
+ },
16
+ {
17
+ "url": "https://snapshot.staging.sls.epilot.io",
18
+ "description": "Staging"
19
+ }
20
+ ],
21
+ "security": [
22
+ {
23
+ "EpilotAuth": []
24
+ }
25
+ ],
26
+ "tags": [
27
+ {
28
+ "name": "Snapshots",
29
+ "description": "Snapshot CRUD and restore operations"
30
+ }
31
+ ],
32
+ "paths": {
33
+ "/v1/snapshots": {
34
+ "post": {
35
+ "operationId": "createSnapshot",
36
+ "summary": "createSnapshot",
37
+ "description": "Create a new snapshot of the given resources. Async — returns immediately\nwith a snapshot ID; client polls `getSnapshot` until `create.status`\nmoves from `in_progress` to `completed` or `failed`.\n",
38
+ "tags": [
39
+ "Snapshots"
40
+ ],
41
+ "requestBody": {
42
+ "required": true,
43
+ "content": {
44
+ "application/json": {
45
+ "schema": {
46
+ "$ref": "#/components/schemas/CreateSnapshotRequest"
47
+ }
48
+ }
49
+ }
50
+ },
51
+ "responses": {
52
+ "202": {
53
+ "description": "Snapshot creation started",
54
+ "content": {
55
+ "application/json": {
56
+ "schema": {
57
+ "$ref": "#/components/schemas/CreateSnapshotResponse"
58
+ }
59
+ }
60
+ }
61
+ },
62
+ "400": {
63
+ "$ref": "#/components/responses/BadRequest"
64
+ },
65
+ "401": {
66
+ "$ref": "#/components/responses/Unauthorized"
67
+ }
68
+ }
69
+ },
70
+ "get": {
71
+ "operationId": "listSnapshots",
72
+ "summary": "listSnapshots",
73
+ "description": "List snapshots for the caller's organization, newest first.\n\nPass `resource=<type>:<id>` one or more times to filter to snapshots\ncontaining **any** of the listed resources (OR semantics). Each returned\nsnapshot includes a `matched_count` indicating how many of the filter\npairs are present in it. Hard cap of 50 filter pairs per request. When\nfiltered, pagination is not applied — the result set is bounded.\n",
74
+ "tags": [
75
+ "Snapshots"
76
+ ],
77
+ "parameters": [
78
+ {
79
+ "in": "query",
80
+ "name": "cursor",
81
+ "schema": {
82
+ "type": "string"
83
+ }
84
+ },
85
+ {
86
+ "in": "query",
87
+ "name": "size",
88
+ "schema": {
89
+ "type": "integer",
90
+ "minimum": 1,
91
+ "maximum": 100,
92
+ "default": 25
93
+ }
94
+ },
95
+ {
96
+ "in": "query",
97
+ "name": "resource",
98
+ "description": "Filter to snapshots containing one or more resources. Format\n`<type>:<id>`. Split on the first colon — the `<id>` half may\ncontain colons (e.g., role acl ids like `role:acl:internal:foo`).\nRepeat the param for multiple resources — results are OR-unioned.\nMaximum 50 pairs per request.\n",
99
+ "schema": {
100
+ "type": "array",
101
+ "items": {
102
+ "type": "string",
103
+ "pattern": "^[^:]+:.+$"
104
+ }
105
+ }
106
+ },
107
+ {
108
+ "in": "query",
109
+ "name": "trigger",
110
+ "description": "Filter to snapshots with a specific trigger. Uses the `byTrigger` GSI\nfor an efficient indexed query — no table scan. Only snapshots created\nafter the GSI was added carry this index entry; pre-existing rows will\nnot appear in trigger-filtered results.\n",
111
+ "schema": {
112
+ "type": "string",
113
+ "enum": [
114
+ "manual",
115
+ "sync",
116
+ "blueprint_install",
117
+ "scheduled"
118
+ ]
119
+ }
120
+ }
121
+ ],
122
+ "responses": {
123
+ "200": {
124
+ "description": "Snapshot list",
125
+ "content": {
126
+ "application/json": {
127
+ "schema": {
128
+ "type": "object",
129
+ "required": [
130
+ "results",
131
+ "page_size"
132
+ ],
133
+ "properties": {
134
+ "page_size": {
135
+ "type": "integer",
136
+ "description": "Number of items in this page (not the total across all pages)."
137
+ },
138
+ "cursor": {
139
+ "type": "string",
140
+ "description": "Pagination cursor; pass to the next request to get the next page."
141
+ },
142
+ "results": {
143
+ "type": "array",
144
+ "items": {
145
+ "$ref": "#/components/schemas/Snapshot"
146
+ }
147
+ }
148
+ }
149
+ }
150
+ }
151
+ }
152
+ },
153
+ "401": {
154
+ "$ref": "#/components/responses/Unauthorized"
155
+ }
156
+ }
157
+ }
158
+ },
159
+ "/v1/snapshots:capture-org": {
160
+ "post": {
161
+ "operationId": "captureOrgSnapshot",
162
+ "summary": "captureOrgSnapshot",
163
+ "description": "Snapshot the caller's whole organization now. Fetches a fresh inventory\nof the org's configuration resources from configuration-hub-api, persists\nit as an inventory artifact, and starts a `scope: \"org\"` chunked capture.\nAsync — returns immediately with a snapshot ID; client polls `getSnapshot`\nand watches `capture_summary` fill in until `create.status` moves from\n`in_progress` to `completed` or `failed`.\n\nSensitive types (`access_token`, `environment_variable`), types with no\nengine adapter, and any `excluded_types` are dropped from the capture and\nrecorded in the snapshot's coverage report.\n",
164
+ "tags": [
165
+ "Snapshots"
166
+ ],
167
+ "requestBody": {
168
+ "required": false,
169
+ "content": {
170
+ "application/json": {
171
+ "schema": {
172
+ "$ref": "#/components/schemas/CreateOrgSnapshotRequest"
173
+ }
174
+ }
175
+ }
176
+ },
177
+ "responses": {
178
+ "202": {
179
+ "description": "Org snapshot creation started",
180
+ "content": {
181
+ "application/json": {
182
+ "schema": {
183
+ "$ref": "#/components/schemas/CreateSnapshotResponse"
184
+ }
185
+ }
186
+ }
187
+ },
188
+ "401": {
189
+ "$ref": "#/components/responses/Unauthorized"
190
+ },
191
+ "422": {
192
+ "$ref": "#/components/responses/UnprocessableEntity"
193
+ }
194
+ }
195
+ }
196
+ },
197
+ "/v1/snapshots/{id}": {
198
+ "parameters": [
199
+ {
200
+ "in": "path",
201
+ "name": "id",
202
+ "required": true,
203
+ "schema": {
204
+ "type": "string"
205
+ }
206
+ }
207
+ ],
208
+ "get": {
209
+ "operationId": "getSnapshot",
210
+ "summary": "getSnapshot",
211
+ "description": "Fetch a snapshot's metadata. Poll this endpoint to track create/restore progress.",
212
+ "tags": [
213
+ "Snapshots"
214
+ ],
215
+ "responses": {
216
+ "200": {
217
+ "description": "Snapshot metadata",
218
+ "content": {
219
+ "application/json": {
220
+ "schema": {
221
+ "$ref": "#/components/schemas/Snapshot"
222
+ }
223
+ }
224
+ }
225
+ },
226
+ "401": {
227
+ "$ref": "#/components/responses/Unauthorized"
228
+ },
229
+ "404": {
230
+ "$ref": "#/components/responses/NotFound"
231
+ }
232
+ }
233
+ },
234
+ "delete": {
235
+ "operationId": "deleteSnapshot",
236
+ "summary": "deleteSnapshot",
237
+ "description": "Delete a snapshot's metadata and S3 manifest.",
238
+ "tags": [
239
+ "Snapshots"
240
+ ],
241
+ "responses": {
242
+ "204": {
243
+ "description": "Deleted"
244
+ },
245
+ "401": {
246
+ "$ref": "#/components/responses/Unauthorized"
247
+ },
248
+ "404": {
249
+ "$ref": "#/components/responses/NotFound"
250
+ }
251
+ }
252
+ }
253
+ },
254
+ "/v1/snapshots/{id}:restore": {
255
+ "parameters": [
256
+ {
257
+ "in": "path",
258
+ "name": "id",
259
+ "required": true,
260
+ "schema": {
261
+ "type": "string"
262
+ }
263
+ }
264
+ ],
265
+ "post": {
266
+ "operationId": "restoreSnapshot",
267
+ "summary": "restoreSnapshot",
268
+ "description": "Restore a snapshot to the org. Async — returns immediately; client polls\n`getSnapshot` until the latest entry in `restores` moves from\n`in_progress` to one of `completed | partial | failed`.\n\nv1: full restore only. Cherry-pick (`resources?` body filter) is an open\nquestion — see RFC OQ #1.\n",
269
+ "tags": [
270
+ "Snapshots"
271
+ ],
272
+ "requestBody": {
273
+ "required": false,
274
+ "content": {
275
+ "application/json": {
276
+ "schema": {
277
+ "$ref": "#/components/schemas/RestoreSnapshotRequest"
278
+ }
279
+ }
280
+ }
281
+ },
282
+ "responses": {
283
+ "202": {
284
+ "description": "Restore started",
285
+ "content": {
286
+ "application/json": {
287
+ "schema": {
288
+ "$ref": "#/components/schemas/RestoreSnapshotResponse"
289
+ }
290
+ }
291
+ }
292
+ },
293
+ "401": {
294
+ "$ref": "#/components/responses/Unauthorized"
295
+ },
296
+ "404": {
297
+ "$ref": "#/components/responses/NotFound"
298
+ }
299
+ }
300
+ }
301
+ },
302
+ "/v1/snapshots/{id}/resources": {
303
+ "parameters": [
304
+ {
305
+ "in": "path",
306
+ "name": "id",
307
+ "required": true,
308
+ "schema": {
309
+ "type": "string"
310
+ }
311
+ }
312
+ ],
313
+ "get": {
314
+ "operationId": "listSnapshotResources",
315
+ "summary": "listSnapshotResources",
316
+ "description": "List the resources captured in this snapshot. Returns lightweight\nidentity fields per resource — payloads are fetched via the\nsingle-resource endpoint when needed.\n\nUsed by Config Hub UI to render snapshot contents, and by\nblueprint-manifest-api to partition lineage rows during a restore\nsweep (resources in this list are touched; others are net-new).\n",
317
+ "tags": [
318
+ "Snapshots"
319
+ ],
320
+ "responses": {
321
+ "200": {
322
+ "description": "Captured resources",
323
+ "content": {
324
+ "application/json": {
325
+ "schema": {
326
+ "$ref": "#/components/schemas/SnapshotResourceList"
327
+ }
328
+ }
329
+ }
330
+ },
331
+ "401": {
332
+ "$ref": "#/components/responses/Unauthorized"
333
+ },
334
+ "404": {
335
+ "$ref": "#/components/responses/NotFound"
336
+ }
337
+ }
338
+ }
339
+ },
340
+ "/v1/snapshots/{id}/resources/{lineage_id}": {
341
+ "parameters": [
342
+ {
343
+ "in": "path",
344
+ "name": "id",
345
+ "required": true,
346
+ "schema": {
347
+ "type": "string"
348
+ }
349
+ },
350
+ {
351
+ "in": "path",
352
+ "name": "lineage_id",
353
+ "required": true,
354
+ "schema": {
355
+ "type": "string"
356
+ }
357
+ }
358
+ ],
359
+ "get": {
360
+ "operationId": "getSnapshotResource",
361
+ "summary": "getSnapshotResource",
362
+ "description": "Fetch one captured resource with its full payload. For UI views\nthat diff the captured state against the current destination.\n",
363
+ "tags": [
364
+ "Snapshots"
365
+ ],
366
+ "responses": {
367
+ "200": {
368
+ "description": "Captured resource with payload",
369
+ "content": {
370
+ "application/json": {
371
+ "schema": {
372
+ "$ref": "#/components/schemas/SnapshotResourceDetail"
373
+ }
374
+ }
375
+ }
376
+ },
377
+ "401": {
378
+ "$ref": "#/components/responses/Unauthorized"
379
+ },
380
+ "404": {
381
+ "$ref": "#/components/responses/NotFound"
382
+ }
383
+ }
384
+ }
385
+ },
386
+ "/v1/snapshots:list-dependencies": {
387
+ "post": {
388
+ "operationId": "listDependencies",
389
+ "summary": "listDependencies",
390
+ "description": "Walk the dependency tree for a set of resources and return the full\ntransitive closure, topologically sorted.\n\n**Not implemented in v1.** Returns 501. Callers should pass an explicit\nresource list to `createSnapshot`. See RFC Phase 5.\n",
391
+ "tags": [
392
+ "Snapshots"
393
+ ],
394
+ "requestBody": {
395
+ "required": true,
396
+ "content": {
397
+ "application/json": {
398
+ "schema": {
399
+ "type": "object",
400
+ "required": [
401
+ "resources"
402
+ ],
403
+ "properties": {
404
+ "resources": {
405
+ "type": "array",
406
+ "items": {
407
+ "$ref": "#/components/schemas/ResourceRef"
408
+ }
409
+ }
410
+ }
411
+ }
412
+ }
413
+ }
414
+ },
415
+ "responses": {
416
+ "200": {
417
+ "description": "Transitive dependency closure for the given resources, topologically sorted.",
418
+ "content": {
419
+ "application/json": {
420
+ "schema": {
421
+ "type": "object",
422
+ "required": [
423
+ "dependencies"
424
+ ],
425
+ "properties": {
426
+ "dependencies": {
427
+ "type": "array",
428
+ "items": {
429
+ "$ref": "#/components/schemas/ResourceRef"
430
+ }
431
+ }
432
+ }
433
+ }
434
+ }
435
+ }
436
+ },
437
+ "401": {
438
+ "$ref": "#/components/responses/Unauthorized"
439
+ },
440
+ "501": {
441
+ "description": "Not implemented",
442
+ "content": {
443
+ "application/json": {
444
+ "schema": {
445
+ "$ref": "#/components/schemas/Error"
446
+ }
447
+ }
448
+ }
449
+ }
450
+ }
451
+ }
452
+ }
453
+ },
454
+ "components": {
455
+ "securitySchemes": {
456
+ "EpilotAuth": {
457
+ "type": "apiKey",
458
+ "in": "header",
459
+ "name": "Authorization"
460
+ }
461
+ },
462
+ "responses": {
463
+ "BadRequest": {
464
+ "description": "Bad request",
465
+ "content": {
466
+ "application/json": {
467
+ "schema": {
468
+ "$ref": "#/components/schemas/Error"
469
+ }
470
+ }
471
+ }
472
+ },
473
+ "Unauthorized": {
474
+ "description": "Unauthorized",
475
+ "content": {
476
+ "application/json": {
477
+ "schema": {
478
+ "$ref": "#/components/schemas/Error"
479
+ }
480
+ }
481
+ }
482
+ },
483
+ "NotFound": {
484
+ "description": "Not found",
485
+ "content": {
486
+ "application/json": {
487
+ "schema": {
488
+ "$ref": "#/components/schemas/Error"
489
+ }
490
+ }
491
+ }
492
+ },
493
+ "UnprocessableEntity": {
494
+ "description": "Unprocessable entity",
495
+ "content": {
496
+ "application/json": {
497
+ "schema": {
498
+ "$ref": "#/components/schemas/EmptyInventoryError"
499
+ }
500
+ }
501
+ }
502
+ }
503
+ },
504
+ "schemas": {
505
+ "Error": {
506
+ "type": "object",
507
+ "required": [
508
+ "status",
509
+ "error"
510
+ ],
511
+ "properties": {
512
+ "status": {
513
+ "type": "integer"
514
+ },
515
+ "error": {
516
+ "type": "string"
517
+ }
518
+ }
519
+ },
520
+ "EmptyInventoryError": {
521
+ "type": "object",
522
+ "required": [
523
+ "message",
524
+ "skipped_types"
525
+ ],
526
+ "description": "Returned (422) when the org inventory contains no capturable resources\nafter filtering out sensitive, unsupported, and excluded types. The\n`skipped_types` array explains why every type was dropped.\n",
527
+ "properties": {
528
+ "message": {
529
+ "type": "string",
530
+ "example": "No capturable resources in the org inventory"
531
+ },
532
+ "skipped_types": {
533
+ "type": "array",
534
+ "items": {
535
+ "type": "object",
536
+ "required": [
537
+ "type",
538
+ "reason"
539
+ ],
540
+ "properties": {
541
+ "type": {
542
+ "type": "string"
543
+ },
544
+ "reason": {
545
+ "type": "string"
546
+ }
547
+ }
548
+ }
549
+ }
550
+ }
551
+ },
552
+ "ResourceRef": {
553
+ "type": "object",
554
+ "required": [
555
+ "type",
556
+ "id"
557
+ ],
558
+ "properties": {
559
+ "type": {
560
+ "type": "string",
561
+ "description": "Resource type (e.g., custom_variable, journey, automation_flow)"
562
+ },
563
+ "id": {
564
+ "type": "string"
565
+ }
566
+ }
567
+ },
568
+ "SnapshotResourceSummary": {
569
+ "type": "object",
570
+ "description": "Lightweight identity for a captured resource. Returned by\n`listSnapshotResources`; the full payload is fetched separately via\n`getSnapshotResource` when needed.\n",
571
+ "required": [
572
+ "lineage_id",
573
+ "target_id",
574
+ "type"
575
+ ],
576
+ "properties": {
577
+ "lineage_id": {
578
+ "type": "string",
579
+ "deprecated": true,
580
+ "description": "Deprecated alias of `target_id`. Always equals `target_id` (the\nimplementation never distinguished them). Use `target_id`.\n"
581
+ },
582
+ "target_id": {
583
+ "type": "string",
584
+ "description": "Identifier the resource was captured by (passed in via `ResourceRef.id` on createSnapshot)."
585
+ },
586
+ "type": {
587
+ "type": "string"
588
+ },
589
+ "name": {
590
+ "type": "string",
591
+ "nullable": true,
592
+ "description": "Best-effort display name extracted from the captured payload\n(`name` / `title` / `label` / `key` in that order). Null when\nnone of those fields are present.\n"
593
+ }
594
+ }
595
+ },
596
+ "SnapshotResourceList": {
597
+ "type": "object",
598
+ "required": [
599
+ "resources"
600
+ ],
601
+ "properties": {
602
+ "resources": {
603
+ "type": "array",
604
+ "items": {
605
+ "$ref": "#/components/schemas/SnapshotResourceSummary"
606
+ }
607
+ }
608
+ }
609
+ },
610
+ "SnapshotResourceDetail": {
611
+ "type": "object",
612
+ "description": "A single captured resource with its full payload. The identity fields\nmatch `SnapshotResourceSummary`; the `captured` payload is the\npre-install state at snapshot time.\n",
613
+ "required": [
614
+ "lineage_id",
615
+ "target_id",
616
+ "type",
617
+ "captured"
618
+ ],
619
+ "properties": {
620
+ "lineage_id": {
621
+ "type": "string"
622
+ },
623
+ "target_id": {
624
+ "type": "string"
625
+ },
626
+ "type": {
627
+ "type": "string"
628
+ },
629
+ "name": {
630
+ "type": "string",
631
+ "nullable": true
632
+ },
633
+ "captured": {
634
+ "type": "object",
635
+ "additionalProperties": true,
636
+ "description": "Full captured payload of the resource at snapshot time."
637
+ }
638
+ }
639
+ },
640
+ "CreateSnapshotRequest": {
641
+ "type": "object",
642
+ "required": [
643
+ "name",
644
+ "resources"
645
+ ],
646
+ "properties": {
647
+ "name": {
648
+ "type": "string"
649
+ },
650
+ "description": {
651
+ "type": "string"
652
+ },
653
+ "trigger": {
654
+ "type": "string",
655
+ "enum": [
656
+ "manual",
657
+ "sync",
658
+ "blueprint_install",
659
+ "scheduled"
660
+ ],
661
+ "default": "manual",
662
+ "description": "What initiated this snapshot. `scheduled` is used for automatic\nnightly backups triggered by an org's EventBridge schedule\n(RFC — Scheduled org snapshots).\n"
663
+ },
664
+ "blueprint_instance_id": {
665
+ "type": "string",
666
+ "description": "Required iff `trigger === 'blueprint_install'`; forbidden otherwise.\nIdentifies the destination blueprint instance whose install this\nsnapshot covers. Used at restore time as the join key for the\nlineage-driven delete sweep.\n"
667
+ },
668
+ "resources": {
669
+ "type": "array",
670
+ "items": {
671
+ "$ref": "#/components/schemas/ResourceRef"
672
+ },
673
+ "description": "List of resources to capture. Required non-empty for\n`trigger === 'manual'` or `'sync'`. May be empty when\n`trigger === 'blueprint_install'` — an install with no\nresources to overwrite still needs a snapshot row so the\nblueprint-manifest-api restore endpoint can find it.\n"
674
+ }
675
+ }
676
+ },
677
+ "CreateOrgSnapshotRequest": {
678
+ "type": "object",
679
+ "description": "Request body for `captureOrgSnapshot`. All fields optional — an empty body\nsnapshots the whole org with a default name and the 90-day default TTL.\n",
680
+ "properties": {
681
+ "name": {
682
+ "type": "string",
683
+ "description": "Snapshot name. Defaults to \"Org snapshot — <ISO timestamp>\"."
684
+ },
685
+ "retention": {
686
+ "type": "object",
687
+ "description": "Retention window. Converted to an absolute `expires_at` at creation\ntime. Omit for the default 90-day TTL.\n",
688
+ "required": [
689
+ "value",
690
+ "unit"
691
+ ],
692
+ "properties": {
693
+ "value": {
694
+ "type": "integer",
695
+ "minimum": 1
696
+ },
697
+ "unit": {
698
+ "type": "string",
699
+ "enum": [
700
+ "days",
701
+ "weeks",
702
+ "months"
703
+ ]
704
+ }
705
+ }
706
+ },
707
+ "excluded_types": {
708
+ "type": "array",
709
+ "description": "Resource types to exclude from the capture, in addition to the\nalways-excluded sensitive types (`access_token`,\n`environment_variable`).\n",
710
+ "items": {
711
+ "type": "string"
712
+ }
713
+ }
714
+ }
715
+ },
716
+ "CreateSnapshotResponse": {
717
+ "type": "object",
718
+ "required": [
719
+ "id",
720
+ "name",
721
+ "status",
722
+ "created_at"
723
+ ],
724
+ "properties": {
725
+ "id": {
726
+ "type": "string"
727
+ },
728
+ "name": {
729
+ "type": "string"
730
+ },
731
+ "status": {
732
+ "type": "string",
733
+ "enum": [
734
+ "creating"
735
+ ]
736
+ },
737
+ "created_at": {
738
+ "type": "string",
739
+ "format": "date-time"
740
+ }
741
+ }
742
+ },
743
+ "RestoreSnapshotRequest": {
744
+ "type": "object",
745
+ "description": "Skipped resources surface under `Operation.skipped`. All filters default\nto the open setting (apply everything), which keeps Config Hub's manual-\nrestore semantics unchanged.\n",
746
+ "properties": {
747
+ "preserve_modified": {
748
+ "type": "boolean",
749
+ "default": false,
750
+ "description": "When `true`, skip captured resources whose live payload's content\nfingerprint diverges from the capture-time fingerprint stored on\nthe manifest entry. Self-contained: snapshot-api fetches and hashes\nthe live payload itself; no cross-service lookup. Surfaces under\n`Operation.skipped` with `reason: 'modified'`. Legacy snapshots\ncaptured before fingerprints were stored fail open (applied).\n"
751
+ },
752
+ "preserve_co_owned": {
753
+ "type": "boolean",
754
+ "default": false,
755
+ "deprecated": true,
756
+ "description": "Deprecated. Accepted for back-compat but treated as a no-op.\nCo-ownership is now expressed via `exclude_target_ids` — the caller\n(typically blueprint-manifest-api) computes which targets to skip\nfrom its own data and passes the list. snapshot-api no longer\nreaches into BMA's lineage table.\n"
757
+ },
758
+ "exclude_target_ids": {
759
+ "type": "array",
760
+ "items": {
761
+ "type": "string"
762
+ },
763
+ "description": "Target ids the caller has decided not to restore. snapshot-api\napplies the manifest minus these ids and reports them under\n`Operation.skipped` with `reason: 'co_owned'` (the only current\nproducer of exclude lists is BMA's revert flow, which uses this to\nhonor multi-blueprint ownership).\n"
764
+ }
765
+ }
766
+ },
767
+ "RestoreSnapshotResponse": {
768
+ "type": "object",
769
+ "required": [
770
+ "id",
771
+ "status"
772
+ ],
773
+ "properties": {
774
+ "id": {
775
+ "type": "string"
776
+ },
777
+ "status": {
778
+ "type": "string",
779
+ "enum": [
780
+ "restoring"
781
+ ]
782
+ }
783
+ }
784
+ },
785
+ "Snapshot": {
786
+ "type": "object",
787
+ "required": [
788
+ "id",
789
+ "org_id",
790
+ "name",
791
+ "trigger",
792
+ "resource_counts",
793
+ "create",
794
+ "restores"
795
+ ],
796
+ "properties": {
797
+ "id": {
798
+ "type": "string"
799
+ },
800
+ "org_id": {
801
+ "type": "string"
802
+ },
803
+ "name": {
804
+ "type": "string"
805
+ },
806
+ "description": {
807
+ "type": "string"
808
+ },
809
+ "trigger": {
810
+ "type": "string",
811
+ "enum": [
812
+ "manual",
813
+ "sync",
814
+ "blueprint_install",
815
+ "scheduled"
816
+ ]
817
+ },
818
+ "blueprint_instance_id": {
819
+ "type": "string",
820
+ "description": "Set iff `trigger === 'blueprint_install'`. The destination blueprint\ninstance this snapshot covers.\n"
821
+ },
822
+ "resource_counts": {
823
+ "type": "object",
824
+ "additionalProperties": {
825
+ "type": "integer"
826
+ },
827
+ "description": "Resource type → count of resources of that type in the snapshot."
828
+ },
829
+ "create": {
830
+ "$ref": "#/components/schemas/Operation"
831
+ },
832
+ "restores": {
833
+ "type": "array",
834
+ "items": {
835
+ "$ref": "#/components/schemas/Operation"
836
+ }
837
+ },
838
+ "matched_count": {
839
+ "type": "integer",
840
+ "description": "Number of `resource` filter pairs from the request that are\ncontained in this snapshot. Present only on `listSnapshots`\nresponses where the caller passed at least one `resource`\nfilter — absent on `getSnapshot` and on unfiltered list calls.\nDrives the coverage badge in Config Hub's snapshot picker.\n"
841
+ },
842
+ "scope": {
843
+ "type": "string",
844
+ "enum": [
845
+ "selection",
846
+ "org"
847
+ ],
848
+ "description": "Capture scope. `selection` (default for manual/sync/blueprint_install)\nmeans only the explicitly listed resources were snapshotted.\n`org` means a full org inventory was discovered and captured\n(scheduled snapshots set this automatically).\n"
849
+ },
850
+ "expires_at": {
851
+ "type": "string",
852
+ "format": "date-time",
853
+ "description": "ISO-8601 timestamp after which this snapshot will be deleted.\nDerived from the org's retention setting at capture time for\nscheduled snapshots; not set for manual snapshots (which use\na hardcoded 90-day TTL written directly as a DynamoDB `ttl` epoch).\n"
854
+ },
855
+ "capture_summary": {
856
+ "type": "object",
857
+ "description": "Per-snapshot coverage report set by the capture worker on completion.\nRecords how many resources were attempted, captured, skipped\n(unsupported type or explicitly excluded), and failed.\n",
858
+ "required": [
859
+ "total",
860
+ "captured",
861
+ "skipped",
862
+ "failed"
863
+ ],
864
+ "properties": {
865
+ "total": {
866
+ "type": "integer",
867
+ "description": "Total resources in the inventory that were attempted."
868
+ },
869
+ "captured": {
870
+ "type": "integer",
871
+ "description": "Resources successfully fetched and written to the manifest."
872
+ },
873
+ "skipped": {
874
+ "type": "integer",
875
+ "description": "Resources skipped — type not supported by config-engine or\nexcluded from capture (e.g. access_token, environment_variable).\n"
876
+ },
877
+ "failed": {
878
+ "type": "integer",
879
+ "description": "Resources where the fetch call returned an error."
880
+ }
881
+ }
882
+ }
883
+ }
884
+ },
885
+ "Operation": {
886
+ "type": "object",
887
+ "required": [
888
+ "type",
889
+ "started_at",
890
+ "status",
891
+ "triggered_by"
892
+ ],
893
+ "properties": {
894
+ "type": {
895
+ "type": "string",
896
+ "enum": [
897
+ "create",
898
+ "restore"
899
+ ]
900
+ },
901
+ "started_at": {
902
+ "type": "string",
903
+ "format": "date-time"
904
+ },
905
+ "completed_at": {
906
+ "type": "string",
907
+ "format": "date-time"
908
+ },
909
+ "status": {
910
+ "type": "string",
911
+ "enum": [
912
+ "in_progress",
913
+ "completed",
914
+ "partial",
915
+ "failed"
916
+ ],
917
+ "description": "`partial` indicates the operation completed but skipped at least\none resource — see `skipped`. Only populated by restores triggered\nwith `mode: 'preserve_edits'`.\n"
918
+ },
919
+ "error": {
920
+ "type": "string"
921
+ },
922
+ "triggered_by": {
923
+ "$ref": "#/components/schemas/CallerIdentity"
924
+ },
925
+ "skipped": {
926
+ "type": "array",
927
+ "description": "Per-resource skips, populated only for restores triggered with\n`mode: 'preserve_edits'`. Empty / absent for Config Hub's\ndefault overwrite-mode restores.\n",
928
+ "items": {
929
+ "$ref": "#/components/schemas/SkippedResource"
930
+ }
931
+ }
932
+ }
933
+ },
934
+ "SkippedResource": {
935
+ "type": "object",
936
+ "required": [
937
+ "lineage_id",
938
+ "reason"
939
+ ],
940
+ "properties": {
941
+ "lineage_id": {
942
+ "type": "string"
943
+ },
944
+ "reason": {
945
+ "type": "string",
946
+ "enum": [
947
+ "modified",
948
+ "co_owned"
949
+ ],
950
+ "description": "- `modified` — current destination payload's fingerprint differs\n from the install-time fingerprint on the lineage row.\n- `co_owned` — lineage row has ≥2 distinct\n `blueprint_instance_ids`; restoring would unilaterally affect\n another blueprint instance's contribution.\n"
951
+ }
952
+ }
953
+ },
954
+ "CallerIdentity": {
955
+ "type": "object",
956
+ "required": [
957
+ "name"
958
+ ],
959
+ "properties": {
960
+ "name": {
961
+ "type": "string"
962
+ },
963
+ "user_id": {
964
+ "type": "string"
965
+ },
966
+ "token_id": {
967
+ "type": "string"
968
+ }
969
+ }
970
+ }
971
+ }
972
+ }
973
+ }