@rulebricks/cli 2.1.7 → 2.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/README.md +51 -16
  2. package/cluster-setup/aws/README.md +96 -47
  3. package/cluster-setup/aws/check-aws-access.sh +216 -52
  4. package/cluster-setup/aws/parameters.json +13 -0
  5. package/cluster-setup/aws/rulebricks-cluster.cfn.yaml +355 -0
  6. package/cluster-setup/azure/README.md +103 -55
  7. package/cluster-setup/azure/check-aks-prereqs.sh +236 -56
  8. package/cluster-setup/azure/parameters.json +30 -0
  9. package/cluster-setup/azure/rulebricks-cluster.bicep +546 -0
  10. package/cluster-setup/gcp/README.md +51 -34
  11. package/cluster-setup/gcp/check-gke-prereqs.sh +222 -60
  12. package/dist/commands/backup.d.ts +5 -0
  13. package/dist/commands/backup.js +104 -0
  14. package/dist/commands/deploy.d.ts +3 -1
  15. package/dist/commands/deploy.js +226 -326
  16. package/dist/commands/destroy.d.ts +1 -1
  17. package/dist/commands/destroy.js +73 -123
  18. package/dist/commands/init.d.ts +5 -1
  19. package/dist/commands/init.js +78 -54
  20. package/dist/commands/list.d.ts +1 -0
  21. package/dist/commands/list.js +74 -0
  22. package/dist/commands/open.d.ts +1 -1
  23. package/dist/commands/open.js +4 -12
  24. package/dist/commands/redeploy.d.ts +6 -0
  25. package/dist/commands/redeploy.js +310 -0
  26. package/dist/commands/restore.d.ts +5 -0
  27. package/dist/commands/restore.js +338 -0
  28. package/dist/commands/status.js +62 -49
  29. package/dist/commands/upgrade.js +74 -51
  30. package/dist/components/DNSWaitScreen.d.ts +5 -1
  31. package/dist/components/DNSWaitScreen.js +47 -41
  32. package/dist/components/Wizard/WizardContext.d.ts +157 -36
  33. package/dist/components/Wizard/WizardContext.js +872 -160
  34. package/dist/components/Wizard/steps/CloudProviderStep.js +192 -107
  35. package/dist/components/Wizard/steps/DomainStep.js +5 -24
  36. package/dist/components/Wizard/steps/ExternalServicesStep.d.ts +6 -0
  37. package/dist/components/Wizard/steps/ExternalServicesStep.js +645 -0
  38. package/dist/components/Wizard/steps/FeatureConfigStep.d.ts +2 -1
  39. package/dist/components/Wizard/steps/FeatureConfigStep.js +739 -425
  40. package/dist/components/Wizard/steps/FeaturesStep.js +31 -35
  41. package/dist/components/Wizard/steps/ObservabilityStep.d.ts +6 -0
  42. package/dist/components/Wizard/steps/ObservabilityStep.js +137 -0
  43. package/dist/components/Wizard/steps/ReviewStep.d.ts +2 -1
  44. package/dist/components/Wizard/steps/ReviewStep.js +56 -12
  45. package/dist/components/Wizard/steps/StorageStep.d.ts +9 -0
  46. package/dist/components/Wizard/steps/StorageStep.js +592 -0
  47. package/dist/components/Wizard/steps/SupabaseCredentialsStep.js +20 -21
  48. package/dist/components/Wizard/steps/VersionStep.js +45 -23
  49. package/dist/components/Wizard/steps/index.d.ts +3 -3
  50. package/dist/components/Wizard/steps/index.js +3 -3
  51. package/dist/components/common/CommandApproval.d.ts +12 -0
  52. package/dist/components/common/CommandApproval.js +91 -0
  53. package/dist/components/common/DeploymentPicker.d.ts +14 -0
  54. package/dist/components/common/DeploymentPicker.js +16 -0
  55. package/dist/components/common/index.d.ts +2 -0
  56. package/dist/components/common/index.js +2 -0
  57. package/dist/index.js +94 -62
  58. package/dist/lib/cloudCli.d.ts +134 -63
  59. package/dist/lib/cloudCli.js +512 -220
  60. package/dist/lib/clusterSetupDefaults.d.ts +30 -0
  61. package/dist/lib/clusterSetupDefaults.js +64 -0
  62. package/dist/lib/commandApproval.d.ts +26 -0
  63. package/dist/lib/commandApproval.js +114 -0
  64. package/dist/lib/config.d.ts +12 -10
  65. package/dist/lib/config.js +91 -33
  66. package/dist/lib/configFixtures.d.ts +5 -0
  67. package/dist/lib/configFixtures.js +513 -0
  68. package/dist/lib/deploymentHealth.d.ts +32 -0
  69. package/dist/lib/deploymentHealth.js +157 -0
  70. package/dist/lib/dns.d.ts +1 -1
  71. package/dist/lib/dns.js +19 -1
  72. package/dist/lib/dns.test.d.ts +1 -0
  73. package/dist/lib/dns.test.js +27 -0
  74. package/dist/lib/dockerHub.d.ts +12 -1
  75. package/dist/lib/dockerHub.js +18 -8
  76. package/dist/lib/helm.d.ts +4 -0
  77. package/dist/lib/helm.js +16 -0
  78. package/dist/lib/helmValues.d.ts +25 -0
  79. package/dist/lib/helmValues.js +1841 -289
  80. package/dist/lib/helmValues.test.d.ts +1 -0
  81. package/dist/lib/helmValues.test.js +1012 -0
  82. package/dist/lib/htpasswd.d.ts +1 -0
  83. package/dist/lib/htpasswd.js +15 -0
  84. package/dist/lib/kubernetes.d.ts +124 -17
  85. package/dist/lib/kubernetes.js +576 -145
  86. package/dist/lib/secrets.d.ts +23 -0
  87. package/dist/lib/secrets.js +158 -0
  88. package/dist/lib/validateValues.d.ts +31 -0
  89. package/dist/lib/validateValues.js +253 -0
  90. package/dist/lib/versions.d.ts +82 -11
  91. package/dist/lib/versions.js +131 -31
  92. package/dist/lib/versions.test.d.ts +1 -0
  93. package/dist/lib/versions.test.js +81 -0
  94. package/dist/lib/wizardSteps.d.ts +14 -0
  95. package/dist/lib/wizardSteps.js +23 -0
  96. package/dist/lib/workloadIdentity.d.ts +26 -0
  97. package/dist/lib/workloadIdentity.js +323 -0
  98. package/dist/lib/workloadIdentity.test.d.ts +1 -0
  99. package/dist/lib/workloadIdentity.test.js +57 -0
  100. package/dist/types/index.d.ts +1860 -164
  101. package/dist/types/index.js +518 -295
  102. package/package.json +9 -4
  103. package/schema/values.schema.json +1934 -0
  104. package/cluster-setup/aws/cluster.yaml +0 -33
  105. package/cluster-setup/azure/main.bicep +0 -282
  106. package/cluster-setup/azure/main.parameters.json +0 -21
  107. package/dist/components/Wizard/steps/CredentialsStep.d.ts +0 -6
  108. package/dist/components/Wizard/steps/CredentialsStep.js +0 -22
  109. package/dist/components/Wizard/steps/DeploymentModeStep.d.ts +0 -5
  110. package/dist/components/Wizard/steps/DeploymentModeStep.js +0 -26
  111. package/dist/components/Wizard/steps/TierStep.d.ts +0 -6
  112. package/dist/components/Wizard/steps/TierStep.js +0 -29
  113. package/dist/lib/terraform.d.ts +0 -66
  114. package/dist/lib/terraform.js +0 -754
  115. package/terraform/aws/main.tf +0 -355
  116. package/terraform/azure/main.tf +0 -371
  117. package/terraform/gcp/main.tf +0 -407
@@ -1,12 +1,13 @@
1
1
  import { z } from "zod";
2
2
  export type CloudProvider = "aws" | "gcp" | "azure";
3
3
  export type DatabaseType = "self-hosted" | "supabase-cloud";
4
- export type PerformanceTier = "small" | "medium" | "large";
4
+ export type NodeArchitecture = "amd64" | "arm64" | "mixed" | "unknown";
5
5
  export type SSOProvider = "azure" | "google" | "okta" | "keycloak" | "ory" | "other";
6
+ export type KafkaPreset = "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom";
7
+ export type KafkaSaslMechanism = "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
6
8
  export type DnsProvider = "route53" | "cloudflare" | "google" | "azure" | "other";
7
9
  export declare const SUPPORTED_DNS_PROVIDERS: DnsProvider[];
8
- export type LoggingSink = "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
9
- export type LoggingSinkCategory = "cloud-storage" | "logging-platform";
10
+ export type LoggingSink = "console" | "pending" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
10
11
  export type MonitoringDestination = "local-grafana" | "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
11
12
  export type RemoteWriteDestination = "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
12
13
  export type RemoteWriteAuthType = "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer";
@@ -29,47 +30,8 @@ export interface RemoteWriteConfig {
29
30
  bearerTokenSecretRef?: SecretKeyRef;
30
31
  }
31
32
  export type CloudLoggingAuthMode = "workload-identity" | "secret";
32
- export declare const LOGGING_SINK_CATEGORIES: Record<Exclude<LoggingSink, "console" | "pending">, LoggingSinkCategory>;
33
+ export type ObjectStorageProvider = "s3" | "azure-blob" | "gcs";
33
34
  export declare const CLOUD_REGIONS: Record<CloudProvider, string[]>;
34
- export declare const TIER_CONFIGS: Record<PerformanceTier, TierConfig>;
35
- export interface ResourceSpec {
36
- requests: {
37
- cpu: string;
38
- memory: string;
39
- };
40
- limits: {
41
- cpu: string;
42
- memory: string;
43
- };
44
- }
45
- export interface TierConfig {
46
- description: string;
47
- throughput: string;
48
- nodes: {
49
- min: number;
50
- max: number;
51
- };
52
- resources: string;
53
- hpsReplicas: number;
54
- hpsWorkerReplicas: {
55
- min: number;
56
- max: number;
57
- };
58
- hpsResources: ResourceSpec;
59
- hpsWorkerResources: ResourceSpec;
60
- kafkaStorage: string;
61
- kafkaReplication: number;
62
- kafkaResources: ResourceSpec;
63
- kafkaHeapOpts: string;
64
- redisResources: ResourceSpec;
65
- redisPersistenceSize: string;
66
- vectorReplicas: number;
67
- vectorResources: ResourceSpec;
68
- dbResources: ResourceSpec;
69
- dbPersistenceSize: string;
70
- appReplicas: number;
71
- appResources: ResourceSpec;
72
- }
73
35
  export interface SMTPConfig {
74
36
  host: string;
75
37
  port: number;
@@ -133,35 +95,353 @@ export interface CustomEmailConfig {
133
95
  }
134
96
  export declare const DEFAULT_EMAIL_SUBJECTS: EmailSubjects;
135
97
  export declare const DNS_PROVIDER_NAMES: Record<DnsProvider, string>;
98
+ export declare const CLOUD_PROVIDER_NAMES: Record<CloudProvider, string>;
136
99
  export declare const LOGGING_SINK_INFO: Record<LoggingSink, {
137
100
  name: string;
138
101
  description: string;
139
102
  }>;
140
- export declare const LOGGING_DESTINATION_LABELS: Record<LoggingSink, string>;
141
- export declare function getLoggingDestinationLabel(sink: LoggingSink): string;
103
+ /**
104
+ * Validates a Prometheus remote_write config the same way buildHelmValues and
105
+ * the Helm chart do, returning human-readable errors. Centralized so the wizard
106
+ * gate, the Zod schema (load time), and Helm value generation all enforce the
107
+ * exact same per-destination/auth requirements. This is what prevents the CLI
108
+ * from ever persisting a monitoring config that throws at deploy time (e.g.
109
+ * "Azure Monitor remote_write managed identity requires client ID").
110
+ */
111
+ export declare function validateRemoteWriteConfig(rw: RemoteWriteConfig): string[];
112
+ export type TracingDestination = "elastic" | "otlp" | "azure-monitor";
113
+ declare const TracingConfigSchema: z.ZodEffects<z.ZodObject<{
114
+ enabled: z.ZodBoolean;
115
+ destination: z.ZodOptional<z.ZodEnum<["elastic", "otlp", "azure-monitor"]>>;
116
+ samplingRatio: z.ZodOptional<z.ZodNumber>;
117
+ elastic: z.ZodOptional<z.ZodObject<{
118
+ endpoint: z.ZodOptional<z.ZodString>;
119
+ authMode: z.ZodOptional<z.ZodEnum<["secret-token", "api-key", "none"]>>;
120
+ secretToken: z.ZodOptional<z.ZodString>;
121
+ apiKey: z.ZodOptional<z.ZodString>;
122
+ }, "strip", z.ZodTypeAny, {
123
+ endpoint?: string | undefined;
124
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
125
+ secretToken?: string | undefined;
126
+ apiKey?: string | undefined;
127
+ }, {
128
+ endpoint?: string | undefined;
129
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
130
+ secretToken?: string | undefined;
131
+ apiKey?: string | undefined;
132
+ }>>;
133
+ otlp: z.ZodOptional<z.ZodObject<{
134
+ endpoint: z.ZodOptional<z.ZodString>;
135
+ authMode: z.ZodOptional<z.ZodEnum<["none", "bearer", "api-key", "header"]>>;
136
+ headerName: z.ZodOptional<z.ZodString>;
137
+ token: z.ZodOptional<z.ZodString>;
138
+ apiKey: z.ZodOptional<z.ZodString>;
139
+ headerValue: z.ZodOptional<z.ZodString>;
140
+ headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
141
+ tlsInsecureSkipVerify: z.ZodOptional<z.ZodBoolean>;
142
+ }, "strip", z.ZodTypeAny, {
143
+ endpoint?: string | undefined;
144
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
145
+ apiKey?: string | undefined;
146
+ headerName?: string | undefined;
147
+ token?: string | undefined;
148
+ headerValue?: string | undefined;
149
+ headers?: Record<string, string> | undefined;
150
+ tlsInsecureSkipVerify?: boolean | undefined;
151
+ }, {
152
+ endpoint?: string | undefined;
153
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
154
+ apiKey?: string | undefined;
155
+ headerName?: string | undefined;
156
+ token?: string | undefined;
157
+ headerValue?: string | undefined;
158
+ headers?: Record<string, string> | undefined;
159
+ tlsInsecureSkipVerify?: boolean | undefined;
160
+ }>>;
161
+ azureMonitor: z.ZodOptional<z.ZodObject<{
162
+ connectionString: z.ZodOptional<z.ZodString>;
163
+ }, "strip", z.ZodTypeAny, {
164
+ connectionString?: string | undefined;
165
+ }, {
166
+ connectionString?: string | undefined;
167
+ }>>;
168
+ }, "strip", z.ZodTypeAny, {
169
+ enabled: boolean;
170
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
171
+ elastic?: {
172
+ endpoint?: string | undefined;
173
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
174
+ secretToken?: string | undefined;
175
+ apiKey?: string | undefined;
176
+ } | undefined;
177
+ otlp?: {
178
+ endpoint?: string | undefined;
179
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
180
+ apiKey?: string | undefined;
181
+ headerName?: string | undefined;
182
+ token?: string | undefined;
183
+ headerValue?: string | undefined;
184
+ headers?: Record<string, string> | undefined;
185
+ tlsInsecureSkipVerify?: boolean | undefined;
186
+ } | undefined;
187
+ samplingRatio?: number | undefined;
188
+ azureMonitor?: {
189
+ connectionString?: string | undefined;
190
+ } | undefined;
191
+ }, {
192
+ enabled: boolean;
193
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
194
+ elastic?: {
195
+ endpoint?: string | undefined;
196
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
197
+ secretToken?: string | undefined;
198
+ apiKey?: string | undefined;
199
+ } | undefined;
200
+ otlp?: {
201
+ endpoint?: string | undefined;
202
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
203
+ apiKey?: string | undefined;
204
+ headerName?: string | undefined;
205
+ token?: string | undefined;
206
+ headerValue?: string | undefined;
207
+ headers?: Record<string, string> | undefined;
208
+ tlsInsecureSkipVerify?: boolean | undefined;
209
+ } | undefined;
210
+ samplingRatio?: number | undefined;
211
+ azureMonitor?: {
212
+ connectionString?: string | undefined;
213
+ } | undefined;
214
+ }>, {
215
+ enabled: boolean;
216
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
217
+ elastic?: {
218
+ endpoint?: string | undefined;
219
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
220
+ secretToken?: string | undefined;
221
+ apiKey?: string | undefined;
222
+ } | undefined;
223
+ otlp?: {
224
+ endpoint?: string | undefined;
225
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
226
+ apiKey?: string | undefined;
227
+ headerName?: string | undefined;
228
+ token?: string | undefined;
229
+ headerValue?: string | undefined;
230
+ headers?: Record<string, string> | undefined;
231
+ tlsInsecureSkipVerify?: boolean | undefined;
232
+ } | undefined;
233
+ samplingRatio?: number | undefined;
234
+ azureMonitor?: {
235
+ connectionString?: string | undefined;
236
+ } | undefined;
237
+ }, {
238
+ enabled: boolean;
239
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
240
+ elastic?: {
241
+ endpoint?: string | undefined;
242
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
243
+ secretToken?: string | undefined;
244
+ apiKey?: string | undefined;
245
+ } | undefined;
246
+ otlp?: {
247
+ endpoint?: string | undefined;
248
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
249
+ apiKey?: string | undefined;
250
+ headerName?: string | undefined;
251
+ token?: string | undefined;
252
+ headerValue?: string | undefined;
253
+ headers?: Record<string, string> | undefined;
254
+ tlsInsecureSkipVerify?: boolean | undefined;
255
+ } | undefined;
256
+ samplingRatio?: number | undefined;
257
+ azureMonitor?: {
258
+ connectionString?: string | undefined;
259
+ } | undefined;
260
+ }>;
261
+ export type TracingConfig = z.infer<typeof TracingConfigSchema>;
262
+ declare const AppLogsConfigSchema: z.ZodEffects<z.ZodObject<{
263
+ enabled: z.ZodBoolean;
264
+ destination: z.ZodOptional<z.ZodEnum<["elasticsearch", "loki", "generic"]>>;
265
+ elasticsearch: z.ZodOptional<z.ZodObject<{
266
+ endpoint: z.ZodOptional<z.ZodString>;
267
+ index: z.ZodOptional<z.ZodString>;
268
+ authMode: z.ZodOptional<z.ZodEnum<["basic", "api-key", "none"]>>;
269
+ username: z.ZodOptional<z.ZodString>;
270
+ password: z.ZodOptional<z.ZodString>;
271
+ apiKey: z.ZodOptional<z.ZodString>;
272
+ verifyCertificate: z.ZodOptional<z.ZodBoolean>;
273
+ }, "strip", z.ZodTypeAny, {
274
+ endpoint?: string | undefined;
275
+ authMode?: "none" | "basic" | "api-key" | undefined;
276
+ apiKey?: string | undefined;
277
+ index?: string | undefined;
278
+ username?: string | undefined;
279
+ password?: string | undefined;
280
+ verifyCertificate?: boolean | undefined;
281
+ }, {
282
+ endpoint?: string | undefined;
283
+ authMode?: "none" | "basic" | "api-key" | undefined;
284
+ apiKey?: string | undefined;
285
+ index?: string | undefined;
286
+ username?: string | undefined;
287
+ password?: string | undefined;
288
+ verifyCertificate?: boolean | undefined;
289
+ }>>;
290
+ loki: z.ZodOptional<z.ZodObject<{
291
+ endpoint: z.ZodOptional<z.ZodString>;
292
+ labels: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
293
+ }, "strip", z.ZodTypeAny, {
294
+ endpoint?: string | undefined;
295
+ labels?: Record<string, string> | undefined;
296
+ }, {
297
+ endpoint?: string | undefined;
298
+ labels?: Record<string, string> | undefined;
299
+ }>>;
300
+ generic: z.ZodOptional<z.ZodObject<{
301
+ endpoint: z.ZodOptional<z.ZodString>;
302
+ authHeader: z.ZodOptional<z.ZodString>;
303
+ }, "strip", z.ZodTypeAny, {
304
+ endpoint?: string | undefined;
305
+ authHeader?: string | undefined;
306
+ }, {
307
+ endpoint?: string | undefined;
308
+ authHeader?: string | undefined;
309
+ }>>;
310
+ }, "strip", z.ZodTypeAny, {
311
+ enabled: boolean;
312
+ elasticsearch?: {
313
+ endpoint?: string | undefined;
314
+ authMode?: "none" | "basic" | "api-key" | undefined;
315
+ apiKey?: string | undefined;
316
+ index?: string | undefined;
317
+ username?: string | undefined;
318
+ password?: string | undefined;
319
+ verifyCertificate?: boolean | undefined;
320
+ } | undefined;
321
+ loki?: {
322
+ endpoint?: string | undefined;
323
+ labels?: Record<string, string> | undefined;
324
+ } | undefined;
325
+ generic?: {
326
+ endpoint?: string | undefined;
327
+ authHeader?: string | undefined;
328
+ } | undefined;
329
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
330
+ }, {
331
+ enabled: boolean;
332
+ elasticsearch?: {
333
+ endpoint?: string | undefined;
334
+ authMode?: "none" | "basic" | "api-key" | undefined;
335
+ apiKey?: string | undefined;
336
+ index?: string | undefined;
337
+ username?: string | undefined;
338
+ password?: string | undefined;
339
+ verifyCertificate?: boolean | undefined;
340
+ } | undefined;
341
+ loki?: {
342
+ endpoint?: string | undefined;
343
+ labels?: Record<string, string> | undefined;
344
+ } | undefined;
345
+ generic?: {
346
+ endpoint?: string | undefined;
347
+ authHeader?: string | undefined;
348
+ } | undefined;
349
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
350
+ }>, {
351
+ enabled: boolean;
352
+ elasticsearch?: {
353
+ endpoint?: string | undefined;
354
+ authMode?: "none" | "basic" | "api-key" | undefined;
355
+ apiKey?: string | undefined;
356
+ index?: string | undefined;
357
+ username?: string | undefined;
358
+ password?: string | undefined;
359
+ verifyCertificate?: boolean | undefined;
360
+ } | undefined;
361
+ loki?: {
362
+ endpoint?: string | undefined;
363
+ labels?: Record<string, string> | undefined;
364
+ } | undefined;
365
+ generic?: {
366
+ endpoint?: string | undefined;
367
+ authHeader?: string | undefined;
368
+ } | undefined;
369
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
370
+ }, {
371
+ enabled: boolean;
372
+ elasticsearch?: {
373
+ endpoint?: string | undefined;
374
+ authMode?: "none" | "basic" | "api-key" | undefined;
375
+ apiKey?: string | undefined;
376
+ index?: string | undefined;
377
+ username?: string | undefined;
378
+ password?: string | undefined;
379
+ verifyCertificate?: boolean | undefined;
380
+ } | undefined;
381
+ loki?: {
382
+ endpoint?: string | undefined;
383
+ labels?: Record<string, string> | undefined;
384
+ } | undefined;
385
+ generic?: {
386
+ endpoint?: string | undefined;
387
+ authHeader?: string | undefined;
388
+ } | undefined;
389
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
390
+ }>;
391
+ export type AppLogsConfig = z.infer<typeof AppLogsConfigSchema>;
142
392
  export declare const DeploymentConfigSchema: z.ZodObject<{
143
393
  name: z.ZodString;
144
394
  infrastructure: z.ZodObject<{
145
- mode: z.ZodEnum<["existing", "provision"]>;
395
+ mode: z.ZodLiteral<"existing">;
146
396
  provider: z.ZodOptional<z.ZodEnum<["aws", "gcp", "azure"]>>;
147
397
  region: z.ZodOptional<z.ZodString>;
148
398
  clusterName: z.ZodOptional<z.ZodString>;
149
399
  gcpProjectId: z.ZodOptional<z.ZodString>;
150
400
  azureResourceGroup: z.ZodOptional<z.ZodString>;
401
+ nodeArchitecture: z.ZodOptional<z.ZodEnum<["amd64", "arm64", "mixed", "unknown"]>>;
402
+ arm64TolerationRequired: z.ZodOptional<z.ZodBoolean>;
403
+ storageClass: z.ZodOptional<z.ZodString>;
404
+ storageProvisioner: z.ZodOptional<z.ZodString>;
405
+ schedulableNodeCount: z.ZodOptional<z.ZodNumber>;
406
+ totalCpuCores: z.ZodOptional<z.ZodNumber>;
407
+ totalMemoryGi: z.ZodOptional<z.ZodNumber>;
408
+ eligibleCpuCores: z.ZodOptional<z.ZodNumber>;
409
+ eligibleMemoryGi: z.ZodOptional<z.ZodNumber>;
410
+ totalPersistentStorageGi: z.ZodOptional<z.ZodNumber>;
151
411
  }, "strip", z.ZodTypeAny, {
152
- mode: "existing" | "provision";
412
+ mode: "existing";
153
413
  provider?: "aws" | "gcp" | "azure" | undefined;
154
414
  region?: string | undefined;
155
415
  clusterName?: string | undefined;
156
416
  gcpProjectId?: string | undefined;
157
417
  azureResourceGroup?: string | undefined;
418
+ nodeArchitecture?: "amd64" | "arm64" | "mixed" | "unknown" | undefined;
419
+ arm64TolerationRequired?: boolean | undefined;
420
+ storageClass?: string | undefined;
421
+ storageProvisioner?: string | undefined;
422
+ schedulableNodeCount?: number | undefined;
423
+ totalCpuCores?: number | undefined;
424
+ totalMemoryGi?: number | undefined;
425
+ eligibleCpuCores?: number | undefined;
426
+ eligibleMemoryGi?: number | undefined;
427
+ totalPersistentStorageGi?: number | undefined;
158
428
  }, {
159
- mode: "existing" | "provision";
429
+ mode: "existing";
160
430
  provider?: "aws" | "gcp" | "azure" | undefined;
161
431
  region?: string | undefined;
162
432
  clusterName?: string | undefined;
163
433
  gcpProjectId?: string | undefined;
164
434
  azureResourceGroup?: string | undefined;
435
+ nodeArchitecture?: "amd64" | "arm64" | "mixed" | "unknown" | undefined;
436
+ arm64TolerationRequired?: boolean | undefined;
437
+ storageClass?: string | undefined;
438
+ storageProvisioner?: string | undefined;
439
+ schedulableNodeCount?: number | undefined;
440
+ totalCpuCores?: number | undefined;
441
+ totalMemoryGi?: number | undefined;
442
+ eligibleCpuCores?: number | undefined;
443
+ eligibleMemoryGi?: number | undefined;
444
+ totalPersistentStorageGi?: number | undefined;
165
445
  }>;
166
446
  domain: z.ZodString;
167
447
  adminEmail: z.ZodString;
@@ -169,15 +449,12 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
169
449
  dns: z.ZodObject<{
170
450
  provider: z.ZodEnum<["route53", "cloudflare", "google", "azure", "other"]>;
171
451
  autoManage: z.ZodBoolean;
172
- existingExternalDns: z.ZodOptional<z.ZodBoolean>;
173
452
  }, "strip", z.ZodTypeAny, {
174
453
  provider: "azure" | "google" | "other" | "route53" | "cloudflare";
175
454
  autoManage: boolean;
176
- existingExternalDns?: boolean | undefined;
177
455
  }, {
178
456
  provider: "azure" | "google" | "other" | "route53" | "cloudflare";
179
457
  autoManage: boolean;
180
- existingExternalDns?: boolean | undefined;
181
458
  }>;
182
459
  smtp: z.ZodObject<{
183
460
  host: z.ZodString;
@@ -235,7 +512,485 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
235
512
  supabaseDashboardUser?: string | undefined;
236
513
  supabaseDashboardPass?: string | undefined;
237
514
  }>;
238
- tier: z.ZodEnum<["small", "medium", "large"]>;
515
+ storage: z.ZodOptional<z.ZodObject<{
516
+ provider: z.ZodEnum<["s3", "azure-blob", "gcs"]>;
517
+ cloudAuthMode: z.ZodOptional<z.ZodEnum<["workload-identity", "secret"]>>;
518
+ bucket: z.ZodString;
519
+ region: z.ZodString;
520
+ awsIamRoleArn: z.ZodOptional<z.ZodString>;
521
+ azureBlobClientId: z.ZodOptional<z.ZodString>;
522
+ azureBlobTenantId: z.ZodOptional<z.ZodString>;
523
+ azureBlobConnectionStringSecretRef: z.ZodOptional<z.ZodObject<{
524
+ name: z.ZodString;
525
+ key: z.ZodString;
526
+ }, "strip", z.ZodTypeAny, {
527
+ name: string;
528
+ key: string;
529
+ }, {
530
+ name: string;
531
+ key: string;
532
+ }>>;
533
+ azureBlobContainer: z.ZodOptional<z.ZodString>;
534
+ gcpServiceAccountEmail: z.ZodOptional<z.ZodString>;
535
+ paths: z.ZodOptional<z.ZodObject<{
536
+ decisionLogs: z.ZodOptional<z.ZodString>;
537
+ dbBackups: z.ZodOptional<z.ZodString>;
538
+ }, "strip", z.ZodTypeAny, {
539
+ decisionLogs?: string | undefined;
540
+ dbBackups?: string | undefined;
541
+ }, {
542
+ decisionLogs?: string | undefined;
543
+ dbBackups?: string | undefined;
544
+ }>>;
545
+ }, "strip", z.ZodTypeAny, {
546
+ provider: "s3" | "azure-blob" | "gcs";
547
+ region: string;
548
+ bucket: string;
549
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
550
+ awsIamRoleArn?: string | undefined;
551
+ azureBlobClientId?: string | undefined;
552
+ azureBlobTenantId?: string | undefined;
553
+ azureBlobConnectionStringSecretRef?: {
554
+ name: string;
555
+ key: string;
556
+ } | undefined;
557
+ azureBlobContainer?: string | undefined;
558
+ gcpServiceAccountEmail?: string | undefined;
559
+ paths?: {
560
+ decisionLogs?: string | undefined;
561
+ dbBackups?: string | undefined;
562
+ } | undefined;
563
+ }, {
564
+ provider: "s3" | "azure-blob" | "gcs";
565
+ region: string;
566
+ bucket: string;
567
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
568
+ awsIamRoleArn?: string | undefined;
569
+ azureBlobClientId?: string | undefined;
570
+ azureBlobTenantId?: string | undefined;
571
+ azureBlobConnectionStringSecretRef?: {
572
+ name: string;
573
+ key: string;
574
+ } | undefined;
575
+ azureBlobContainer?: string | undefined;
576
+ gcpServiceAccountEmail?: string | undefined;
577
+ paths?: {
578
+ decisionLogs?: string | undefined;
579
+ dbBackups?: string | undefined;
580
+ } | undefined;
581
+ }>>;
582
+ externalServices: z.ZodOptional<z.ZodObject<{
583
+ redis: z.ZodOptional<z.ZodObject<{
584
+ mode: z.ZodEnum<["embedded", "external"]>;
585
+ external: z.ZodOptional<z.ZodObject<{
586
+ host: z.ZodOptional<z.ZodString>;
587
+ port: z.ZodOptional<z.ZodNumber>;
588
+ password: z.ZodOptional<z.ZodString>;
589
+ existingSecret: z.ZodOptional<z.ZodString>;
590
+ existingSecretKey: z.ZodOptional<z.ZodString>;
591
+ tls: z.ZodOptional<z.ZodBoolean>;
592
+ httpApi: z.ZodOptional<z.ZodObject<{
593
+ enabled: z.ZodBoolean;
594
+ url: z.ZodOptional<z.ZodString>;
595
+ token: z.ZodOptional<z.ZodString>;
596
+ }, "strip", z.ZodTypeAny, {
597
+ enabled: boolean;
598
+ url?: string | undefined;
599
+ token?: string | undefined;
600
+ }, {
601
+ enabled: boolean;
602
+ url?: string | undefined;
603
+ token?: string | undefined;
604
+ }>>;
605
+ }, "strip", z.ZodTypeAny, {
606
+ password?: string | undefined;
607
+ host?: string | undefined;
608
+ port?: number | undefined;
609
+ existingSecret?: string | undefined;
610
+ existingSecretKey?: string | undefined;
611
+ tls?: boolean | undefined;
612
+ httpApi?: {
613
+ enabled: boolean;
614
+ url?: string | undefined;
615
+ token?: string | undefined;
616
+ } | undefined;
617
+ }, {
618
+ password?: string | undefined;
619
+ host?: string | undefined;
620
+ port?: number | undefined;
621
+ existingSecret?: string | undefined;
622
+ existingSecretKey?: string | undefined;
623
+ tls?: boolean | undefined;
624
+ httpApi?: {
625
+ enabled: boolean;
626
+ url?: string | undefined;
627
+ token?: string | undefined;
628
+ } | undefined;
629
+ }>>;
630
+ }, "strip", z.ZodTypeAny, {
631
+ mode: "embedded" | "external";
632
+ external?: {
633
+ password?: string | undefined;
634
+ host?: string | undefined;
635
+ port?: number | undefined;
636
+ existingSecret?: string | undefined;
637
+ existingSecretKey?: string | undefined;
638
+ tls?: boolean | undefined;
639
+ httpApi?: {
640
+ enabled: boolean;
641
+ url?: string | undefined;
642
+ token?: string | undefined;
643
+ } | undefined;
644
+ } | undefined;
645
+ }, {
646
+ mode: "embedded" | "external";
647
+ external?: {
648
+ password?: string | undefined;
649
+ host?: string | undefined;
650
+ port?: number | undefined;
651
+ existingSecret?: string | undefined;
652
+ existingSecretKey?: string | undefined;
653
+ tls?: boolean | undefined;
654
+ httpApi?: {
655
+ enabled: boolean;
656
+ url?: string | undefined;
657
+ token?: string | undefined;
658
+ } | undefined;
659
+ } | undefined;
660
+ }>>;
661
+ kafka: z.ZodOptional<z.ZodObject<{
662
+ mode: z.ZodEnum<["embedded", "external"]>;
663
+ external: z.ZodOptional<z.ZodObject<{
664
+ preset: z.ZodOptional<z.ZodEnum<["aws-msk-iam", "azure-event-hubs", "gcp-managed", "custom"]>>;
665
+ brokers: z.ZodOptional<z.ZodString>;
666
+ topic: z.ZodOptional<z.ZodString>;
667
+ topicPrefix: z.ZodOptional<z.ZodString>;
668
+ provisionTopics: z.ZodOptional<z.ZodBoolean>;
669
+ ssl: z.ZodOptional<z.ZodBoolean>;
670
+ sasl: z.ZodOptional<z.ZodObject<{
671
+ mechanism: z.ZodEnum<["", "aws-iam", "oauthbearer", "scram-sha-256", "scram-sha-512", "plain"]>;
672
+ region: z.ZodOptional<z.ZodString>;
673
+ username: z.ZodOptional<z.ZodString>;
674
+ password: z.ZodOptional<z.ZodString>;
675
+ existingSecret: z.ZodOptional<z.ZodString>;
676
+ }, "strip", z.ZodTypeAny, {
677
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
678
+ username?: string | undefined;
679
+ password?: string | undefined;
680
+ region?: string | undefined;
681
+ existingSecret?: string | undefined;
682
+ }, {
683
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
684
+ username?: string | undefined;
685
+ password?: string | undefined;
686
+ region?: string | undefined;
687
+ existingSecret?: string | undefined;
688
+ }>>;
689
+ identity: z.ZodOptional<z.ZodObject<{
690
+ awsRoleArn: z.ZodOptional<z.ZodString>;
691
+ gcpServiceAccountEmail: z.ZodOptional<z.ZodString>;
692
+ azureClientId: z.ZodOptional<z.ZodString>;
693
+ }, "strip", z.ZodTypeAny, {
694
+ awsRoleArn?: string | undefined;
695
+ gcpServiceAccountEmail?: string | undefined;
696
+ azureClientId?: string | undefined;
697
+ }, {
698
+ awsRoleArn?: string | undefined;
699
+ gcpServiceAccountEmail?: string | undefined;
700
+ azureClientId?: string | undefined;
701
+ }>>;
702
+ }, "strip", z.ZodTypeAny, {
703
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
704
+ brokers?: string | undefined;
705
+ topic?: string | undefined;
706
+ topicPrefix?: string | undefined;
707
+ provisionTopics?: boolean | undefined;
708
+ ssl?: boolean | undefined;
709
+ sasl?: {
710
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
711
+ username?: string | undefined;
712
+ password?: string | undefined;
713
+ region?: string | undefined;
714
+ existingSecret?: string | undefined;
715
+ } | undefined;
716
+ identity?: {
717
+ awsRoleArn?: string | undefined;
718
+ gcpServiceAccountEmail?: string | undefined;
719
+ azureClientId?: string | undefined;
720
+ } | undefined;
721
+ }, {
722
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
723
+ brokers?: string | undefined;
724
+ topic?: string | undefined;
725
+ topicPrefix?: string | undefined;
726
+ provisionTopics?: boolean | undefined;
727
+ ssl?: boolean | undefined;
728
+ sasl?: {
729
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
730
+ username?: string | undefined;
731
+ password?: string | undefined;
732
+ region?: string | undefined;
733
+ existingSecret?: string | undefined;
734
+ } | undefined;
735
+ identity?: {
736
+ awsRoleArn?: string | undefined;
737
+ gcpServiceAccountEmail?: string | undefined;
738
+ azureClientId?: string | undefined;
739
+ } | undefined;
740
+ }>>;
741
+ }, "strip", z.ZodTypeAny, {
742
+ mode: "embedded" | "external";
743
+ external?: {
744
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
745
+ brokers?: string | undefined;
746
+ topic?: string | undefined;
747
+ topicPrefix?: string | undefined;
748
+ provisionTopics?: boolean | undefined;
749
+ ssl?: boolean | undefined;
750
+ sasl?: {
751
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
752
+ username?: string | undefined;
753
+ password?: string | undefined;
754
+ region?: string | undefined;
755
+ existingSecret?: string | undefined;
756
+ } | undefined;
757
+ identity?: {
758
+ awsRoleArn?: string | undefined;
759
+ gcpServiceAccountEmail?: string | undefined;
760
+ azureClientId?: string | undefined;
761
+ } | undefined;
762
+ } | undefined;
763
+ }, {
764
+ mode: "embedded" | "external";
765
+ external?: {
766
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
767
+ brokers?: string | undefined;
768
+ topic?: string | undefined;
769
+ topicPrefix?: string | undefined;
770
+ provisionTopics?: boolean | undefined;
771
+ ssl?: boolean | undefined;
772
+ sasl?: {
773
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
774
+ username?: string | undefined;
775
+ password?: string | undefined;
776
+ region?: string | undefined;
777
+ existingSecret?: string | undefined;
778
+ } | undefined;
779
+ identity?: {
780
+ awsRoleArn?: string | undefined;
781
+ gcpServiceAccountEmail?: string | undefined;
782
+ azureClientId?: string | undefined;
783
+ } | undefined;
784
+ } | undefined;
785
+ }>>;
786
+ postgres: z.ZodOptional<z.ZodObject<{
787
+ mode: z.ZodEnum<["embedded", "external"]>;
788
+ external: z.ZodOptional<z.ZodObject<{
789
+ provider: z.ZodOptional<z.ZodEnum<["aws", "azure"]>>;
790
+ host: z.ZodOptional<z.ZodString>;
791
+ port: z.ZodOptional<z.ZodNumber>;
792
+ database: z.ZodOptional<z.ZodString>;
793
+ bootstrap: z.ZodOptional<z.ZodObject<{
794
+ enabled: z.ZodOptional<z.ZodBoolean>;
795
+ masterUsername: z.ZodOptional<z.ZodString>;
796
+ masterPassword: z.ZodOptional<z.ZodString>;
797
+ secretRef: z.ZodOptional<z.ZodString>;
798
+ appRole: z.ZodOptional<z.ZodString>;
799
+ }, "strip", z.ZodTypeAny, {
800
+ enabled?: boolean | undefined;
801
+ masterUsername?: string | undefined;
802
+ masterPassword?: string | undefined;
803
+ secretRef?: string | undefined;
804
+ appRole?: string | undefined;
805
+ }, {
806
+ enabled?: boolean | undefined;
807
+ masterUsername?: string | undefined;
808
+ masterPassword?: string | undefined;
809
+ secretRef?: string | undefined;
810
+ appRole?: string | undefined;
811
+ }>>;
812
+ }, "strip", z.ZodTypeAny, {
813
+ provider?: "aws" | "azure" | undefined;
814
+ host?: string | undefined;
815
+ port?: number | undefined;
816
+ database?: string | undefined;
817
+ bootstrap?: {
818
+ enabled?: boolean | undefined;
819
+ masterUsername?: string | undefined;
820
+ masterPassword?: string | undefined;
821
+ secretRef?: string | undefined;
822
+ appRole?: string | undefined;
823
+ } | undefined;
824
+ }, {
825
+ provider?: "aws" | "azure" | undefined;
826
+ host?: string | undefined;
827
+ port?: number | undefined;
828
+ database?: string | undefined;
829
+ bootstrap?: {
830
+ enabled?: boolean | undefined;
831
+ masterUsername?: string | undefined;
832
+ masterPassword?: string | undefined;
833
+ secretRef?: string | undefined;
834
+ appRole?: string | undefined;
835
+ } | undefined;
836
+ }>>;
837
+ }, "strip", z.ZodTypeAny, {
838
+ mode: "embedded" | "external";
839
+ external?: {
840
+ provider?: "aws" | "azure" | undefined;
841
+ host?: string | undefined;
842
+ port?: number | undefined;
843
+ database?: string | undefined;
844
+ bootstrap?: {
845
+ enabled?: boolean | undefined;
846
+ masterUsername?: string | undefined;
847
+ masterPassword?: string | undefined;
848
+ secretRef?: string | undefined;
849
+ appRole?: string | undefined;
850
+ } | undefined;
851
+ } | undefined;
852
+ }, {
853
+ mode: "embedded" | "external";
854
+ external?: {
855
+ provider?: "aws" | "azure" | undefined;
856
+ host?: string | undefined;
857
+ port?: number | undefined;
858
+ database?: string | undefined;
859
+ bootstrap?: {
860
+ enabled?: boolean | undefined;
861
+ masterUsername?: string | undefined;
862
+ masterPassword?: string | undefined;
863
+ secretRef?: string | undefined;
864
+ appRole?: string | undefined;
865
+ } | undefined;
866
+ } | undefined;
867
+ }>>;
868
+ }, "strip", z.ZodTypeAny, {
869
+ redis?: {
870
+ mode: "embedded" | "external";
871
+ external?: {
872
+ password?: string | undefined;
873
+ host?: string | undefined;
874
+ port?: number | undefined;
875
+ existingSecret?: string | undefined;
876
+ existingSecretKey?: string | undefined;
877
+ tls?: boolean | undefined;
878
+ httpApi?: {
879
+ enabled: boolean;
880
+ url?: string | undefined;
881
+ token?: string | undefined;
882
+ } | undefined;
883
+ } | undefined;
884
+ } | undefined;
885
+ kafka?: {
886
+ mode: "embedded" | "external";
887
+ external?: {
888
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
889
+ brokers?: string | undefined;
890
+ topic?: string | undefined;
891
+ topicPrefix?: string | undefined;
892
+ provisionTopics?: boolean | undefined;
893
+ ssl?: boolean | undefined;
894
+ sasl?: {
895
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
896
+ username?: string | undefined;
897
+ password?: string | undefined;
898
+ region?: string | undefined;
899
+ existingSecret?: string | undefined;
900
+ } | undefined;
901
+ identity?: {
902
+ awsRoleArn?: string | undefined;
903
+ gcpServiceAccountEmail?: string | undefined;
904
+ azureClientId?: string | undefined;
905
+ } | undefined;
906
+ } | undefined;
907
+ } | undefined;
908
+ postgres?: {
909
+ mode: "embedded" | "external";
910
+ external?: {
911
+ provider?: "aws" | "azure" | undefined;
912
+ host?: string | undefined;
913
+ port?: number | undefined;
914
+ database?: string | undefined;
915
+ bootstrap?: {
916
+ enabled?: boolean | undefined;
917
+ masterUsername?: string | undefined;
918
+ masterPassword?: string | undefined;
919
+ secretRef?: string | undefined;
920
+ appRole?: string | undefined;
921
+ } | undefined;
922
+ } | undefined;
923
+ } | undefined;
924
+ }, {
925
+ redis?: {
926
+ mode: "embedded" | "external";
927
+ external?: {
928
+ password?: string | undefined;
929
+ host?: string | undefined;
930
+ port?: number | undefined;
931
+ existingSecret?: string | undefined;
932
+ existingSecretKey?: string | undefined;
933
+ tls?: boolean | undefined;
934
+ httpApi?: {
935
+ enabled: boolean;
936
+ url?: string | undefined;
937
+ token?: string | undefined;
938
+ } | undefined;
939
+ } | undefined;
940
+ } | undefined;
941
+ kafka?: {
942
+ mode: "embedded" | "external";
943
+ external?: {
944
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
945
+ brokers?: string | undefined;
946
+ topic?: string | undefined;
947
+ topicPrefix?: string | undefined;
948
+ provisionTopics?: boolean | undefined;
949
+ ssl?: boolean | undefined;
950
+ sasl?: {
951
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
952
+ username?: string | undefined;
953
+ password?: string | undefined;
954
+ region?: string | undefined;
955
+ existingSecret?: string | undefined;
956
+ } | undefined;
957
+ identity?: {
958
+ awsRoleArn?: string | undefined;
959
+ gcpServiceAccountEmail?: string | undefined;
960
+ azureClientId?: string | undefined;
961
+ } | undefined;
962
+ } | undefined;
963
+ } | undefined;
964
+ postgres?: {
965
+ mode: "embedded" | "external";
966
+ external?: {
967
+ provider?: "aws" | "azure" | undefined;
968
+ host?: string | undefined;
969
+ port?: number | undefined;
970
+ database?: string | undefined;
971
+ bootstrap?: {
972
+ enabled?: boolean | undefined;
973
+ masterUsername?: string | undefined;
974
+ masterPassword?: string | undefined;
975
+ secretRef?: string | undefined;
976
+ appRole?: string | undefined;
977
+ } | undefined;
978
+ } | undefined;
979
+ } | undefined;
980
+ }>>;
981
+ backup: z.ZodOptional<z.ZodObject<{
982
+ enabled: z.ZodBoolean;
983
+ schedule: z.ZodString;
984
+ retentionDays: z.ZodNumber;
985
+ }, "strip", z.ZodTypeAny, {
986
+ enabled: boolean;
987
+ schedule: string;
988
+ retentionDays: number;
989
+ }, {
990
+ enabled: boolean;
991
+ schedule: string;
992
+ retentionDays: number;
993
+ }>>;
239
994
  features: z.ZodObject<{
240
995
  ai: z.ZodObject<{
241
996
  enabled: z.ZodBoolean;
@@ -270,7 +1025,7 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
270
1025
  enabled: z.ZodBoolean;
271
1026
  destination: z.ZodOptional<z.ZodEnum<["local-grafana", "aws-amp", "azure-monitor", "grafana-cloud", "generic"]>>;
272
1027
  remoteWriteUrl: z.ZodOptional<z.ZodString>;
273
- remoteWrite: z.ZodOptional<z.ZodObject<{
1028
+ remoteWrite: z.ZodOptional<z.ZodEffects<z.ZodObject<{
274
1029
  destination: z.ZodEnum<["aws-amp", "azure-monitor", "grafana-cloud", "generic"]>;
275
1030
  url: z.ZodString;
276
1031
  authType: z.ZodOptional<z.ZodEnum<["none", "managed-identity", "workload-identity", "oauth", "basic", "bearer"]>>;
@@ -369,6 +1124,56 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
369
1124
  name: string;
370
1125
  key: string;
371
1126
  } | undefined;
1127
+ }>, {
1128
+ destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
1129
+ url: string;
1130
+ authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
1131
+ awsRegion?: string | undefined;
1132
+ awsRoleArn?: string | undefined;
1133
+ azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
1134
+ clientId?: string | undefined;
1135
+ tenantId?: string | undefined;
1136
+ clientSecretRef?: {
1137
+ name: string;
1138
+ key: string;
1139
+ } | undefined;
1140
+ usernameSecretRef?: {
1141
+ name: string;
1142
+ key: string;
1143
+ } | undefined;
1144
+ passwordSecretRef?: {
1145
+ name: string;
1146
+ key: string;
1147
+ } | undefined;
1148
+ bearerTokenSecretRef?: {
1149
+ name: string;
1150
+ key: string;
1151
+ } | undefined;
1152
+ }, {
1153
+ destination: "aws-amp" | "azure-monitor" | "grafana-cloud" | "generic";
1154
+ url: string;
1155
+ authType?: "none" | "managed-identity" | "workload-identity" | "oauth" | "basic" | "bearer" | undefined;
1156
+ awsRegion?: string | undefined;
1157
+ awsRoleArn?: string | undefined;
1158
+ azureCloud?: "AzurePublic" | "AzureChina" | "AzureGovernment" | undefined;
1159
+ clientId?: string | undefined;
1160
+ tenantId?: string | undefined;
1161
+ clientSecretRef?: {
1162
+ name: string;
1163
+ key: string;
1164
+ } | undefined;
1165
+ usernameSecretRef?: {
1166
+ name: string;
1167
+ key: string;
1168
+ } | undefined;
1169
+ passwordSecretRef?: {
1170
+ name: string;
1171
+ key: string;
1172
+ } | undefined;
1173
+ bearerTokenSecretRef?: {
1174
+ name: string;
1175
+ key: string;
1176
+ } | undefined;
372
1177
  }>>;
373
1178
  }, "strip", z.ZodTypeAny, {
374
1179
  enabled: boolean;
@@ -431,54 +1236,437 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
431
1236
  } | undefined;
432
1237
  } | undefined;
433
1238
  }>;
1239
+ observability: z.ZodOptional<z.ZodObject<{
1240
+ clickstack: z.ZodObject<{
1241
+ enabled: z.ZodBoolean;
1242
+ telemetryRetentionDays: z.ZodOptional<z.ZodNumber>;
1243
+ decisionLogRetentionDays: z.ZodOptional<z.ZodNumber>;
1244
+ clickHouseStorageSize: z.ZodOptional<z.ZodString>;
1245
+ }, "strip", z.ZodTypeAny, {
1246
+ enabled: boolean;
1247
+ telemetryRetentionDays?: number | undefined;
1248
+ decisionLogRetentionDays?: number | undefined;
1249
+ clickHouseStorageSize?: string | undefined;
1250
+ }, {
1251
+ enabled: boolean;
1252
+ telemetryRetentionDays?: number | undefined;
1253
+ decisionLogRetentionDays?: number | undefined;
1254
+ clickHouseStorageSize?: string | undefined;
1255
+ }>;
1256
+ }, "strip", z.ZodTypeAny, {
1257
+ clickstack: {
1258
+ enabled: boolean;
1259
+ telemetryRetentionDays?: number | undefined;
1260
+ decisionLogRetentionDays?: number | undefined;
1261
+ clickHouseStorageSize?: string | undefined;
1262
+ };
1263
+ }, {
1264
+ clickstack: {
1265
+ enabled: boolean;
1266
+ telemetryRetentionDays?: number | undefined;
1267
+ decisionLogRetentionDays?: number | undefined;
1268
+ clickHouseStorageSize?: string | undefined;
1269
+ };
1270
+ }>>;
1271
+ tracing: z.ZodOptional<z.ZodEffects<z.ZodObject<{
1272
+ enabled: z.ZodBoolean;
1273
+ destination: z.ZodOptional<z.ZodEnum<["elastic", "otlp", "azure-monitor"]>>;
1274
+ samplingRatio: z.ZodOptional<z.ZodNumber>;
1275
+ elastic: z.ZodOptional<z.ZodObject<{
1276
+ endpoint: z.ZodOptional<z.ZodString>;
1277
+ authMode: z.ZodOptional<z.ZodEnum<["secret-token", "api-key", "none"]>>;
1278
+ secretToken: z.ZodOptional<z.ZodString>;
1279
+ apiKey: z.ZodOptional<z.ZodString>;
1280
+ }, "strip", z.ZodTypeAny, {
1281
+ endpoint?: string | undefined;
1282
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1283
+ secretToken?: string | undefined;
1284
+ apiKey?: string | undefined;
1285
+ }, {
1286
+ endpoint?: string | undefined;
1287
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1288
+ secretToken?: string | undefined;
1289
+ apiKey?: string | undefined;
1290
+ }>>;
1291
+ otlp: z.ZodOptional<z.ZodObject<{
1292
+ endpoint: z.ZodOptional<z.ZodString>;
1293
+ authMode: z.ZodOptional<z.ZodEnum<["none", "bearer", "api-key", "header"]>>;
1294
+ headerName: z.ZodOptional<z.ZodString>;
1295
+ token: z.ZodOptional<z.ZodString>;
1296
+ apiKey: z.ZodOptional<z.ZodString>;
1297
+ headerValue: z.ZodOptional<z.ZodString>;
1298
+ headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1299
+ tlsInsecureSkipVerify: z.ZodOptional<z.ZodBoolean>;
1300
+ }, "strip", z.ZodTypeAny, {
1301
+ endpoint?: string | undefined;
1302
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1303
+ apiKey?: string | undefined;
1304
+ headerName?: string | undefined;
1305
+ token?: string | undefined;
1306
+ headerValue?: string | undefined;
1307
+ headers?: Record<string, string> | undefined;
1308
+ tlsInsecureSkipVerify?: boolean | undefined;
1309
+ }, {
1310
+ endpoint?: string | undefined;
1311
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1312
+ apiKey?: string | undefined;
1313
+ headerName?: string | undefined;
1314
+ token?: string | undefined;
1315
+ headerValue?: string | undefined;
1316
+ headers?: Record<string, string> | undefined;
1317
+ tlsInsecureSkipVerify?: boolean | undefined;
1318
+ }>>;
1319
+ azureMonitor: z.ZodOptional<z.ZodObject<{
1320
+ connectionString: z.ZodOptional<z.ZodString>;
1321
+ }, "strip", z.ZodTypeAny, {
1322
+ connectionString?: string | undefined;
1323
+ }, {
1324
+ connectionString?: string | undefined;
1325
+ }>>;
1326
+ }, "strip", z.ZodTypeAny, {
1327
+ enabled: boolean;
1328
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
1329
+ elastic?: {
1330
+ endpoint?: string | undefined;
1331
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1332
+ secretToken?: string | undefined;
1333
+ apiKey?: string | undefined;
1334
+ } | undefined;
1335
+ otlp?: {
1336
+ endpoint?: string | undefined;
1337
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1338
+ apiKey?: string | undefined;
1339
+ headerName?: string | undefined;
1340
+ token?: string | undefined;
1341
+ headerValue?: string | undefined;
1342
+ headers?: Record<string, string> | undefined;
1343
+ tlsInsecureSkipVerify?: boolean | undefined;
1344
+ } | undefined;
1345
+ samplingRatio?: number | undefined;
1346
+ azureMonitor?: {
1347
+ connectionString?: string | undefined;
1348
+ } | undefined;
1349
+ }, {
1350
+ enabled: boolean;
1351
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
1352
+ elastic?: {
1353
+ endpoint?: string | undefined;
1354
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1355
+ secretToken?: string | undefined;
1356
+ apiKey?: string | undefined;
1357
+ } | undefined;
1358
+ otlp?: {
1359
+ endpoint?: string | undefined;
1360
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1361
+ apiKey?: string | undefined;
1362
+ headerName?: string | undefined;
1363
+ token?: string | undefined;
1364
+ headerValue?: string | undefined;
1365
+ headers?: Record<string, string> | undefined;
1366
+ tlsInsecureSkipVerify?: boolean | undefined;
1367
+ } | undefined;
1368
+ samplingRatio?: number | undefined;
1369
+ azureMonitor?: {
1370
+ connectionString?: string | undefined;
1371
+ } | undefined;
1372
+ }>, {
1373
+ enabled: boolean;
1374
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
1375
+ elastic?: {
1376
+ endpoint?: string | undefined;
1377
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1378
+ secretToken?: string | undefined;
1379
+ apiKey?: string | undefined;
1380
+ } | undefined;
1381
+ otlp?: {
1382
+ endpoint?: string | undefined;
1383
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1384
+ apiKey?: string | undefined;
1385
+ headerName?: string | undefined;
1386
+ token?: string | undefined;
1387
+ headerValue?: string | undefined;
1388
+ headers?: Record<string, string> | undefined;
1389
+ tlsInsecureSkipVerify?: boolean | undefined;
1390
+ } | undefined;
1391
+ samplingRatio?: number | undefined;
1392
+ azureMonitor?: {
1393
+ connectionString?: string | undefined;
1394
+ } | undefined;
1395
+ }, {
1396
+ enabled: boolean;
1397
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
1398
+ elastic?: {
1399
+ endpoint?: string | undefined;
1400
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1401
+ secretToken?: string | undefined;
1402
+ apiKey?: string | undefined;
1403
+ } | undefined;
1404
+ otlp?: {
1405
+ endpoint?: string | undefined;
1406
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1407
+ apiKey?: string | undefined;
1408
+ headerName?: string | undefined;
1409
+ token?: string | undefined;
1410
+ headerValue?: string | undefined;
1411
+ headers?: Record<string, string> | undefined;
1412
+ tlsInsecureSkipVerify?: boolean | undefined;
1413
+ } | undefined;
1414
+ samplingRatio?: number | undefined;
1415
+ azureMonitor?: {
1416
+ connectionString?: string | undefined;
1417
+ } | undefined;
1418
+ }>>;
1419
+ cache: z.ZodOptional<z.ZodObject<{
1420
+ valkeyAdmin: z.ZodOptional<z.ZodObject<{
1421
+ enabled: z.ZodBoolean;
1422
+ exposure: z.ZodOptional<z.ZodEnum<["internal", "ingress"]>>;
1423
+ hostname: z.ZodOptional<z.ZodString>;
1424
+ basicAuthUsers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
1425
+ basicAuthExistingSecret: z.ZodOptional<z.ZodString>;
1426
+ allowedIPs: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
1427
+ }, "strip", z.ZodTypeAny, {
1428
+ enabled: boolean;
1429
+ exposure?: "internal" | "ingress" | undefined;
1430
+ hostname?: string | undefined;
1431
+ basicAuthUsers?: string[] | undefined;
1432
+ basicAuthExistingSecret?: string | undefined;
1433
+ allowedIPs?: string[] | undefined;
1434
+ }, {
1435
+ enabled: boolean;
1436
+ exposure?: "internal" | "ingress" | undefined;
1437
+ hostname?: string | undefined;
1438
+ basicAuthUsers?: string[] | undefined;
1439
+ basicAuthExistingSecret?: string | undefined;
1440
+ allowedIPs?: string[] | undefined;
1441
+ }>>;
1442
+ redisExporter: z.ZodOptional<z.ZodObject<{
1443
+ enabled: z.ZodBoolean;
1444
+ }, "strip", z.ZodTypeAny, {
1445
+ enabled: boolean;
1446
+ }, {
1447
+ enabled: boolean;
1448
+ }>>;
1449
+ kafkaExporter: z.ZodOptional<z.ZodObject<{
1450
+ enabled: z.ZodBoolean;
1451
+ }, "strip", z.ZodTypeAny, {
1452
+ enabled: boolean;
1453
+ }, {
1454
+ enabled: boolean;
1455
+ }>>;
1456
+ }, "strip", z.ZodTypeAny, {
1457
+ valkeyAdmin?: {
1458
+ enabled: boolean;
1459
+ exposure?: "internal" | "ingress" | undefined;
1460
+ hostname?: string | undefined;
1461
+ basicAuthUsers?: string[] | undefined;
1462
+ basicAuthExistingSecret?: string | undefined;
1463
+ allowedIPs?: string[] | undefined;
1464
+ } | undefined;
1465
+ redisExporter?: {
1466
+ enabled: boolean;
1467
+ } | undefined;
1468
+ kafkaExporter?: {
1469
+ enabled: boolean;
1470
+ } | undefined;
1471
+ }, {
1472
+ valkeyAdmin?: {
1473
+ enabled: boolean;
1474
+ exposure?: "internal" | "ingress" | undefined;
1475
+ hostname?: string | undefined;
1476
+ basicAuthUsers?: string[] | undefined;
1477
+ basicAuthExistingSecret?: string | undefined;
1478
+ allowedIPs?: string[] | undefined;
1479
+ } | undefined;
1480
+ redisExporter?: {
1481
+ enabled: boolean;
1482
+ } | undefined;
1483
+ kafkaExporter?: {
1484
+ enabled: boolean;
1485
+ } | undefined;
1486
+ }>>;
434
1487
  logging: z.ZodObject<{
435
- sink: z.ZodEnum<["console", "pending", "s3", "azure-blob", "gcs", "datadog", "splunk", "elasticsearch", "loki", "newrelic", "axiom"]>;
1488
+ sink: z.ZodEnum<["console", "pending", "datadog", "splunk", "elasticsearch", "loki", "newrelic", "axiom"]>;
436
1489
  bucket: z.ZodOptional<z.ZodString>;
437
1490
  region: z.ZodOptional<z.ZodString>;
438
- cloudAuthMode: z.ZodOptional<z.ZodEnum<["workload-identity", "secret"]>>;
439
- awsIamRoleArn: z.ZodOptional<z.ZodString>;
440
- azureBlobContainer: z.ZodOptional<z.ZodString>;
441
- azureBlobClientId: z.ZodOptional<z.ZodString>;
442
- azureBlobTenantId: z.ZodOptional<z.ZodString>;
443
- azureBlobConnectionStringSecretRef: z.ZodOptional<z.ZodObject<{
444
- name: z.ZodString;
445
- key: z.ZodString;
1491
+ appLogs: z.ZodOptional<z.ZodEffects<z.ZodObject<{
1492
+ enabled: z.ZodBoolean;
1493
+ destination: z.ZodOptional<z.ZodEnum<["elasticsearch", "loki", "generic"]>>;
1494
+ elasticsearch: z.ZodOptional<z.ZodObject<{
1495
+ endpoint: z.ZodOptional<z.ZodString>;
1496
+ index: z.ZodOptional<z.ZodString>;
1497
+ authMode: z.ZodOptional<z.ZodEnum<["basic", "api-key", "none"]>>;
1498
+ username: z.ZodOptional<z.ZodString>;
1499
+ password: z.ZodOptional<z.ZodString>;
1500
+ apiKey: z.ZodOptional<z.ZodString>;
1501
+ verifyCertificate: z.ZodOptional<z.ZodBoolean>;
1502
+ }, "strip", z.ZodTypeAny, {
1503
+ endpoint?: string | undefined;
1504
+ authMode?: "none" | "basic" | "api-key" | undefined;
1505
+ apiKey?: string | undefined;
1506
+ index?: string | undefined;
1507
+ username?: string | undefined;
1508
+ password?: string | undefined;
1509
+ verifyCertificate?: boolean | undefined;
1510
+ }, {
1511
+ endpoint?: string | undefined;
1512
+ authMode?: "none" | "basic" | "api-key" | undefined;
1513
+ apiKey?: string | undefined;
1514
+ index?: string | undefined;
1515
+ username?: string | undefined;
1516
+ password?: string | undefined;
1517
+ verifyCertificate?: boolean | undefined;
1518
+ }>>;
1519
+ loki: z.ZodOptional<z.ZodObject<{
1520
+ endpoint: z.ZodOptional<z.ZodString>;
1521
+ labels: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
1522
+ }, "strip", z.ZodTypeAny, {
1523
+ endpoint?: string | undefined;
1524
+ labels?: Record<string, string> | undefined;
1525
+ }, {
1526
+ endpoint?: string | undefined;
1527
+ labels?: Record<string, string> | undefined;
1528
+ }>>;
1529
+ generic: z.ZodOptional<z.ZodObject<{
1530
+ endpoint: z.ZodOptional<z.ZodString>;
1531
+ authHeader: z.ZodOptional<z.ZodString>;
1532
+ }, "strip", z.ZodTypeAny, {
1533
+ endpoint?: string | undefined;
1534
+ authHeader?: string | undefined;
1535
+ }, {
1536
+ endpoint?: string | undefined;
1537
+ authHeader?: string | undefined;
1538
+ }>>;
446
1539
  }, "strip", z.ZodTypeAny, {
447
- name: string;
448
- key: string;
1540
+ enabled: boolean;
1541
+ elasticsearch?: {
1542
+ endpoint?: string | undefined;
1543
+ authMode?: "none" | "basic" | "api-key" | undefined;
1544
+ apiKey?: string | undefined;
1545
+ index?: string | undefined;
1546
+ username?: string | undefined;
1547
+ password?: string | undefined;
1548
+ verifyCertificate?: boolean | undefined;
1549
+ } | undefined;
1550
+ loki?: {
1551
+ endpoint?: string | undefined;
1552
+ labels?: Record<string, string> | undefined;
1553
+ } | undefined;
1554
+ generic?: {
1555
+ endpoint?: string | undefined;
1556
+ authHeader?: string | undefined;
1557
+ } | undefined;
1558
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
449
1559
  }, {
450
- name: string;
451
- key: string;
1560
+ enabled: boolean;
1561
+ elasticsearch?: {
1562
+ endpoint?: string | undefined;
1563
+ authMode?: "none" | "basic" | "api-key" | undefined;
1564
+ apiKey?: string | undefined;
1565
+ index?: string | undefined;
1566
+ username?: string | undefined;
1567
+ password?: string | undefined;
1568
+ verifyCertificate?: boolean | undefined;
1569
+ } | undefined;
1570
+ loki?: {
1571
+ endpoint?: string | undefined;
1572
+ labels?: Record<string, string> | undefined;
1573
+ } | undefined;
1574
+ generic?: {
1575
+ endpoint?: string | undefined;
1576
+ authHeader?: string | undefined;
1577
+ } | undefined;
1578
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
1579
+ }>, {
1580
+ enabled: boolean;
1581
+ elasticsearch?: {
1582
+ endpoint?: string | undefined;
1583
+ authMode?: "none" | "basic" | "api-key" | undefined;
1584
+ apiKey?: string | undefined;
1585
+ index?: string | undefined;
1586
+ username?: string | undefined;
1587
+ password?: string | undefined;
1588
+ verifyCertificate?: boolean | undefined;
1589
+ } | undefined;
1590
+ loki?: {
1591
+ endpoint?: string | undefined;
1592
+ labels?: Record<string, string> | undefined;
1593
+ } | undefined;
1594
+ generic?: {
1595
+ endpoint?: string | undefined;
1596
+ authHeader?: string | undefined;
1597
+ } | undefined;
1598
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
1599
+ }, {
1600
+ enabled: boolean;
1601
+ elasticsearch?: {
1602
+ endpoint?: string | undefined;
1603
+ authMode?: "none" | "basic" | "api-key" | undefined;
1604
+ apiKey?: string | undefined;
1605
+ index?: string | undefined;
1606
+ username?: string | undefined;
1607
+ password?: string | undefined;
1608
+ verifyCertificate?: boolean | undefined;
1609
+ } | undefined;
1610
+ loki?: {
1611
+ endpoint?: string | undefined;
1612
+ labels?: Record<string, string> | undefined;
1613
+ } | undefined;
1614
+ generic?: {
1615
+ endpoint?: string | undefined;
1616
+ authHeader?: string | undefined;
1617
+ } | undefined;
1618
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
452
1619
  }>>;
453
- gcpServiceAccountEmail: z.ZodOptional<z.ZodString>;
454
1620
  }, "strip", z.ZodTypeAny, {
455
- sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
1621
+ sink: "console" | "pending" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
456
1622
  region?: string | undefined;
457
1623
  bucket?: string | undefined;
458
- cloudAuthMode?: "workload-identity" | "secret" | undefined;
459
- awsIamRoleArn?: string | undefined;
460
- azureBlobContainer?: string | undefined;
461
- azureBlobClientId?: string | undefined;
462
- azureBlobTenantId?: string | undefined;
463
- azureBlobConnectionStringSecretRef?: {
464
- name: string;
465
- key: string;
466
- } | undefined;
467
- gcpServiceAccountEmail?: string | undefined;
1624
+ appLogs?: {
1625
+ enabled: boolean;
1626
+ elasticsearch?: {
1627
+ endpoint?: string | undefined;
1628
+ authMode?: "none" | "basic" | "api-key" | undefined;
1629
+ apiKey?: string | undefined;
1630
+ index?: string | undefined;
1631
+ username?: string | undefined;
1632
+ password?: string | undefined;
1633
+ verifyCertificate?: boolean | undefined;
1634
+ } | undefined;
1635
+ loki?: {
1636
+ endpoint?: string | undefined;
1637
+ labels?: Record<string, string> | undefined;
1638
+ } | undefined;
1639
+ generic?: {
1640
+ endpoint?: string | undefined;
1641
+ authHeader?: string | undefined;
1642
+ } | undefined;
1643
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
1644
+ } | undefined;
468
1645
  }, {
469
- sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
1646
+ sink: "console" | "pending" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
470
1647
  region?: string | undefined;
471
1648
  bucket?: string | undefined;
472
- cloudAuthMode?: "workload-identity" | "secret" | undefined;
473
- awsIamRoleArn?: string | undefined;
474
- azureBlobContainer?: string | undefined;
475
- azureBlobClientId?: string | undefined;
476
- azureBlobTenantId?: string | undefined;
477
- azureBlobConnectionStringSecretRef?: {
478
- name: string;
479
- key: string;
480
- } | undefined;
481
- gcpServiceAccountEmail?: string | undefined;
1649
+ appLogs?: {
1650
+ enabled: boolean;
1651
+ elasticsearch?: {
1652
+ endpoint?: string | undefined;
1653
+ authMode?: "none" | "basic" | "api-key" | undefined;
1654
+ apiKey?: string | undefined;
1655
+ index?: string | undefined;
1656
+ username?: string | undefined;
1657
+ password?: string | undefined;
1658
+ verifyCertificate?: boolean | undefined;
1659
+ } | undefined;
1660
+ loki?: {
1661
+ endpoint?: string | undefined;
1662
+ labels?: Record<string, string> | undefined;
1663
+ } | undefined;
1664
+ generic?: {
1665
+ endpoint?: string | undefined;
1666
+ authHeader?: string | undefined;
1667
+ } | undefined;
1668
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
1669
+ } | undefined;
482
1670
  }>;
483
1671
  customEmails: z.ZodOptional<z.ZodObject<{
484
1672
  enabled: z.ZodBoolean;
@@ -587,20 +1775,79 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
587
1775
  } | undefined;
588
1776
  };
589
1777
  logging: {
590
- sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
1778
+ sink: "console" | "pending" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
591
1779
  region?: string | undefined;
592
1780
  bucket?: string | undefined;
593
- cloudAuthMode?: "workload-identity" | "secret" | undefined;
594
- awsIamRoleArn?: string | undefined;
595
- azureBlobContainer?: string | undefined;
596
- azureBlobClientId?: string | undefined;
597
- azureBlobTenantId?: string | undefined;
598
- azureBlobConnectionStringSecretRef?: {
599
- name: string;
600
- key: string;
601
- } | undefined;
602
- gcpServiceAccountEmail?: string | undefined;
1781
+ appLogs?: {
1782
+ enabled: boolean;
1783
+ elasticsearch?: {
1784
+ endpoint?: string | undefined;
1785
+ authMode?: "none" | "basic" | "api-key" | undefined;
1786
+ apiKey?: string | undefined;
1787
+ index?: string | undefined;
1788
+ username?: string | undefined;
1789
+ password?: string | undefined;
1790
+ verifyCertificate?: boolean | undefined;
1791
+ } | undefined;
1792
+ loki?: {
1793
+ endpoint?: string | undefined;
1794
+ labels?: Record<string, string> | undefined;
1795
+ } | undefined;
1796
+ generic?: {
1797
+ endpoint?: string | undefined;
1798
+ authHeader?: string | undefined;
1799
+ } | undefined;
1800
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
1801
+ } | undefined;
603
1802
  };
1803
+ observability?: {
1804
+ clickstack: {
1805
+ enabled: boolean;
1806
+ telemetryRetentionDays?: number | undefined;
1807
+ decisionLogRetentionDays?: number | undefined;
1808
+ clickHouseStorageSize?: string | undefined;
1809
+ };
1810
+ } | undefined;
1811
+ tracing?: {
1812
+ enabled: boolean;
1813
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
1814
+ elastic?: {
1815
+ endpoint?: string | undefined;
1816
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1817
+ secretToken?: string | undefined;
1818
+ apiKey?: string | undefined;
1819
+ } | undefined;
1820
+ otlp?: {
1821
+ endpoint?: string | undefined;
1822
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1823
+ apiKey?: string | undefined;
1824
+ headerName?: string | undefined;
1825
+ token?: string | undefined;
1826
+ headerValue?: string | undefined;
1827
+ headers?: Record<string, string> | undefined;
1828
+ tlsInsecureSkipVerify?: boolean | undefined;
1829
+ } | undefined;
1830
+ samplingRatio?: number | undefined;
1831
+ azureMonitor?: {
1832
+ connectionString?: string | undefined;
1833
+ } | undefined;
1834
+ } | undefined;
1835
+ cache?: {
1836
+ valkeyAdmin?: {
1837
+ enabled: boolean;
1838
+ exposure?: "internal" | "ingress" | undefined;
1839
+ hostname?: string | undefined;
1840
+ basicAuthUsers?: string[] | undefined;
1841
+ basicAuthExistingSecret?: string | undefined;
1842
+ allowedIPs?: string[] | undefined;
1843
+ } | undefined;
1844
+ redisExporter?: {
1845
+ enabled: boolean;
1846
+ } | undefined;
1847
+ kafkaExporter?: {
1848
+ enabled: boolean;
1849
+ } | undefined;
1850
+ } | undefined;
604
1851
  customEmails?: {
605
1852
  enabled: boolean;
606
1853
  subjects?: {
@@ -660,20 +1907,79 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
660
1907
  } | undefined;
661
1908
  };
662
1909
  logging: {
663
- sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
1910
+ sink: "console" | "pending" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
664
1911
  region?: string | undefined;
665
1912
  bucket?: string | undefined;
666
- cloudAuthMode?: "workload-identity" | "secret" | undefined;
667
- awsIamRoleArn?: string | undefined;
668
- azureBlobContainer?: string | undefined;
669
- azureBlobClientId?: string | undefined;
670
- azureBlobTenantId?: string | undefined;
671
- azureBlobConnectionStringSecretRef?: {
672
- name: string;
673
- key: string;
674
- } | undefined;
675
- gcpServiceAccountEmail?: string | undefined;
1913
+ appLogs?: {
1914
+ enabled: boolean;
1915
+ elasticsearch?: {
1916
+ endpoint?: string | undefined;
1917
+ authMode?: "none" | "basic" | "api-key" | undefined;
1918
+ apiKey?: string | undefined;
1919
+ index?: string | undefined;
1920
+ username?: string | undefined;
1921
+ password?: string | undefined;
1922
+ verifyCertificate?: boolean | undefined;
1923
+ } | undefined;
1924
+ loki?: {
1925
+ endpoint?: string | undefined;
1926
+ labels?: Record<string, string> | undefined;
1927
+ } | undefined;
1928
+ generic?: {
1929
+ endpoint?: string | undefined;
1930
+ authHeader?: string | undefined;
1931
+ } | undefined;
1932
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
1933
+ } | undefined;
676
1934
  };
1935
+ observability?: {
1936
+ clickstack: {
1937
+ enabled: boolean;
1938
+ telemetryRetentionDays?: number | undefined;
1939
+ decisionLogRetentionDays?: number | undefined;
1940
+ clickHouseStorageSize?: string | undefined;
1941
+ };
1942
+ } | undefined;
1943
+ tracing?: {
1944
+ enabled: boolean;
1945
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
1946
+ elastic?: {
1947
+ endpoint?: string | undefined;
1948
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
1949
+ secretToken?: string | undefined;
1950
+ apiKey?: string | undefined;
1951
+ } | undefined;
1952
+ otlp?: {
1953
+ endpoint?: string | undefined;
1954
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
1955
+ apiKey?: string | undefined;
1956
+ headerName?: string | undefined;
1957
+ token?: string | undefined;
1958
+ headerValue?: string | undefined;
1959
+ headers?: Record<string, string> | undefined;
1960
+ tlsInsecureSkipVerify?: boolean | undefined;
1961
+ } | undefined;
1962
+ samplingRatio?: number | undefined;
1963
+ azureMonitor?: {
1964
+ connectionString?: string | undefined;
1965
+ } | undefined;
1966
+ } | undefined;
1967
+ cache?: {
1968
+ valkeyAdmin?: {
1969
+ enabled: boolean;
1970
+ exposure?: "internal" | "ingress" | undefined;
1971
+ hostname?: string | undefined;
1972
+ basicAuthUsers?: string[] | undefined;
1973
+ basicAuthExistingSecret?: string | undefined;
1974
+ allowedIPs?: string[] | undefined;
1975
+ } | undefined;
1976
+ redisExporter?: {
1977
+ enabled: boolean;
1978
+ } | undefined;
1979
+ kafkaExporter?: {
1980
+ enabled: boolean;
1981
+ } | undefined;
1982
+ } | undefined;
677
1983
  customEmails?: {
678
1984
  enabled: boolean;
679
1985
  subjects?: {
@@ -691,18 +1997,28 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
691
1997
  } | undefined;
692
1998
  }>;
693
1999
  licenseKey: z.ZodString;
694
- appVersion: z.ZodOptional<z.ZodString>;
695
- hpsVersion: z.ZodOptional<z.ZodString>;
2000
+ version: z.ZodString;
2001
+ imageRegistry: z.ZodOptional<z.ZodString>;
696
2002
  chartVersion: z.ZodOptional<z.ZodString>;
697
2003
  }, "strip", z.ZodTypeAny, {
698
2004
  name: string;
699
2005
  infrastructure: {
700
- mode: "existing" | "provision";
2006
+ mode: "existing";
701
2007
  provider?: "aws" | "gcp" | "azure" | undefined;
702
2008
  region?: string | undefined;
703
2009
  clusterName?: string | undefined;
704
2010
  gcpProjectId?: string | undefined;
705
2011
  azureResourceGroup?: string | undefined;
2012
+ nodeArchitecture?: "amd64" | "arm64" | "mixed" | "unknown" | undefined;
2013
+ arm64TolerationRequired?: boolean | undefined;
2014
+ storageClass?: string | undefined;
2015
+ storageProvisioner?: string | undefined;
2016
+ schedulableNodeCount?: number | undefined;
2017
+ totalCpuCores?: number | undefined;
2018
+ totalMemoryGi?: number | undefined;
2019
+ eligibleCpuCores?: number | undefined;
2020
+ eligibleMemoryGi?: number | undefined;
2021
+ totalPersistentStorageGi?: number | undefined;
706
2022
  };
707
2023
  domain: string;
708
2024
  adminEmail: string;
@@ -710,7 +2026,6 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
710
2026
  dns: {
711
2027
  provider: "azure" | "google" | "other" | "route53" | "cloudflare";
712
2028
  autoManage: boolean;
713
- existingExternalDns?: boolean | undefined;
714
2029
  };
715
2030
  smtp: {
716
2031
  host: string;
@@ -732,7 +2047,6 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
732
2047
  supabaseDashboardUser?: string | undefined;
733
2048
  supabaseDashboardPass?: string | undefined;
734
2049
  };
735
- tier: "small" | "medium" | "large";
736
2050
  features: {
737
2051
  ai: {
738
2052
  enabled: boolean;
@@ -777,20 +2091,79 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
777
2091
  } | undefined;
778
2092
  };
779
2093
  logging: {
780
- sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
2094
+ sink: "console" | "pending" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
781
2095
  region?: string | undefined;
782
2096
  bucket?: string | undefined;
783
- cloudAuthMode?: "workload-identity" | "secret" | undefined;
784
- awsIamRoleArn?: string | undefined;
785
- azureBlobContainer?: string | undefined;
786
- azureBlobClientId?: string | undefined;
787
- azureBlobTenantId?: string | undefined;
788
- azureBlobConnectionStringSecretRef?: {
789
- name: string;
790
- key: string;
791
- } | undefined;
792
- gcpServiceAccountEmail?: string | undefined;
2097
+ appLogs?: {
2098
+ enabled: boolean;
2099
+ elasticsearch?: {
2100
+ endpoint?: string | undefined;
2101
+ authMode?: "none" | "basic" | "api-key" | undefined;
2102
+ apiKey?: string | undefined;
2103
+ index?: string | undefined;
2104
+ username?: string | undefined;
2105
+ password?: string | undefined;
2106
+ verifyCertificate?: boolean | undefined;
2107
+ } | undefined;
2108
+ loki?: {
2109
+ endpoint?: string | undefined;
2110
+ labels?: Record<string, string> | undefined;
2111
+ } | undefined;
2112
+ generic?: {
2113
+ endpoint?: string | undefined;
2114
+ authHeader?: string | undefined;
2115
+ } | undefined;
2116
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
2117
+ } | undefined;
793
2118
  };
2119
+ observability?: {
2120
+ clickstack: {
2121
+ enabled: boolean;
2122
+ telemetryRetentionDays?: number | undefined;
2123
+ decisionLogRetentionDays?: number | undefined;
2124
+ clickHouseStorageSize?: string | undefined;
2125
+ };
2126
+ } | undefined;
2127
+ tracing?: {
2128
+ enabled: boolean;
2129
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
2130
+ elastic?: {
2131
+ endpoint?: string | undefined;
2132
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
2133
+ secretToken?: string | undefined;
2134
+ apiKey?: string | undefined;
2135
+ } | undefined;
2136
+ otlp?: {
2137
+ endpoint?: string | undefined;
2138
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
2139
+ apiKey?: string | undefined;
2140
+ headerName?: string | undefined;
2141
+ token?: string | undefined;
2142
+ headerValue?: string | undefined;
2143
+ headers?: Record<string, string> | undefined;
2144
+ tlsInsecureSkipVerify?: boolean | undefined;
2145
+ } | undefined;
2146
+ samplingRatio?: number | undefined;
2147
+ azureMonitor?: {
2148
+ connectionString?: string | undefined;
2149
+ } | undefined;
2150
+ } | undefined;
2151
+ cache?: {
2152
+ valkeyAdmin?: {
2153
+ enabled: boolean;
2154
+ exposure?: "internal" | "ingress" | undefined;
2155
+ hostname?: string | undefined;
2156
+ basicAuthUsers?: string[] | undefined;
2157
+ basicAuthExistingSecret?: string | undefined;
2158
+ allowedIPs?: string[] | undefined;
2159
+ } | undefined;
2160
+ redisExporter?: {
2161
+ enabled: boolean;
2162
+ } | undefined;
2163
+ kafkaExporter?: {
2164
+ enabled: boolean;
2165
+ } | undefined;
2166
+ } | undefined;
794
2167
  customEmails?: {
795
2168
  enabled: boolean;
796
2169
  subjects?: {
@@ -808,18 +2181,109 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
808
2181
  } | undefined;
809
2182
  };
810
2183
  licenseKey: string;
811
- appVersion?: string | undefined;
812
- hpsVersion?: string | undefined;
2184
+ version: string;
2185
+ storage?: {
2186
+ provider: "s3" | "azure-blob" | "gcs";
2187
+ region: string;
2188
+ bucket: string;
2189
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
2190
+ awsIamRoleArn?: string | undefined;
2191
+ azureBlobClientId?: string | undefined;
2192
+ azureBlobTenantId?: string | undefined;
2193
+ azureBlobConnectionStringSecretRef?: {
2194
+ name: string;
2195
+ key: string;
2196
+ } | undefined;
2197
+ azureBlobContainer?: string | undefined;
2198
+ gcpServiceAccountEmail?: string | undefined;
2199
+ paths?: {
2200
+ decisionLogs?: string | undefined;
2201
+ dbBackups?: string | undefined;
2202
+ } | undefined;
2203
+ } | undefined;
2204
+ externalServices?: {
2205
+ redis?: {
2206
+ mode: "embedded" | "external";
2207
+ external?: {
2208
+ password?: string | undefined;
2209
+ host?: string | undefined;
2210
+ port?: number | undefined;
2211
+ existingSecret?: string | undefined;
2212
+ existingSecretKey?: string | undefined;
2213
+ tls?: boolean | undefined;
2214
+ httpApi?: {
2215
+ enabled: boolean;
2216
+ url?: string | undefined;
2217
+ token?: string | undefined;
2218
+ } | undefined;
2219
+ } | undefined;
2220
+ } | undefined;
2221
+ kafka?: {
2222
+ mode: "embedded" | "external";
2223
+ external?: {
2224
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
2225
+ brokers?: string | undefined;
2226
+ topic?: string | undefined;
2227
+ topicPrefix?: string | undefined;
2228
+ provisionTopics?: boolean | undefined;
2229
+ ssl?: boolean | undefined;
2230
+ sasl?: {
2231
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
2232
+ username?: string | undefined;
2233
+ password?: string | undefined;
2234
+ region?: string | undefined;
2235
+ existingSecret?: string | undefined;
2236
+ } | undefined;
2237
+ identity?: {
2238
+ awsRoleArn?: string | undefined;
2239
+ gcpServiceAccountEmail?: string | undefined;
2240
+ azureClientId?: string | undefined;
2241
+ } | undefined;
2242
+ } | undefined;
2243
+ } | undefined;
2244
+ postgres?: {
2245
+ mode: "embedded" | "external";
2246
+ external?: {
2247
+ provider?: "aws" | "azure" | undefined;
2248
+ host?: string | undefined;
2249
+ port?: number | undefined;
2250
+ database?: string | undefined;
2251
+ bootstrap?: {
2252
+ enabled?: boolean | undefined;
2253
+ masterUsername?: string | undefined;
2254
+ masterPassword?: string | undefined;
2255
+ secretRef?: string | undefined;
2256
+ appRole?: string | undefined;
2257
+ } | undefined;
2258
+ } | undefined;
2259
+ } | undefined;
2260
+ } | undefined;
2261
+ backup?: {
2262
+ enabled: boolean;
2263
+ schedule: string;
2264
+ retentionDays: number;
2265
+ } | undefined;
2266
+ imageRegistry?: string | undefined;
813
2267
  chartVersion?: string | undefined;
814
2268
  }, {
815
2269
  name: string;
816
2270
  infrastructure: {
817
- mode: "existing" | "provision";
2271
+ mode: "existing";
818
2272
  provider?: "aws" | "gcp" | "azure" | undefined;
819
2273
  region?: string | undefined;
820
2274
  clusterName?: string | undefined;
821
2275
  gcpProjectId?: string | undefined;
822
2276
  azureResourceGroup?: string | undefined;
2277
+ nodeArchitecture?: "amd64" | "arm64" | "mixed" | "unknown" | undefined;
2278
+ arm64TolerationRequired?: boolean | undefined;
2279
+ storageClass?: string | undefined;
2280
+ storageProvisioner?: string | undefined;
2281
+ schedulableNodeCount?: number | undefined;
2282
+ totalCpuCores?: number | undefined;
2283
+ totalMemoryGi?: number | undefined;
2284
+ eligibleCpuCores?: number | undefined;
2285
+ eligibleMemoryGi?: number | undefined;
2286
+ totalPersistentStorageGi?: number | undefined;
823
2287
  };
824
2288
  domain: string;
825
2289
  adminEmail: string;
@@ -827,7 +2291,6 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
827
2291
  dns: {
828
2292
  provider: "azure" | "google" | "other" | "route53" | "cloudflare";
829
2293
  autoManage: boolean;
830
- existingExternalDns?: boolean | undefined;
831
2294
  };
832
2295
  smtp: {
833
2296
  host: string;
@@ -849,7 +2312,6 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
849
2312
  supabaseDashboardUser?: string | undefined;
850
2313
  supabaseDashboardPass?: string | undefined;
851
2314
  };
852
- tier: "small" | "medium" | "large";
853
2315
  features: {
854
2316
  ai: {
855
2317
  enabled: boolean;
@@ -894,20 +2356,79 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
894
2356
  } | undefined;
895
2357
  };
896
2358
  logging: {
897
- sink: "console" | "pending" | "s3" | "azure-blob" | "gcs" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
2359
+ sink: "console" | "pending" | "datadog" | "splunk" | "elasticsearch" | "loki" | "newrelic" | "axiom";
898
2360
  region?: string | undefined;
899
2361
  bucket?: string | undefined;
900
- cloudAuthMode?: "workload-identity" | "secret" | undefined;
901
- awsIamRoleArn?: string | undefined;
902
- azureBlobContainer?: string | undefined;
903
- azureBlobClientId?: string | undefined;
904
- azureBlobTenantId?: string | undefined;
905
- azureBlobConnectionStringSecretRef?: {
906
- name: string;
907
- key: string;
908
- } | undefined;
909
- gcpServiceAccountEmail?: string | undefined;
2362
+ appLogs?: {
2363
+ enabled: boolean;
2364
+ elasticsearch?: {
2365
+ endpoint?: string | undefined;
2366
+ authMode?: "none" | "basic" | "api-key" | undefined;
2367
+ apiKey?: string | undefined;
2368
+ index?: string | undefined;
2369
+ username?: string | undefined;
2370
+ password?: string | undefined;
2371
+ verifyCertificate?: boolean | undefined;
2372
+ } | undefined;
2373
+ loki?: {
2374
+ endpoint?: string | undefined;
2375
+ labels?: Record<string, string> | undefined;
2376
+ } | undefined;
2377
+ generic?: {
2378
+ endpoint?: string | undefined;
2379
+ authHeader?: string | undefined;
2380
+ } | undefined;
2381
+ destination?: "elasticsearch" | "loki" | "generic" | undefined;
2382
+ } | undefined;
910
2383
  };
2384
+ observability?: {
2385
+ clickstack: {
2386
+ enabled: boolean;
2387
+ telemetryRetentionDays?: number | undefined;
2388
+ decisionLogRetentionDays?: number | undefined;
2389
+ clickHouseStorageSize?: string | undefined;
2390
+ };
2391
+ } | undefined;
2392
+ tracing?: {
2393
+ enabled: boolean;
2394
+ destination?: "azure-monitor" | "elastic" | "otlp" | undefined;
2395
+ elastic?: {
2396
+ endpoint?: string | undefined;
2397
+ authMode?: "none" | "secret-token" | "api-key" | undefined;
2398
+ secretToken?: string | undefined;
2399
+ apiKey?: string | undefined;
2400
+ } | undefined;
2401
+ otlp?: {
2402
+ endpoint?: string | undefined;
2403
+ authMode?: "none" | "bearer" | "api-key" | "header" | undefined;
2404
+ apiKey?: string | undefined;
2405
+ headerName?: string | undefined;
2406
+ token?: string | undefined;
2407
+ headerValue?: string | undefined;
2408
+ headers?: Record<string, string> | undefined;
2409
+ tlsInsecureSkipVerify?: boolean | undefined;
2410
+ } | undefined;
2411
+ samplingRatio?: number | undefined;
2412
+ azureMonitor?: {
2413
+ connectionString?: string | undefined;
2414
+ } | undefined;
2415
+ } | undefined;
2416
+ cache?: {
2417
+ valkeyAdmin?: {
2418
+ enabled: boolean;
2419
+ exposure?: "internal" | "ingress" | undefined;
2420
+ hostname?: string | undefined;
2421
+ basicAuthUsers?: string[] | undefined;
2422
+ basicAuthExistingSecret?: string | undefined;
2423
+ allowedIPs?: string[] | undefined;
2424
+ } | undefined;
2425
+ redisExporter?: {
2426
+ enabled: boolean;
2427
+ } | undefined;
2428
+ kafkaExporter?: {
2429
+ enabled: boolean;
2430
+ } | undefined;
2431
+ } | undefined;
911
2432
  customEmails?: {
912
2433
  enabled: boolean;
913
2434
  subjects?: {
@@ -925,8 +2446,89 @@ export declare const DeploymentConfigSchema: z.ZodObject<{
925
2446
  } | undefined;
926
2447
  };
927
2448
  licenseKey: string;
928
- appVersion?: string | undefined;
929
- hpsVersion?: string | undefined;
2449
+ version: string;
2450
+ storage?: {
2451
+ provider: "s3" | "azure-blob" | "gcs";
2452
+ region: string;
2453
+ bucket: string;
2454
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
2455
+ awsIamRoleArn?: string | undefined;
2456
+ azureBlobClientId?: string | undefined;
2457
+ azureBlobTenantId?: string | undefined;
2458
+ azureBlobConnectionStringSecretRef?: {
2459
+ name: string;
2460
+ key: string;
2461
+ } | undefined;
2462
+ azureBlobContainer?: string | undefined;
2463
+ gcpServiceAccountEmail?: string | undefined;
2464
+ paths?: {
2465
+ decisionLogs?: string | undefined;
2466
+ dbBackups?: string | undefined;
2467
+ } | undefined;
2468
+ } | undefined;
2469
+ externalServices?: {
2470
+ redis?: {
2471
+ mode: "embedded" | "external";
2472
+ external?: {
2473
+ password?: string | undefined;
2474
+ host?: string | undefined;
2475
+ port?: number | undefined;
2476
+ existingSecret?: string | undefined;
2477
+ existingSecretKey?: string | undefined;
2478
+ tls?: boolean | undefined;
2479
+ httpApi?: {
2480
+ enabled: boolean;
2481
+ url?: string | undefined;
2482
+ token?: string | undefined;
2483
+ } | undefined;
2484
+ } | undefined;
2485
+ } | undefined;
2486
+ kafka?: {
2487
+ mode: "embedded" | "external";
2488
+ external?: {
2489
+ preset?: "aws-msk-iam" | "azure-event-hubs" | "gcp-managed" | "custom" | undefined;
2490
+ brokers?: string | undefined;
2491
+ topic?: string | undefined;
2492
+ topicPrefix?: string | undefined;
2493
+ provisionTopics?: boolean | undefined;
2494
+ ssl?: boolean | undefined;
2495
+ sasl?: {
2496
+ mechanism: "" | "aws-iam" | "oauthbearer" | "scram-sha-256" | "scram-sha-512" | "plain";
2497
+ username?: string | undefined;
2498
+ password?: string | undefined;
2499
+ region?: string | undefined;
2500
+ existingSecret?: string | undefined;
2501
+ } | undefined;
2502
+ identity?: {
2503
+ awsRoleArn?: string | undefined;
2504
+ gcpServiceAccountEmail?: string | undefined;
2505
+ azureClientId?: string | undefined;
2506
+ } | undefined;
2507
+ } | undefined;
2508
+ } | undefined;
2509
+ postgres?: {
2510
+ mode: "embedded" | "external";
2511
+ external?: {
2512
+ provider?: "aws" | "azure" | undefined;
2513
+ host?: string | undefined;
2514
+ port?: number | undefined;
2515
+ database?: string | undefined;
2516
+ bootstrap?: {
2517
+ enabled?: boolean | undefined;
2518
+ masterUsername?: string | undefined;
2519
+ masterPassword?: string | undefined;
2520
+ secretRef?: string | undefined;
2521
+ appRole?: string | undefined;
2522
+ } | undefined;
2523
+ } | undefined;
2524
+ } | undefined;
2525
+ } | undefined;
2526
+ backup?: {
2527
+ enabled: boolean;
2528
+ schedule: string;
2529
+ retentionDays: number;
2530
+ } | undefined;
2531
+ imageRegistry?: string | undefined;
930
2532
  chartVersion?: string | undefined;
931
2533
  }>;
932
2534
  export type DeploymentConfig = z.infer<typeof DeploymentConfigSchema>;
@@ -943,10 +2545,8 @@ export interface DeploymentState {
943
2545
  clusterEndpoint?: string;
944
2546
  };
945
2547
  application?: {
946
- /** App image version */
947
- appVersion: string;
948
- /** HPS image version */
949
- hpsVersion: string;
2548
+ /** Unified Rulebricks product version */
2549
+ version: string;
950
2550
  /** Legacy chart version (deprecated) */
951
2551
  chartVersion?: string;
952
2552
  namespace: string;
@@ -967,21 +2567,17 @@ export interface ChartVersion {
967
2567
  digest: string;
968
2568
  }
969
2569
  export interface AppVersion {
970
- /** App image version (e.g., "1.5.0") */
2570
+ /** Product image version (e.g., "1.5.0") */
971
2571
  version: string;
972
2572
  /** Release date ISO string */
973
2573
  releaseDate: string;
974
- /** Matched HPS version (latest HPS released on or before app release) */
975
- hpsVersion: string | null;
976
2574
  /** Image digest */
977
2575
  digest: string;
2576
+ /** HPS server image digests for this version */
2577
+ hpsDigests?: string[];
2578
+ /** HPS worker image digests for this version */
2579
+ hpsWorkerDigests?: string[];
978
2580
  }
979
- export interface WizardStep {
980
- id: string;
981
- title: string;
982
- description: string;
983
- }
984
- export declare const WIZARD_STEPS: WizardStep[];
985
2581
  export interface DNSRecord {
986
2582
  hostname: string;
987
2583
  type: "A" | "CNAME";
@@ -1006,9 +2602,74 @@ export declare const ProfileConfigSchema: z.ZodObject<{
1006
2602
  smtpFromName: z.ZodOptional<z.ZodString>;
1007
2603
  openaiApiKey: z.ZodOptional<z.ZodString>;
1008
2604
  licenseKey: z.ZodOptional<z.ZodString>;
1009
- tier: z.ZodOptional<z.ZodEnum<["small", "medium", "large"]>>;
1010
2605
  databaseType: z.ZodOptional<z.ZodEnum<["self-hosted", "supabase-cloud"]>>;
1011
- infrastructureMode: z.ZodOptional<z.ZodEnum<["existing", "provision"]>>;
2606
+ storage: z.ZodOptional<z.ZodObject<{
2607
+ provider: z.ZodEnum<["s3", "azure-blob", "gcs"]>;
2608
+ cloudAuthMode: z.ZodOptional<z.ZodEnum<["workload-identity", "secret"]>>;
2609
+ bucket: z.ZodOptional<z.ZodString>;
2610
+ region: z.ZodOptional<z.ZodString>;
2611
+ awsIamRoleArn: z.ZodOptional<z.ZodString>;
2612
+ azureBlobClientId: z.ZodOptional<z.ZodString>;
2613
+ azureBlobTenantId: z.ZodOptional<z.ZodString>;
2614
+ azureBlobConnectionStringSecretRef: z.ZodOptional<z.ZodObject<{
2615
+ name: z.ZodString;
2616
+ key: z.ZodString;
2617
+ }, "strip", z.ZodTypeAny, {
2618
+ name: string;
2619
+ key: string;
2620
+ }, {
2621
+ name: string;
2622
+ key: string;
2623
+ }>>;
2624
+ azureBlobContainer: z.ZodOptional<z.ZodString>;
2625
+ gcpServiceAccountEmail: z.ZodOptional<z.ZodString>;
2626
+ paths: z.ZodOptional<z.ZodObject<{
2627
+ decisionLogs: z.ZodOptional<z.ZodString>;
2628
+ dbBackups: z.ZodOptional<z.ZodString>;
2629
+ }, "strip", z.ZodTypeAny, {
2630
+ decisionLogs?: string | undefined;
2631
+ dbBackups?: string | undefined;
2632
+ }, {
2633
+ decisionLogs?: string | undefined;
2634
+ dbBackups?: string | undefined;
2635
+ }>>;
2636
+ }, "strip", z.ZodTypeAny, {
2637
+ provider: "s3" | "azure-blob" | "gcs";
2638
+ region?: string | undefined;
2639
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
2640
+ bucket?: string | undefined;
2641
+ awsIamRoleArn?: string | undefined;
2642
+ azureBlobClientId?: string | undefined;
2643
+ azureBlobTenantId?: string | undefined;
2644
+ azureBlobConnectionStringSecretRef?: {
2645
+ name: string;
2646
+ key: string;
2647
+ } | undefined;
2648
+ azureBlobContainer?: string | undefined;
2649
+ gcpServiceAccountEmail?: string | undefined;
2650
+ paths?: {
2651
+ decisionLogs?: string | undefined;
2652
+ dbBackups?: string | undefined;
2653
+ } | undefined;
2654
+ }, {
2655
+ provider: "s3" | "azure-blob" | "gcs";
2656
+ region?: string | undefined;
2657
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
2658
+ bucket?: string | undefined;
2659
+ awsIamRoleArn?: string | undefined;
2660
+ azureBlobClientId?: string | undefined;
2661
+ azureBlobTenantId?: string | undefined;
2662
+ azureBlobConnectionStringSecretRef?: {
2663
+ name: string;
2664
+ key: string;
2665
+ } | undefined;
2666
+ azureBlobContainer?: string | undefined;
2667
+ gcpServiceAccountEmail?: string | undefined;
2668
+ paths?: {
2669
+ decisionLogs?: string | undefined;
2670
+ dbBackups?: string | undefined;
2671
+ } | undefined;
2672
+ }>>;
1012
2673
  ssoProvider: z.ZodOptional<z.ZodEnum<["azure", "google", "okta", "keycloak", "ory", "other"]>>;
1013
2674
  ssoUrl: z.ZodOptional<z.ZodString>;
1014
2675
  ssoClientId: z.ZodOptional<z.ZodString>;
@@ -1019,7 +2680,25 @@ export declare const ProfileConfigSchema: z.ZodObject<{
1019
2680
  clusterName?: string | undefined;
1020
2681
  adminEmail?: string | undefined;
1021
2682
  tlsEmail?: string | undefined;
1022
- tier?: "small" | "medium" | "large" | undefined;
2683
+ storage?: {
2684
+ provider: "s3" | "azure-blob" | "gcs";
2685
+ region?: string | undefined;
2686
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
2687
+ bucket?: string | undefined;
2688
+ awsIamRoleArn?: string | undefined;
2689
+ azureBlobClientId?: string | undefined;
2690
+ azureBlobTenantId?: string | undefined;
2691
+ azureBlobConnectionStringSecretRef?: {
2692
+ name: string;
2693
+ key: string;
2694
+ } | undefined;
2695
+ azureBlobContainer?: string | undefined;
2696
+ gcpServiceAccountEmail?: string | undefined;
2697
+ paths?: {
2698
+ decisionLogs?: string | undefined;
2699
+ dbBackups?: string | undefined;
2700
+ } | undefined;
2701
+ } | undefined;
1023
2702
  openaiApiKey?: string | undefined;
1024
2703
  licenseKey?: string | undefined;
1025
2704
  domainSuffix?: string | undefined;
@@ -1031,7 +2710,6 @@ export declare const ProfileConfigSchema: z.ZodObject<{
1031
2710
  smtpFrom?: string | undefined;
1032
2711
  smtpFromName?: string | undefined;
1033
2712
  databaseType?: "self-hosted" | "supabase-cloud" | undefined;
1034
- infrastructureMode?: "existing" | "provision" | undefined;
1035
2713
  ssoProvider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
1036
2714
  ssoUrl?: string | undefined;
1037
2715
  ssoClientId?: string | undefined;
@@ -1042,7 +2720,25 @@ export declare const ProfileConfigSchema: z.ZodObject<{
1042
2720
  clusterName?: string | undefined;
1043
2721
  adminEmail?: string | undefined;
1044
2722
  tlsEmail?: string | undefined;
1045
- tier?: "small" | "medium" | "large" | undefined;
2723
+ storage?: {
2724
+ provider: "s3" | "azure-blob" | "gcs";
2725
+ region?: string | undefined;
2726
+ cloudAuthMode?: "workload-identity" | "secret" | undefined;
2727
+ bucket?: string | undefined;
2728
+ awsIamRoleArn?: string | undefined;
2729
+ azureBlobClientId?: string | undefined;
2730
+ azureBlobTenantId?: string | undefined;
2731
+ azureBlobConnectionStringSecretRef?: {
2732
+ name: string;
2733
+ key: string;
2734
+ } | undefined;
2735
+ azureBlobContainer?: string | undefined;
2736
+ gcpServiceAccountEmail?: string | undefined;
2737
+ paths?: {
2738
+ decisionLogs?: string | undefined;
2739
+ dbBackups?: string | undefined;
2740
+ } | undefined;
2741
+ } | undefined;
1046
2742
  openaiApiKey?: string | undefined;
1047
2743
  licenseKey?: string | undefined;
1048
2744
  domainSuffix?: string | undefined;
@@ -1054,7 +2750,6 @@ export declare const ProfileConfigSchema: z.ZodObject<{
1054
2750
  smtpFrom?: string | undefined;
1055
2751
  smtpFromName?: string | undefined;
1056
2752
  databaseType?: "self-hosted" | "supabase-cloud" | undefined;
1057
- infrastructureMode?: "existing" | "provision" | undefined;
1058
2753
  ssoProvider?: "azure" | "google" | "okta" | "keycloak" | "ory" | "other" | undefined;
1059
2754
  ssoUrl?: string | undefined;
1060
2755
  ssoClientId?: string | undefined;
@@ -1167,3 +2862,4 @@ export declare const THROUGHPUT_PRESETS: Record<Exclude<BenchmarkPreset, "custom
1167
2862
  }>;
1168
2863
  /** Cloud URLs that should be blocked from benchmarking */
1169
2864
  export declare const BLOCKED_BENCHMARK_DOMAINS: string[];
2865
+ export {};