@sylphx/contract 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +44 -0
- package/LICENSE +21 -0
- package/README.md +164 -0
- package/dist/endpoint.d.ts +65 -0
- package/dist/endpoint.d.ts.map +1 -0
- package/dist/endpoint.js +22 -0
- package/dist/endpoints/admin-ai-playground.d.ts +93 -0
- package/dist/endpoints/admin-ai-playground.d.ts.map +1 -0
- package/dist/endpoints/admin-ai-playground.js +37 -0
- package/dist/endpoints/admin-anomalies.d.ts +108 -0
- package/dist/endpoints/admin-anomalies.d.ts.map +1 -0
- package/dist/endpoints/admin-anomalies.js +72 -0
- package/dist/endpoints/admin-apm.d.ts +102 -0
- package/dist/endpoints/admin-apm.d.ts.map +1 -0
- package/dist/endpoints/admin-apm.js +70 -0
- package/dist/endpoints/admin-audit.d.ts +714 -0
- package/dist/endpoints/admin-audit.d.ts.map +1 -0
- package/dist/endpoints/admin-audit.js +494 -0
- package/dist/endpoints/admin-billing.d.ts +82 -0
- package/dist/endpoints/admin-billing.d.ts.map +1 -0
- package/dist/endpoints/admin-billing.js +190 -0
- package/dist/endpoints/admin-bootstrap.d.ts +16 -0
- package/dist/endpoints/admin-bootstrap.d.ts.map +1 -0
- package/dist/endpoints/admin-bootstrap.js +28 -0
- package/dist/endpoints/admin-broadcasts.d.ts +105 -0
- package/dist/endpoints/admin-broadcasts.d.ts.map +1 -0
- package/dist/endpoints/admin-broadcasts.js +60 -0
- package/dist/endpoints/admin-builds.d.ts +33 -0
- package/dist/endpoints/admin-builds.d.ts.map +1 -0
- package/dist/endpoints/admin-builds.js +36 -0
- package/dist/endpoints/admin-config.d.ts +180 -0
- package/dist/endpoints/admin-config.d.ts.map +1 -0
- package/dist/endpoints/admin-config.js +108 -0
- package/dist/endpoints/admin-consent.d.ts +123 -0
- package/dist/endpoints/admin-consent.d.ts.map +1 -0
- package/dist/endpoints/admin-consent.js +126 -0
- package/dist/endpoints/admin-env-services.d.ts +28 -0
- package/dist/endpoints/admin-env-services.d.ts.map +1 -0
- package/dist/endpoints/admin-env-services.js +35 -0
- package/dist/endpoints/admin-impersonation.d.ts +105 -0
- package/dist/endpoints/admin-impersonation.d.ts.map +1 -0
- package/dist/endpoints/admin-impersonation.js +88 -0
- package/dist/endpoints/admin-invitations.d.ts +73 -0
- package/dist/endpoints/admin-invitations.d.ts.map +1 -0
- package/dist/endpoints/admin-invitations.js +55 -0
- package/dist/endpoints/admin-jwt-keys.d.ts +75 -0
- package/dist/endpoints/admin-jwt-keys.d.ts.map +1 -0
- package/dist/endpoints/admin-jwt-keys.js +63 -0
- package/dist/endpoints/admin-logs.d.ts +109 -0
- package/dist/endpoints/admin-logs.d.ts.map +1 -0
- package/dist/endpoints/admin-logs.js +78 -0
- package/dist/endpoints/admin-plans.d.ts +63 -0
- package/dist/endpoints/admin-plans.d.ts.map +1 -0
- package/dist/endpoints/admin-plans.js +47 -0
- package/dist/endpoints/admin-project-users.d.ts +148 -0
- package/dist/endpoints/admin-project-users.d.ts.map +1 -0
- package/dist/endpoints/admin-project-users.js +89 -0
- package/dist/endpoints/admin-projects.d.ts +124 -0
- package/dist/endpoints/admin-projects.d.ts.map +1 -0
- package/dist/endpoints/admin-projects.js +74 -0
- package/dist/endpoints/admin-quotas.d.ts +98 -0
- package/dist/endpoints/admin-quotas.d.ts.map +1 -0
- package/dist/endpoints/admin-quotas.js +67 -0
- package/dist/endpoints/admin-rate-limits.d.ts +50 -0
- package/dist/endpoints/admin-rate-limits.d.ts.map +1 -0
- package/dist/endpoints/admin-rate-limits.js +53 -0
- package/dist/endpoints/admin-reconcile.d.ts +28 -0
- package/dist/endpoints/admin-reconcile.d.ts.map +1 -0
- package/dist/endpoints/admin-reconcile.js +33 -0
- package/dist/endpoints/admin-resources.d.ts +51 -0
- package/dist/endpoints/admin-resources.d.ts.map +1 -0
- package/dist/endpoints/admin-resources.js +53 -0
- package/dist/endpoints/admin-secrets.d.ts +41 -0
- package/dist/endpoints/admin-secrets.d.ts.map +1 -0
- package/dist/endpoints/admin-secrets.js +33 -0
- package/dist/endpoints/admin-services.d.ts +29 -0
- package/dist/endpoints/admin-services.d.ts.map +1 -0
- package/dist/endpoints/admin-services.js +35 -0
- package/dist/endpoints/admin-tasks.d.ts +186 -0
- package/dist/endpoints/admin-tasks.d.ts.map +1 -0
- package/dist/endpoints/admin-tasks.js +67 -0
- package/dist/endpoints/admin-tenants.d.ts +26 -0
- package/dist/endpoints/admin-tenants.d.ts.map +1 -0
- package/dist/endpoints/admin-tenants.js +30 -0
- package/dist/endpoints/admin-traces.d.ts +124 -0
- package/dist/endpoints/admin-traces.d.ts.map +1 -0
- package/dist/endpoints/admin-traces.js +59 -0
- package/dist/endpoints/admin-users.d.ts +106 -0
- package/dist/endpoints/admin-users.d.ts.map +1 -0
- package/dist/endpoints/admin-users.js +83 -0
- package/dist/endpoints/admin-webhook-signature-versions.d.ts +59 -0
- package/dist/endpoints/admin-webhook-signature-versions.d.ts.map +1 -0
- package/dist/endpoints/admin-webhook-signature-versions.js +57 -0
- package/dist/endpoints/ai-admin.d.ts +30 -0
- package/dist/endpoints/ai-admin.d.ts.map +1 -0
- package/dist/endpoints/ai-admin.js +59 -0
- package/dist/endpoints/analytics-admin.d.ts +279 -0
- package/dist/endpoints/analytics-admin.d.ts.map +1 -0
- package/dist/endpoints/analytics-admin.js +308 -0
- package/dist/endpoints/analytics.d.ts +58 -0
- package/dist/endpoints/analytics.d.ts.map +1 -0
- package/dist/endpoints/analytics.js +43 -0
- package/dist/endpoints/audit-chain.d.ts +49 -0
- package/dist/endpoints/audit-chain.d.ts.map +1 -0
- package/dist/endpoints/audit-chain.js +29 -0
- package/dist/endpoints/audit.d.ts +50 -0
- package/dist/endpoints/audit.d.ts.map +1 -0
- package/dist/endpoints/audit.js +30 -0
- package/dist/endpoints/auth-admin.d.ts +65 -0
- package/dist/endpoints/auth-admin.d.ts.map +1 -0
- package/dist/endpoints/auth-admin.js +55 -0
- package/dist/endpoints/auth.d.ts +157 -0
- package/dist/endpoints/auth.d.ts.map +1 -0
- package/dist/endpoints/auth.js +214 -0
- package/dist/endpoints/backups.d.ts +51 -0
- package/dist/endpoints/backups.d.ts.map +1 -0
- package/dist/endpoints/backups.js +47 -0
- package/dist/endpoints/billing-console.d.ts +294 -0
- package/dist/endpoints/billing-console.d.ts.map +1 -0
- package/dist/endpoints/billing-console.js +167 -0
- package/dist/endpoints/billing-settings.d.ts +107 -0
- package/dist/endpoints/billing-settings.d.ts.map +1 -0
- package/dist/endpoints/billing-settings.js +117 -0
- package/dist/endpoints/branch-databases.d.ts +75 -0
- package/dist/endpoints/branch-databases.d.ts.map +1 -0
- package/dist/endpoints/branch-databases.js +61 -0
- package/dist/endpoints/challenge.d.ts +62 -0
- package/dist/endpoints/challenge.d.ts.map +1 -0
- package/dist/endpoints/challenge.js +52 -0
- package/dist/endpoints/ci-settings.d.ts +89 -0
- package/dist/endpoints/ci-settings.d.ts.map +1 -0
- package/dist/endpoints/ci-settings.js +78 -0
- package/dist/endpoints/consent-admin.d.ts +134 -0
- package/dist/endpoints/consent-admin.d.ts.map +1 -0
- package/dist/endpoints/consent-admin.js +83 -0
- package/dist/endpoints/databases.d.ts +251 -0
- package/dist/endpoints/databases.d.ts.map +1 -0
- package/dist/endpoints/databases.js +150 -0
- package/dist/endpoints/deployments.d.ts +280 -0
- package/dist/endpoints/deployments.d.ts.map +1 -0
- package/dist/endpoints/deployments.js +205 -0
- package/dist/endpoints/domains.d.ts +356 -0
- package/dist/endpoints/domains.d.ts.map +1 -0
- package/dist/endpoints/domains.js +149 -0
- package/dist/endpoints/edge-deployments.d.ts +92 -0
- package/dist/endpoints/edge-deployments.d.ts.map +1 -0
- package/dist/endpoints/edge-deployments.js +58 -0
- package/dist/endpoints/email-admin.d.ts +415 -0
- package/dist/endpoints/email-admin.d.ts.map +1 -0
- package/dist/endpoints/email-admin.js +253 -0
- package/dist/endpoints/email.d.ts +37 -0
- package/dist/endpoints/email.d.ts.map +1 -0
- package/dist/endpoints/email.js +42 -0
- package/dist/endpoints/engagement-admin.d.ts +98 -0
- package/dist/endpoints/engagement-admin.d.ts.map +1 -0
- package/dist/endpoints/engagement-admin.js +64 -0
- package/dist/endpoints/env-vars.d.ts +66 -0
- package/dist/endpoints/env-vars.d.ts.map +1 -0
- package/dist/endpoints/env-vars.js +47 -0
- package/dist/endpoints/environments.d.ts +456 -0
- package/dist/endpoints/environments.d.ts.map +1 -0
- package/dist/endpoints/environments.js +237 -0
- package/dist/endpoints/experiments.d.ts +500 -0
- package/dist/endpoints/experiments.d.ts.map +1 -0
- package/dist/endpoints/experiments.js +93 -0
- package/dist/endpoints/flags-admin.d.ts +74 -0
- package/dist/endpoints/flags-admin.d.ts.map +1 -0
- package/dist/endpoints/flags-admin.js +84 -0
- package/dist/endpoints/flags.d.ts +23 -0
- package/dist/endpoints/flags.d.ts.map +1 -0
- package/dist/endpoints/flags.js +17 -0
- package/dist/endpoints/github.d.ts +30 -0
- package/dist/endpoints/github.d.ts.map +1 -0
- package/dist/endpoints/github.js +37 -0
- package/dist/endpoints/image-opt.d.ts +43 -0
- package/dist/endpoints/image-opt.d.ts.map +1 -0
- package/dist/endpoints/image-opt.js +44 -0
- package/dist/endpoints/kv-admin.d.ts +58 -0
- package/dist/endpoints/kv-admin.d.ts.map +1 -0
- package/dist/endpoints/kv-admin.js +69 -0
- package/dist/endpoints/kv.d.ts +63 -0
- package/dist/endpoints/kv.d.ts.map +1 -0
- package/dist/endpoints/kv.js +82 -0
- package/dist/endpoints/monitoring-admin.d.ts +204 -0
- package/dist/endpoints/monitoring-admin.d.ts.map +1 -0
- package/dist/endpoints/monitoring-admin.js +119 -0
- package/dist/endpoints/monitoring.d.ts +63 -0
- package/dist/endpoints/monitoring.d.ts.map +1 -0
- package/dist/endpoints/monitoring.js +27 -0
- package/dist/endpoints/newsletter.d.ts +366 -0
- package/dist/endpoints/newsletter.d.ts.map +1 -0
- package/dist/endpoints/newsletter.js +232 -0
- package/dist/endpoints/notifications-admin.d.ts +268 -0
- package/dist/endpoints/notifications-admin.d.ts.map +1 -0
- package/dist/endpoints/notifications-admin.js +172 -0
- package/dist/endpoints/notifications.d.ts +225 -0
- package/dist/endpoints/notifications.d.ts.map +1 -0
- package/dist/endpoints/notifications.js +150 -0
- package/dist/endpoints/oidc.d.ts +67 -0
- package/dist/endpoints/oidc.d.ts.map +1 -0
- package/dist/endpoints/oidc.js +49 -0
- package/dist/endpoints/organizations.d.ts +702 -0
- package/dist/endpoints/organizations.d.ts.map +1 -0
- package/dist/endpoints/organizations.js +460 -0
- package/dist/endpoints/plans.d.ts +136 -0
- package/dist/endpoints/plans.d.ts.map +1 -0
- package/dist/endpoints/plans.js +83 -0
- package/dist/endpoints/privacy.d.ts +131 -0
- package/dist/endpoints/privacy.d.ts.map +1 -0
- package/dist/endpoints/privacy.js +98 -0
- package/dist/endpoints/project-manifest.d.ts +1044 -0
- package/dist/endpoints/project-manifest.d.ts.map +1 -0
- package/dist/endpoints/project-manifest.js +59 -0
- package/dist/endpoints/projects.d.ts +187 -0
- package/dist/endpoints/projects.d.ts.map +1 -0
- package/dist/endpoints/projects.js +58 -0
- package/dist/endpoints/rate-limits.d.ts +83 -0
- package/dist/endpoints/rate-limits.d.ts.map +1 -0
- package/dist/endpoints/rate-limits.js +54 -0
- package/dist/endpoints/realtime-admin.d.ts +42 -0
- package/dist/endpoints/realtime-admin.d.ts.map +1 -0
- package/dist/endpoints/realtime-admin.js +50 -0
- package/dist/endpoints/realtime.d.ts +35 -0
- package/dist/endpoints/realtime.d.ts.map +1 -0
- package/dist/endpoints/realtime.js +39 -0
- package/dist/endpoints/referrals-admin.d.ts +118 -0
- package/dist/endpoints/referrals-admin.d.ts.map +1 -0
- package/dist/endpoints/referrals-admin.js +59 -0
- package/dist/endpoints/refresh.d.ts +19 -0
- package/dist/endpoints/refresh.d.ts.map +1 -0
- package/dist/endpoints/refresh.js +25 -0
- package/dist/endpoints/regions.d.ts +41 -0
- package/dist/endpoints/regions.d.ts.map +1 -0
- package/dist/endpoints/regions.js +43 -0
- package/dist/endpoints/runners.d.ts +55 -0
- package/dist/endpoints/runners.d.ts.map +1 -0
- package/dist/endpoints/runners.js +45 -0
- package/dist/endpoints/saml.d.ts +147 -0
- package/dist/endpoints/saml.d.ts.map +1 -0
- package/dist/endpoints/saml.js +106 -0
- package/dist/endpoints/search.d.ts +62 -0
- package/dist/endpoints/search.d.ts.map +1 -0
- package/dist/endpoints/search.js +40 -0
- package/dist/endpoints/secrets.d.ts +95 -0
- package/dist/endpoints/secrets.d.ts.map +1 -0
- package/dist/endpoints/secrets.js +81 -0
- package/dist/endpoints/security.d.ts +231 -0
- package/dist/endpoints/security.d.ts.map +1 -0
- package/dist/endpoints/security.js +291 -0
- package/dist/endpoints/service-tokens.d.ts +392 -0
- package/dist/endpoints/service-tokens.d.ts.map +1 -0
- package/dist/endpoints/service-tokens.js +125 -0
- package/dist/endpoints/session-replay.d.ts +142 -0
- package/dist/endpoints/session-replay.d.ts.map +1 -0
- package/dist/endpoints/session-replay.js +53 -0
- package/dist/endpoints/storage-admin.d.ts +96 -0
- package/dist/endpoints/storage-admin.d.ts.map +1 -0
- package/dist/endpoints/storage-admin.js +113 -0
- package/dist/endpoints/storage.d.ts +167 -0
- package/dist/endpoints/storage.d.ts.map +1 -0
- package/dist/endpoints/storage.js +117 -0
- package/dist/endpoints/tasks.d.ts +141 -0
- package/dist/endpoints/tasks.d.ts.map +1 -0
- package/dist/endpoints/tasks.js +97 -0
- package/dist/endpoints/users.d.ts +103 -0
- package/dist/endpoints/users.d.ts.map +1 -0
- package/dist/endpoints/users.js +98 -0
- package/dist/endpoints/webhooks.d.ts +201 -0
- package/dist/endpoints/webhooks.d.ts.map +1 -0
- package/dist/endpoints/webhooks.js +120 -0
- package/dist/errors.d.ts +153 -0
- package/dist/errors.d.ts.map +1 -0
- package/dist/errors.js +73 -0
- package/dist/index.d.ts +12303 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +390 -0
- package/dist/schemas/_primitives.d.ts +37 -0
- package/dist/schemas/_primitives.d.ts.map +1 -0
- package/dist/schemas/_primitives.js +38 -0
- package/dist/schemas/admin-ai-playground.d.ts +128 -0
- package/dist/schemas/admin-ai-playground.d.ts.map +1 -0
- package/dist/schemas/admin-ai-playground.js +84 -0
- package/dist/schemas/admin-anomalies.d.ts +131 -0
- package/dist/schemas/admin-anomalies.d.ts.map +1 -0
- package/dist/schemas/admin-anomalies.js +106 -0
- package/dist/schemas/admin-apm.d.ts +151 -0
- package/dist/schemas/admin-apm.d.ts.map +1 -0
- package/dist/schemas/admin-apm.js +96 -0
- package/dist/schemas/admin-audit.d.ts +625 -0
- package/dist/schemas/admin-audit.d.ts.map +1 -0
- package/dist/schemas/admin-audit.js +508 -0
- package/dist/schemas/admin-billing.d.ts +73 -0
- package/dist/schemas/admin-billing.d.ts.map +1 -0
- package/dist/schemas/admin-billing.js +60 -0
- package/dist/schemas/admin-bootstrap.d.ts +32 -0
- package/dist/schemas/admin-bootstrap.d.ts.map +1 -0
- package/dist/schemas/admin-bootstrap.js +37 -0
- package/dist/schemas/admin-broadcasts.d.ts +181 -0
- package/dist/schemas/admin-broadcasts.d.ts.map +1 -0
- package/dist/schemas/admin-broadcasts.js +93 -0
- package/dist/schemas/admin-builds.d.ts +108 -0
- package/dist/schemas/admin-builds.d.ts.map +1 -0
- package/dist/schemas/admin-builds.js +127 -0
- package/dist/schemas/admin-config.d.ts +248 -0
- package/dist/schemas/admin-config.d.ts.map +1 -0
- package/dist/schemas/admin-config.js +145 -0
- package/dist/schemas/admin-consent.d.ts +129 -0
- package/dist/schemas/admin-consent.d.ts.map +1 -0
- package/dist/schemas/admin-consent.js +76 -0
- package/dist/schemas/admin-env-services.d.ts +63 -0
- package/dist/schemas/admin-env-services.d.ts.map +1 -0
- package/dist/schemas/admin-env-services.js +81 -0
- package/dist/schemas/admin-impersonation.d.ts +150 -0
- package/dist/schemas/admin-impersonation.d.ts.map +1 -0
- package/dist/schemas/admin-impersonation.js +114 -0
- package/dist/schemas/admin-invitations.d.ts +119 -0
- package/dist/schemas/admin-invitations.d.ts.map +1 -0
- package/dist/schemas/admin-invitations.js +80 -0
- package/dist/schemas/admin-jwt-keys.d.ts +130 -0
- package/dist/schemas/admin-jwt-keys.d.ts.map +1 -0
- package/dist/schemas/admin-jwt-keys.js +83 -0
- package/dist/schemas/admin-logs.d.ts +170 -0
- package/dist/schemas/admin-logs.d.ts.map +1 -0
- package/dist/schemas/admin-logs.js +108 -0
- package/dist/schemas/admin-plans.d.ts +92 -0
- package/dist/schemas/admin-plans.d.ts.map +1 -0
- package/dist/schemas/admin-plans.js +62 -0
- package/dist/schemas/admin-project-users.d.ts +183 -0
- package/dist/schemas/admin-project-users.d.ts.map +1 -0
- package/dist/schemas/admin-project-users.js +108 -0
- package/dist/schemas/admin-projects.d.ts +237 -0
- package/dist/schemas/admin-projects.d.ts.map +1 -0
- package/dist/schemas/admin-projects.js +129 -0
- package/dist/schemas/admin-quotas.d.ts +161 -0
- package/dist/schemas/admin-quotas.d.ts.map +1 -0
- package/dist/schemas/admin-quotas.js +107 -0
- package/dist/schemas/admin-rate-limits.d.ts +90 -0
- package/dist/schemas/admin-rate-limits.d.ts.map +1 -0
- package/dist/schemas/admin-rate-limits.js +72 -0
- package/dist/schemas/admin-reconcile.d.ts +89 -0
- package/dist/schemas/admin-reconcile.d.ts.map +1 -0
- package/dist/schemas/admin-reconcile.js +86 -0
- package/dist/schemas/admin-resources.d.ts +129 -0
- package/dist/schemas/admin-resources.d.ts.map +1 -0
- package/dist/schemas/admin-resources.js +143 -0
- package/dist/schemas/admin-secrets.d.ts +113 -0
- package/dist/schemas/admin-secrets.d.ts.map +1 -0
- package/dist/schemas/admin-secrets.js +94 -0
- package/dist/schemas/admin-services.d.ts +71 -0
- package/dist/schemas/admin-services.d.ts.map +1 -0
- package/dist/schemas/admin-services.js +61 -0
- package/dist/schemas/admin-tasks.d.ts +239 -0
- package/dist/schemas/admin-tasks.d.ts.map +1 -0
- package/dist/schemas/admin-tasks.js +103 -0
- package/dist/schemas/admin-tenants.d.ts +45 -0
- package/dist/schemas/admin-tenants.d.ts.map +1 -0
- package/dist/schemas/admin-tenants.js +54 -0
- package/dist/schemas/admin-traces.d.ts +203 -0
- package/dist/schemas/admin-traces.d.ts.map +1 -0
- package/dist/schemas/admin-traces.js +128 -0
- package/dist/schemas/admin-users.d.ts +158 -0
- package/dist/schemas/admin-users.d.ts.map +1 -0
- package/dist/schemas/admin-users.js +110 -0
- package/dist/schemas/admin-webhook-signature-versions.d.ts +103 -0
- package/dist/schemas/admin-webhook-signature-versions.d.ts.map +1 -0
- package/dist/schemas/admin-webhook-signature-versions.js +73 -0
- package/dist/schemas/ai-admin.d.ts +39 -0
- package/dist/schemas/ai-admin.d.ts.map +1 -0
- package/dist/schemas/ai-admin.js +29 -0
- package/dist/schemas/ai.d.ts +120 -0
- package/dist/schemas/ai.d.ts.map +1 -0
- package/dist/schemas/ai.js +84 -0
- package/dist/schemas/analytics-admin.d.ts +104 -0
- package/dist/schemas/analytics-admin.d.ts.map +1 -0
- package/dist/schemas/analytics-admin.js +61 -0
- package/dist/schemas/analytics.d.ts +118 -0
- package/dist/schemas/analytics.d.ts.map +1 -0
- package/dist/schemas/analytics.js +80 -0
- package/dist/schemas/audit-chain.d.ts +81 -0
- package/dist/schemas/audit-chain.d.ts.map +1 -0
- package/dist/schemas/audit-chain.js +62 -0
- package/dist/schemas/auth-admin.d.ts +55 -0
- package/dist/schemas/auth-admin.d.ts.map +1 -0
- package/dist/schemas/auth-admin.js +48 -0
- package/dist/schemas/auth.d.ts +865 -0
- package/dist/schemas/auth.d.ts.map +1 -0
- package/dist/schemas/auth.js +815 -0
- package/dist/schemas/backups.d.ts +70 -0
- package/dist/schemas/backups.d.ts.map +1 -0
- package/dist/schemas/backups.js +38 -0
- package/dist/schemas/billing-console.d.ts +414 -0
- package/dist/schemas/billing-console.d.ts.map +1 -0
- package/dist/schemas/billing-console.js +298 -0
- package/dist/schemas/billing-settings.d.ts +156 -0
- package/dist/schemas/billing-settings.d.ts.map +1 -0
- package/dist/schemas/billing-settings.js +119 -0
- package/dist/schemas/billing.d.ts +211 -0
- package/dist/schemas/billing.d.ts.map +1 -0
- package/dist/schemas/billing.js +147 -0
- package/dist/schemas/branch-database.d.ts +98 -0
- package/dist/schemas/branch-database.d.ts.map +1 -0
- package/dist/schemas/branch-database.js +68 -0
- package/dist/schemas/challenge.d.ts +104 -0
- package/dist/schemas/challenge.d.ts.map +1 -0
- package/dist/schemas/challenge.js +74 -0
- package/dist/schemas/ci-settings.d.ts +122 -0
- package/dist/schemas/ci-settings.d.ts.map +1 -0
- package/dist/schemas/ci-settings.js +65 -0
- package/dist/schemas/consent-admin.d.ts +187 -0
- package/dist/schemas/consent-admin.d.ts.map +1 -0
- package/dist/schemas/consent-admin.js +114 -0
- package/dist/schemas/consent.d.ts +78 -0
- package/dist/schemas/consent.d.ts.map +1 -0
- package/dist/schemas/consent.js +68 -0
- package/dist/schemas/database.d.ts +104 -0
- package/dist/schemas/database.d.ts.map +1 -0
- package/dist/schemas/database.js +89 -0
- package/dist/schemas/deployment.d.ts +386 -0
- package/dist/schemas/deployment.d.ts.map +1 -0
- package/dist/schemas/deployment.js +282 -0
- package/dist/schemas/domain.d.ts +148 -0
- package/dist/schemas/domain.d.ts.map +1 -0
- package/dist/schemas/domain.js +86 -0
- package/dist/schemas/edge-deployments.d.ts +140 -0
- package/dist/schemas/edge-deployments.d.ts.map +1 -0
- package/dist/schemas/edge-deployments.js +87 -0
- package/dist/schemas/email-admin.d.ts +384 -0
- package/dist/schemas/email-admin.d.ts.map +1 -0
- package/dist/schemas/email-admin.js +313 -0
- package/dist/schemas/email.d.ts +46 -0
- package/dist/schemas/email.d.ts.map +1 -0
- package/dist/schemas/email.js +34 -0
- package/dist/schemas/engagement-admin.d.ts +148 -0
- package/dist/schemas/engagement-admin.d.ts.map +1 -0
- package/dist/schemas/engagement-admin.js +107 -0
- package/dist/schemas/env-var.d.ts +68 -0
- package/dist/schemas/env-var.d.ts.map +1 -0
- package/dist/schemas/env-var.js +52 -0
- package/dist/schemas/environment.d.ts +392 -0
- package/dist/schemas/environment.d.ts.map +1 -0
- package/dist/schemas/environment.js +211 -0
- package/dist/schemas/experiments.d.ts +540 -0
- package/dist/schemas/experiments.d.ts.map +1 -0
- package/dist/schemas/experiments.js +150 -0
- package/dist/schemas/flags-admin.d.ts +112 -0
- package/dist/schemas/flags-admin.d.ts.map +1 -0
- package/dist/schemas/flags-admin.js +84 -0
- package/dist/schemas/flags.d.ts +43 -0
- package/dist/schemas/flags.d.ts.map +1 -0
- package/dist/schemas/flags.js +27 -0
- package/dist/schemas/github.d.ts +34 -0
- package/dist/schemas/github.d.ts.map +1 -0
- package/dist/schemas/github.js +24 -0
- package/dist/schemas/ids.d.ts +39 -0
- package/dist/schemas/ids.d.ts.map +1 -0
- package/dist/schemas/ids.js +26 -0
- package/dist/schemas/image-opt.d.ts +70 -0
- package/dist/schemas/image-opt.d.ts.map +1 -0
- package/dist/schemas/image-opt.js +68 -0
- package/dist/schemas/kv-admin.d.ts +60 -0
- package/dist/schemas/kv-admin.d.ts.map +1 -0
- package/dist/schemas/kv-admin.js +43 -0
- package/dist/schemas/kv.d.ts +79 -0
- package/dist/schemas/kv.d.ts.map +1 -0
- package/dist/schemas/kv.js +54 -0
- package/dist/schemas/monitoring-admin.d.ts +314 -0
- package/dist/schemas/monitoring-admin.d.ts.map +1 -0
- package/dist/schemas/monitoring-admin.js +196 -0
- package/dist/schemas/monitoring.d.ts +143 -0
- package/dist/schemas/monitoring.d.ts.map +1 -0
- package/dist/schemas/monitoring.js +96 -0
- package/dist/schemas/newsletter.d.ts +366 -0
- package/dist/schemas/newsletter.d.ts.map +1 -0
- package/dist/schemas/newsletter.js +245 -0
- package/dist/schemas/notifications-admin.d.ts +337 -0
- package/dist/schemas/notifications-admin.d.ts.map +1 -0
- package/dist/schemas/notifications-admin.js +261 -0
- package/dist/schemas/notifications.d.ts +312 -0
- package/dist/schemas/notifications.d.ts.map +1 -0
- package/dist/schemas/notifications.js +235 -0
- package/dist/schemas/oidc.d.ts +74 -0
- package/dist/schemas/oidc.d.ts.map +1 -0
- package/dist/schemas/oidc.js +46 -0
- package/dist/schemas/organization-billing.d.ts +165 -0
- package/dist/schemas/organization-billing.d.ts.map +1 -0
- package/dist/schemas/organization-billing.js +156 -0
- package/dist/schemas/organization-project-users.d.ts +126 -0
- package/dist/schemas/organization-project-users.d.ts.map +1 -0
- package/dist/schemas/organization-project-users.js +88 -0
- package/dist/schemas/organization-projects.d.ts +129 -0
- package/dist/schemas/organization-projects.d.ts.map +1 -0
- package/dist/schemas/organization-projects.js +119 -0
- package/dist/schemas/organization-referrals.d.ts +129 -0
- package/dist/schemas/organization-referrals.d.ts.map +1 -0
- package/dist/schemas/organization-referrals.js +126 -0
- package/dist/schemas/organization-team.d.ts +123 -0
- package/dist/schemas/organization-team.d.ts.map +1 -0
- package/dist/schemas/organization-team.js +119 -0
- package/dist/schemas/organization.d.ts +210 -0
- package/dist/schemas/organization.d.ts.map +1 -0
- package/dist/schemas/organization.js +169 -0
- package/dist/schemas/plans.d.ts +211 -0
- package/dist/schemas/plans.d.ts.map +1 -0
- package/dist/schemas/plans.js +131 -0
- package/dist/schemas/privacy.d.ts +174 -0
- package/dist/schemas/privacy.d.ts.map +1 -0
- package/dist/schemas/privacy.js +132 -0
- package/dist/schemas/project-manifest.d.ts +1421 -0
- package/dist/schemas/project-manifest.d.ts.map +1 -0
- package/dist/schemas/project-manifest.js +318 -0
- package/dist/schemas/project.d.ts +132 -0
- package/dist/schemas/project.d.ts.map +1 -0
- package/dist/schemas/project.js +76 -0
- package/dist/schemas/realtime-admin.d.ts +51 -0
- package/dist/schemas/realtime-admin.d.ts.map +1 -0
- package/dist/schemas/realtime-admin.js +29 -0
- package/dist/schemas/realtime.d.ts +46 -0
- package/dist/schemas/realtime.d.ts.map +1 -0
- package/dist/schemas/realtime.js +32 -0
- package/dist/schemas/referrals-admin.d.ts +166 -0
- package/dist/schemas/referrals-admin.d.ts.map +1 -0
- package/dist/schemas/referrals-admin.js +123 -0
- package/dist/schemas/referrals.d.ts +148 -0
- package/dist/schemas/referrals.d.ts.map +1 -0
- package/dist/schemas/referrals.js +102 -0
- package/dist/schemas/refresh.d.ts +29 -0
- package/dist/schemas/refresh.d.ts.map +1 -0
- package/dist/schemas/refresh.js +18 -0
- package/dist/schemas/region.d.ts +118 -0
- package/dist/schemas/region.d.ts.map +1 -0
- package/dist/schemas/region.js +86 -0
- package/dist/schemas/resources.d.ts +345 -0
- package/dist/schemas/resources.d.ts.map +1 -0
- package/dist/schemas/resources.js +220 -0
- package/dist/schemas/runners.d.ts +93 -0
- package/dist/schemas/runners.d.ts.map +1 -0
- package/dist/schemas/runners.js +49 -0
- package/dist/schemas/saml.d.ts +254 -0
- package/dist/schemas/saml.d.ts.map +1 -0
- package/dist/schemas/saml.js +159 -0
- package/dist/schemas/search.d.ts +96 -0
- package/dist/schemas/search.d.ts.map +1 -0
- package/dist/schemas/search.js +57 -0
- package/dist/schemas/secret.d.ts +101 -0
- package/dist/schemas/secret.d.ts.map +1 -0
- package/dist/schemas/secret.js +79 -0
- package/dist/schemas/security.d.ts +345 -0
- package/dist/schemas/security.d.ts.map +1 -0
- package/dist/schemas/security.js +248 -0
- package/dist/schemas/service-tokens.d.ts +342 -0
- package/dist/schemas/service-tokens.d.ts.map +1 -0
- package/dist/schemas/service-tokens.js +101 -0
- package/dist/schemas/session-replay.d.ts +285 -0
- package/dist/schemas/session-replay.d.ts.map +1 -0
- package/dist/schemas/session-replay.js +145 -0
- package/dist/schemas/storage-admin.d.ts +351 -0
- package/dist/schemas/storage-admin.d.ts.map +1 -0
- package/dist/schemas/storage-admin.js +197 -0
- package/dist/schemas/storage.d.ts +257 -0
- package/dist/schemas/storage.d.ts.map +1 -0
- package/dist/schemas/storage.js +173 -0
- package/dist/schemas/tasks.d.ts +178 -0
- package/dist/schemas/tasks.d.ts.map +1 -0
- package/dist/schemas/tasks.js +102 -0
- package/dist/schemas/user.d.ts +103 -0
- package/dist/schemas/user.d.ts.map +1 -0
- package/dist/schemas/user.js +79 -0
- package/dist/schemas/webhooks.d.ts +259 -0
- package/dist/schemas/webhooks.d.ts.map +1 -0
- package/dist/schemas/webhooks.js +198 -0
- package/package.json +154 -0
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Projects endpoints — Console operator dashboard project management.
|
|
3
|
+
* Mirrors `apps/api/src/server/platform/routes/admin/projects.ts`.
|
|
4
|
+
*
|
|
5
|
+
* Production mount: `/admin/projects/*`.
|
|
6
|
+
*/
|
|
7
|
+
import { defineEndpoint } from '../endpoint.js';
|
|
8
|
+
import { AdminCreateProjectInput, AdminCreateProjectResult, AdminDeleteProjectResult, AdminEnvironmentIdParams, AdminGetProjectResult, AdminListProjectsQuery, AdminListProjectsResult, AdminPlatformResourcesResult, AdminProjectIdParams, AdminRegenerateSecretKeyResult, AdminUpdateProjectInput, AdminUpdateProjectResult, } from '../schemas/admin-projects.js';
|
|
9
|
+
export const adminProjectsEndpoints = {
|
|
10
|
+
list: defineEndpoint({
|
|
11
|
+
method: 'GET',
|
|
12
|
+
path: '/admin/projects/',
|
|
13
|
+
query: AdminListProjectsQuery,
|
|
14
|
+
response: AdminListProjectsResult,
|
|
15
|
+
plane: 'admin',
|
|
16
|
+
summary: "List apps for the user's organization",
|
|
17
|
+
tags: ['admin-projects'],
|
|
18
|
+
}),
|
|
19
|
+
get: defineEndpoint({
|
|
20
|
+
method: 'GET',
|
|
21
|
+
path: '/admin/projects/:id',
|
|
22
|
+
params: AdminProjectIdParams,
|
|
23
|
+
response: AdminGetProjectResult,
|
|
24
|
+
plane: 'admin',
|
|
25
|
+
summary: 'Get app by ID or slug (org-scoped)',
|
|
26
|
+
tags: ['admin-projects'],
|
|
27
|
+
}),
|
|
28
|
+
create: defineEndpoint({
|
|
29
|
+
method: 'POST',
|
|
30
|
+
path: '/admin/projects/',
|
|
31
|
+
body: AdminCreateProjectInput,
|
|
32
|
+
response: AdminCreateProjectResult,
|
|
33
|
+
plane: 'admin',
|
|
34
|
+
summary: 'Create app with default dev + production environments',
|
|
35
|
+
tags: ['admin-projects'],
|
|
36
|
+
}),
|
|
37
|
+
update: defineEndpoint({
|
|
38
|
+
method: 'PATCH',
|
|
39
|
+
path: '/admin/projects/:id',
|
|
40
|
+
params: AdminProjectIdParams,
|
|
41
|
+
body: AdminUpdateProjectInput,
|
|
42
|
+
response: AdminUpdateProjectResult,
|
|
43
|
+
plane: 'admin',
|
|
44
|
+
summary: 'Update app settings',
|
|
45
|
+
tags: ['admin-projects'],
|
|
46
|
+
}),
|
|
47
|
+
delete: defineEndpoint({
|
|
48
|
+
method: 'DELETE',
|
|
49
|
+
path: '/admin/projects/:id',
|
|
50
|
+
params: AdminProjectIdParams,
|
|
51
|
+
response: AdminDeleteProjectResult,
|
|
52
|
+
plane: 'admin',
|
|
53
|
+
summary: 'Soft delete app (super_admin only)',
|
|
54
|
+
tags: ['admin-projects'],
|
|
55
|
+
}),
|
|
56
|
+
regenerateSecretKey: defineEndpoint({
|
|
57
|
+
method: 'POST',
|
|
58
|
+
path: '/admin/projects/environments/:environmentId/regenerate-key',
|
|
59
|
+
params: AdminEnvironmentIdParams,
|
|
60
|
+
response: AdminRegenerateSecretKeyResult,
|
|
61
|
+
plane: 'admin',
|
|
62
|
+
summary: 'Regenerate environment secret key (super_admin only)',
|
|
63
|
+
tags: ['admin-projects'],
|
|
64
|
+
}),
|
|
65
|
+
platformResources: defineEndpoint({
|
|
66
|
+
method: 'GET',
|
|
67
|
+
path: '/admin/projects/:id/platform-resources',
|
|
68
|
+
params: AdminProjectIdParams,
|
|
69
|
+
response: AdminPlatformResourcesResult,
|
|
70
|
+
plane: 'admin',
|
|
71
|
+
summary: "List project's hidden BaaS resource bindings (ADR-047)",
|
|
72
|
+
tags: ['admin-projects'],
|
|
73
|
+
}),
|
|
74
|
+
};
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Quotas endpoints — Console operator dashboard per-project quota ops.
|
|
3
|
+
* Mirrors `apps/api/src/server/platform/routes/admin/quotas.ts`.
|
|
4
|
+
*
|
|
5
|
+
* Production mount: `/admin/quotas/*`.
|
|
6
|
+
*/
|
|
7
|
+
export declare const adminQuotasEndpoints: {
|
|
8
|
+
readonly getProjectQuotas: import("../endpoint.js").Endpoint<"GET", "/admin/quotas/projects/:projectId/quotas", import("effect/Schema").Struct<{
|
|
9
|
+
projectId: typeof import("effect/Schema").String;
|
|
10
|
+
}>, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
11
|
+
projectId: typeof import("effect/Schema").String;
|
|
12
|
+
projectName: typeof import("effect/Schema").String;
|
|
13
|
+
quotas: import("effect/Schema").Array$<import("effect/Schema").Struct<{
|
|
14
|
+
service: typeof import("effect/Schema").String;
|
|
15
|
+
metric: typeof import("effect/Schema").String;
|
|
16
|
+
currentUsage: typeof import("effect/Schema").Number;
|
|
17
|
+
limit: typeof import("effect/Schema").Number;
|
|
18
|
+
percentUsed: typeof import("effect/Schema").Number;
|
|
19
|
+
enforcement: import("effect/Schema").Literal<["hard", "soft", "none"]>;
|
|
20
|
+
period: import("effect/Schema").Literal<["hourly", "daily", "monthly", "unlimited"]>;
|
|
21
|
+
status: import("effect/Schema").Literal<["ok", "warning", "critical", "exceeded"]>;
|
|
22
|
+
isActive: typeof import("effect/Schema").Boolean;
|
|
23
|
+
}>>;
|
|
24
|
+
mauCount: typeof import("effect/Schema").Number;
|
|
25
|
+
mauLimit: typeof import("effect/Schema").Number;
|
|
26
|
+
overallStatus: import("effect/Schema").Literal<["ok", "warning", "critical", "exceeded", "blocked"]>;
|
|
27
|
+
unacknowledgedAlertsCount: typeof import("effect/Schema").Number;
|
|
28
|
+
}>>;
|
|
29
|
+
readonly getQuotaStats: import("../endpoint.js").Endpoint<"GET", "/admin/quotas/projects/:projectId/quotas/stats", import("effect/Schema").Struct<{
|
|
30
|
+
projectId: typeof import("effect/Schema").String;
|
|
31
|
+
}>, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
32
|
+
atLimit: typeof import("effect/Schema").Number;
|
|
33
|
+
warning: typeof import("effect/Schema").Number;
|
|
34
|
+
critical: typeof import("effect/Schema").Number;
|
|
35
|
+
ok: typeof import("effect/Schema").Number;
|
|
36
|
+
total: typeof import("effect/Schema").Number;
|
|
37
|
+
}>>;
|
|
38
|
+
readonly getQuotaAlerts: import("../endpoint.js").Endpoint<"GET", "/admin/quotas/projects/:projectId/quotas/alerts", import("effect/Schema").Struct<{
|
|
39
|
+
projectId: typeof import("effect/Schema").String;
|
|
40
|
+
}>, import("effect/Schema").Struct<{
|
|
41
|
+
acknowledged: import("effect/Schema").optional<typeof import("effect/Schema").String>;
|
|
42
|
+
limit: import("effect/Schema").optional<typeof import("effect/Schema").String>;
|
|
43
|
+
}>, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
44
|
+
alerts: import("effect/Schema").Array$<import("effect/Schema").Struct<{
|
|
45
|
+
id: typeof import("effect/Schema").String;
|
|
46
|
+
service: typeof import("effect/Schema").String;
|
|
47
|
+
metric: typeof import("effect/Schema").String;
|
|
48
|
+
level: import("effect/Schema").Literal<["warning", "critical", "exceeded"]>;
|
|
49
|
+
usagePercent: typeof import("effect/Schema").Number;
|
|
50
|
+
currentValue: typeof import("effect/Schema").Number;
|
|
51
|
+
limitValue: typeof import("effect/Schema").Number;
|
|
52
|
+
message: typeof import("effect/Schema").String;
|
|
53
|
+
sentAt: typeof import("effect/Schema").String;
|
|
54
|
+
acknowledgedAt: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
55
|
+
}>>;
|
|
56
|
+
}>>;
|
|
57
|
+
readonly getQuotaHistory: import("../endpoint.js").Endpoint<"GET", "/admin/quotas/projects/:projectId/quotas/history", import("effect/Schema").Struct<{
|
|
58
|
+
projectId: typeof import("effect/Schema").String;
|
|
59
|
+
}>, import("effect/Schema").Struct<{
|
|
60
|
+
service: typeof import("effect/Schema").String;
|
|
61
|
+
metric: typeof import("effect/Schema").String;
|
|
62
|
+
days: import("effect/Schema").optional<typeof import("effect/Schema").String>;
|
|
63
|
+
}>, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
64
|
+
history: import("effect/Schema").Array$<import("effect/Schema").Struct<{
|
|
65
|
+
date: typeof import("effect/Schema").String;
|
|
66
|
+
value: typeof import("effect/Schema").Number;
|
|
67
|
+
}>>;
|
|
68
|
+
}>>;
|
|
69
|
+
readonly updateQuota: import("../endpoint.js").Endpoint<"PATCH", "/admin/quotas/projects/:projectId/quotas", import("effect/Schema").Struct<{
|
|
70
|
+
projectId: typeof import("effect/Schema").String;
|
|
71
|
+
}>, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
72
|
+
service: typeof import("effect/Schema").String;
|
|
73
|
+
metric: typeof import("effect/Schema").String;
|
|
74
|
+
limitValue: import("effect/Schema").optional<typeof import("effect/Schema").Number>;
|
|
75
|
+
enforcement: import("effect/Schema").optional<import("effect/Schema").Literal<["hard", "soft", "none"]>>;
|
|
76
|
+
warningThresholdPercent: import("effect/Schema").optional<typeof import("effect/Schema").Number>;
|
|
77
|
+
criticalThresholdPercent: import("effect/Schema").optional<typeof import("effect/Schema").Number>;
|
|
78
|
+
isActive: import("effect/Schema").optional<typeof import("effect/Schema").Boolean>;
|
|
79
|
+
}>, import("effect/Schema").Struct<{
|
|
80
|
+
success: typeof import("effect/Schema").Boolean;
|
|
81
|
+
quota: import("effect/Schema").Struct<{
|
|
82
|
+
service: typeof import("effect/Schema").String;
|
|
83
|
+
metric: typeof import("effect/Schema").String;
|
|
84
|
+
limitValue: typeof import("effect/Schema").Number;
|
|
85
|
+
enforcement: import("effect/Schema").Literal<["hard", "soft", "none"]>;
|
|
86
|
+
warningThresholdPercent: typeof import("effect/Schema").Number;
|
|
87
|
+
criticalThresholdPercent: typeof import("effect/Schema").Number;
|
|
88
|
+
isActive: typeof import("effect/Schema").Boolean;
|
|
89
|
+
}>;
|
|
90
|
+
}>>;
|
|
91
|
+
readonly acknowledgeAlert: import("../endpoint.js").Endpoint<"POST", "/admin/quotas/alerts/:alertId/acknowledge", import("effect/Schema").Struct<{
|
|
92
|
+
alertId: typeof import("effect/Schema").String;
|
|
93
|
+
}>, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
94
|
+
success: typeof import("effect/Schema").Boolean;
|
|
95
|
+
acknowledgedAt: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
96
|
+
}>>;
|
|
97
|
+
};
|
|
98
|
+
//# sourceMappingURL=admin-quotas.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"admin-quotas.d.ts","sourceRoot":"","sources":["../../src/endpoints/admin-quotas.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAiBH,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA0DvB,CAAA"}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Quotas endpoints — Console operator dashboard per-project quota ops.
|
|
3
|
+
* Mirrors `apps/api/src/server/platform/routes/admin/quotas.ts`.
|
|
4
|
+
*
|
|
5
|
+
* Production mount: `/admin/quotas/*`.
|
|
6
|
+
*/
|
|
7
|
+
import { defineEndpoint } from '../endpoint.js';
|
|
8
|
+
import { AdminAcknowledgeAlertResult, AdminAlertIdParams, AdminGetProjectQuotasResult, AdminGetQuotaAlertsQuery, AdminGetQuotaAlertsResult, AdminGetQuotaHistoryQuery, AdminGetQuotaHistoryResult, AdminGetQuotaStatsResult, AdminQuotasProjectParams, AdminUpdateQuotaInput, AdminUpdateQuotaResult, } from '../schemas/admin-quotas.js';
|
|
9
|
+
export const adminQuotasEndpoints = {
|
|
10
|
+
getProjectQuotas: defineEndpoint({
|
|
11
|
+
method: 'GET',
|
|
12
|
+
path: '/admin/quotas/projects/:projectId/quotas',
|
|
13
|
+
params: AdminQuotasProjectParams,
|
|
14
|
+
response: AdminGetProjectQuotasResult,
|
|
15
|
+
plane: 'admin',
|
|
16
|
+
summary: 'Get all quotas for a project with current usage',
|
|
17
|
+
tags: ['admin-quotas'],
|
|
18
|
+
}),
|
|
19
|
+
getQuotaStats: defineEndpoint({
|
|
20
|
+
method: 'GET',
|
|
21
|
+
path: '/admin/quotas/projects/:projectId/quotas/stats',
|
|
22
|
+
params: AdminQuotasProjectParams,
|
|
23
|
+
response: AdminGetQuotaStatsResult,
|
|
24
|
+
plane: 'admin',
|
|
25
|
+
summary: 'Quota status count breakdown',
|
|
26
|
+
tags: ['admin-quotas'],
|
|
27
|
+
}),
|
|
28
|
+
getQuotaAlerts: defineEndpoint({
|
|
29
|
+
method: 'GET',
|
|
30
|
+
path: '/admin/quotas/projects/:projectId/quotas/alerts',
|
|
31
|
+
params: AdminQuotasProjectParams,
|
|
32
|
+
query: AdminGetQuotaAlertsQuery,
|
|
33
|
+
response: AdminGetQuotaAlertsResult,
|
|
34
|
+
plane: 'admin',
|
|
35
|
+
summary: 'List quota alerts with optional ack filter',
|
|
36
|
+
tags: ['admin-quotas'],
|
|
37
|
+
}),
|
|
38
|
+
getQuotaHistory: defineEndpoint({
|
|
39
|
+
method: 'GET',
|
|
40
|
+
path: '/admin/quotas/projects/:projectId/quotas/history',
|
|
41
|
+
params: AdminQuotasProjectParams,
|
|
42
|
+
query: AdminGetQuotaHistoryQuery,
|
|
43
|
+
response: AdminGetQuotaHistoryResult,
|
|
44
|
+
plane: 'admin',
|
|
45
|
+
summary: 'Daily usage history for one service/metric pair',
|
|
46
|
+
tags: ['admin-quotas'],
|
|
47
|
+
}),
|
|
48
|
+
updateQuota: defineEndpoint({
|
|
49
|
+
method: 'PATCH',
|
|
50
|
+
path: '/admin/quotas/projects/:projectId/quotas',
|
|
51
|
+
params: AdminQuotasProjectParams,
|
|
52
|
+
body: AdminUpdateQuotaInput,
|
|
53
|
+
response: AdminUpdateQuotaResult,
|
|
54
|
+
plane: 'admin',
|
|
55
|
+
summary: 'Update quota settings for one service/metric',
|
|
56
|
+
tags: ['admin-quotas'],
|
|
57
|
+
}),
|
|
58
|
+
acknowledgeAlert: defineEndpoint({
|
|
59
|
+
method: 'POST',
|
|
60
|
+
path: '/admin/quotas/alerts/:alertId/acknowledge',
|
|
61
|
+
params: AdminAlertIdParams,
|
|
62
|
+
response: AdminAcknowledgeAlertResult,
|
|
63
|
+
plane: 'admin',
|
|
64
|
+
summary: 'Acknowledge a quota alert',
|
|
65
|
+
tags: ['admin-quotas'],
|
|
66
|
+
}),
|
|
67
|
+
};
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Rate-Limits endpoints — operator-driven tuning of per-credential-type
|
|
3
|
+
* multipliers (Production-Ready audit M-3).
|
|
4
|
+
*
|
|
5
|
+
* Production mount: `/admin/rate-limits/*`.
|
|
6
|
+
*
|
|
7
|
+
* Auth: service token + scope `platform:ratelimits:write`. Super-admin
|
|
8
|
+
* sessions are explicitly NOT accepted by the server — a multiplier change
|
|
9
|
+
* is a security-policy decision and MUST be a programmatic step in an Ops
|
|
10
|
+
* runbook, never an interactive Console click.
|
|
11
|
+
*
|
|
12
|
+
* Resolution order (server-side):
|
|
13
|
+
*
|
|
14
|
+
* 1. SPIFFE mesh path → exempt (always allow).
|
|
15
|
+
* 2. DB row for credential type → multiplier.
|
|
16
|
+
* 3. Inline `CREDENTIAL_MULTIPLIERS_INLINE` defaults if the DB lookup
|
|
17
|
+
* fails (config-path fail-open). The enforcement layer itself still
|
|
18
|
+
* fails CLOSED on Redis outages.
|
|
19
|
+
*
|
|
20
|
+
* @see `apps/api/src/server/platform/routes/admin/rate-limits.ts`
|
|
21
|
+
* @see `packages/core/src/lib/security/rate-limit-credential-multipliers.ts`
|
|
22
|
+
*/
|
|
23
|
+
export declare const adminRateLimitsEndpoints: {
|
|
24
|
+
readonly listStrategies: import("../endpoint.js").Endpoint<"GET", "/admin/rate-limits/strategies", import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
25
|
+
multipliers: import("effect/Schema").Array$<import("effect/Schema").Struct<{
|
|
26
|
+
credentialType: import("effect/Schema").Literal<["public", "secret", "service", "session", "spiffe", "unknown"]>;
|
|
27
|
+
multiplier: typeof import("effect/Schema").Number;
|
|
28
|
+
exempt: typeof import("effect/Schema").Boolean;
|
|
29
|
+
notes: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
30
|
+
lastUpdatedAt: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
31
|
+
}>>;
|
|
32
|
+
}>>;
|
|
33
|
+
readonly setStrategy: import("../endpoint.js").Endpoint<"POST", "/admin/rate-limits/strategies", import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
34
|
+
credentialType: import("effect/Schema").Literal<["public", "secret", "service", "session", "spiffe", "unknown"]>;
|
|
35
|
+
multiplier: import("effect/Schema").filter<import("effect/Schema").filter<typeof import("effect/Schema").Number>>;
|
|
36
|
+
exempt: import("effect/Schema").optional<typeof import("effect/Schema").Boolean>;
|
|
37
|
+
reason: import("effect/Schema").filter<typeof import("effect/Schema").String>;
|
|
38
|
+
}>, import("effect/Schema").Struct<{
|
|
39
|
+
updated: import("effect/Schema").Struct<{
|
|
40
|
+
credentialType: import("effect/Schema").Literal<["public", "secret", "service", "session", "spiffe", "unknown"]>;
|
|
41
|
+
multiplier: typeof import("effect/Schema").Number;
|
|
42
|
+
exempt: typeof import("effect/Schema").Boolean;
|
|
43
|
+
notes: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
44
|
+
lastUpdatedAt: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
45
|
+
}>;
|
|
46
|
+
auditLogId: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
47
|
+
message: typeof import("effect/Schema").String;
|
|
48
|
+
}>>;
|
|
49
|
+
};
|
|
50
|
+
//# sourceMappingURL=admin-rate-limits.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"admin-rate-limits.d.ts","sourceRoot":"","sources":["../../src/endpoints/admin-rate-limits.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AASH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;CA+B3B,CAAA"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Rate-Limits endpoints — operator-driven tuning of per-credential-type
|
|
3
|
+
* multipliers (Production-Ready audit M-3).
|
|
4
|
+
*
|
|
5
|
+
* Production mount: `/admin/rate-limits/*`.
|
|
6
|
+
*
|
|
7
|
+
* Auth: service token + scope `platform:ratelimits:write`. Super-admin
|
|
8
|
+
* sessions are explicitly NOT accepted by the server — a multiplier change
|
|
9
|
+
* is a security-policy decision and MUST be a programmatic step in an Ops
|
|
10
|
+
* runbook, never an interactive Console click.
|
|
11
|
+
*
|
|
12
|
+
* Resolution order (server-side):
|
|
13
|
+
*
|
|
14
|
+
* 1. SPIFFE mesh path → exempt (always allow).
|
|
15
|
+
* 2. DB row for credential type → multiplier.
|
|
16
|
+
* 3. Inline `CREDENTIAL_MULTIPLIERS_INLINE` defaults if the DB lookup
|
|
17
|
+
* fails (config-path fail-open). The enforcement layer itself still
|
|
18
|
+
* fails CLOSED on Redis outages.
|
|
19
|
+
*
|
|
20
|
+
* @see `apps/api/src/server/platform/routes/admin/rate-limits.ts`
|
|
21
|
+
* @see `packages/core/src/lib/security/rate-limit-credential-multipliers.ts`
|
|
22
|
+
*/
|
|
23
|
+
import { defineEndpoint } from '../endpoint.js';
|
|
24
|
+
import { AdminListRateLimitMultipliersResult, AdminSetRateLimitMultiplierInput, AdminSetRateLimitMultiplierResult, } from '../schemas/admin-rate-limits.js';
|
|
25
|
+
export const adminRateLimitsEndpoints = {
|
|
26
|
+
listStrategies: defineEndpoint({
|
|
27
|
+
method: 'GET',
|
|
28
|
+
path: '/admin/rate-limits/strategies',
|
|
29
|
+
response: AdminListRateLimitMultipliersResult,
|
|
30
|
+
plane: 'admin',
|
|
31
|
+
summary: 'List the per-credential-type rate-limit multipliers currently applied to every preset',
|
|
32
|
+
description: 'Returns one row per credential type (`public`, `secret`, `service`, ' +
|
|
33
|
+
'`session`, `spiffe`, `unknown`) with its multiplier, exempt flag, ' +
|
|
34
|
+
'operator-supplied notes, and last-update timestamp. Reads ' +
|
|
35
|
+
'authoritatively from the DB; the in-memory cache is refreshed every ' +
|
|
36
|
+
'5 minutes via Redis. Requires service token with scope ' +
|
|
37
|
+
'`platform:ratelimits:write`.',
|
|
38
|
+
tags: ['admin-rate-limits'],
|
|
39
|
+
}),
|
|
40
|
+
setStrategy: defineEndpoint({
|
|
41
|
+
method: 'POST',
|
|
42
|
+
path: '/admin/rate-limits/strategies',
|
|
43
|
+
body: AdminSetRateLimitMultiplierInput,
|
|
44
|
+
response: AdminSetRateLimitMultiplierResult,
|
|
45
|
+
plane: 'admin',
|
|
46
|
+
summary: 'Upsert the multiplier (or exempt flag) for a single credential type',
|
|
47
|
+
description: 'Writes the row for `credentialType` and fires `invalidateAndReload()` ' +
|
|
48
|
+
'on the enforcement layer so the new value is live within seconds — no ' +
|
|
49
|
+
'5-min wait. `reason` is required (≥3 chars) and recorded on the audit ' +
|
|
50
|
+
'log. Requires service token with scope `platform:ratelimits:write`.',
|
|
51
|
+
tags: ['admin-rate-limits'],
|
|
52
|
+
}),
|
|
53
|
+
};
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Reconcile endpoints — operator-only recovery surface (OPS-6).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `apps/api/src/server/platform/routes/admin/reconcile.ts`.
|
|
5
|
+
*
|
|
6
|
+
* `POST /admin/reconcile/reset` replaces raw
|
|
7
|
+
* `UPDATE project_environments SET generation = generation + 1, …` and
|
|
8
|
+
* `UPDATE environment_services SET reconcile_status = 'pending', …` from
|
|
9
|
+
* `docs/how-to/reconciler-cleanup-semantic.md`. Scope:
|
|
10
|
+
* `platform:reconcile:reset`.
|
|
11
|
+
*
|
|
12
|
+
* Plane: `admin`.
|
|
13
|
+
*/
|
|
14
|
+
export declare const adminReconcileEndpoints: {
|
|
15
|
+
readonly reset: import("../endpoint.js").Endpoint<"POST", "/admin/reconcile/reset", import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
16
|
+
kind: import("effect/Schema").Union<[import("effect/Schema").Literal<["service"]>, import("effect/Schema").Literal<["environment"]>]>;
|
|
17
|
+
id: import("effect/Schema").filter<typeof import("effect/Schema").String>;
|
|
18
|
+
to: import("effect/Schema").Union<[import("effect/Schema").Literal<["pending"]>, import("effect/Schema").Literal<["synced"]>]>;
|
|
19
|
+
reason: import("effect/Schema").filter<import("effect/Schema").filter<typeof import("effect/Schema").String>>;
|
|
20
|
+
}>, import("effect/Schema").Struct<{
|
|
21
|
+
kind: import("effect/Schema").Union<[import("effect/Schema").Literal<["service"]>, import("effect/Schema").Literal<["environment"]>]>;
|
|
22
|
+
id: typeof import("effect/Schema").String;
|
|
23
|
+
previousStatus: typeof import("effect/Schema").String;
|
|
24
|
+
newStatus: import("effect/Schema").Union<[import("effect/Schema").Literal<["pending"]>, import("effect/Schema").Literal<["synced"]>]>;
|
|
25
|
+
generationBumped: typeof import("effect/Schema").Boolean;
|
|
26
|
+
}>>;
|
|
27
|
+
};
|
|
28
|
+
//# sourceMappingURL=admin-reconcile.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"admin-reconcile.d.ts","sourceRoot":"","sources":["../../src/endpoints/admin-reconcile.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;CAkB1B,CAAA"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Reconcile endpoints — operator-only recovery surface (OPS-6).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `apps/api/src/server/platform/routes/admin/reconcile.ts`.
|
|
5
|
+
*
|
|
6
|
+
* `POST /admin/reconcile/reset` replaces raw
|
|
7
|
+
* `UPDATE project_environments SET generation = generation + 1, …` and
|
|
8
|
+
* `UPDATE environment_services SET reconcile_status = 'pending', …` from
|
|
9
|
+
* `docs/how-to/reconciler-cleanup-semantic.md`. Scope:
|
|
10
|
+
* `platform:reconcile:reset`.
|
|
11
|
+
*
|
|
12
|
+
* Plane: `admin`.
|
|
13
|
+
*/
|
|
14
|
+
import { defineEndpoint } from '../endpoint.js';
|
|
15
|
+
import { AdminReconcileResetInput, AdminReconcileResetResult } from '../schemas/admin-reconcile.js';
|
|
16
|
+
export const adminReconcileEndpoints = {
|
|
17
|
+
reset: defineEndpoint({
|
|
18
|
+
method: 'POST',
|
|
19
|
+
path: '/admin/reconcile/reset',
|
|
20
|
+
body: AdminReconcileResetInput,
|
|
21
|
+
response: AdminReconcileResetResult,
|
|
22
|
+
plane: 'admin',
|
|
23
|
+
summary: 'Reset reconcile_status on a service or environment row',
|
|
24
|
+
description: 'Validates that the source state permits the target transition and ' +
|
|
25
|
+
'rejects `terminating`/`terminated` rows (use force-delete instead). ' +
|
|
26
|
+
'When `to=pending`, also bumps `generation` so the reconciler picks ' +
|
|
27
|
+
'up the row on the next tick. Every successful call writes one ' +
|
|
28
|
+
'`audit_logs` row tagged `resourceType=service|environment`, ' +
|
|
29
|
+
'`action=admin_action`, `operation=reconcile_reset`, `source=api`. ' +
|
|
30
|
+
'Requires service token with scope `platform:reconcile:reset`.',
|
|
31
|
+
tags: ['admin-reconcile'],
|
|
32
|
+
}),
|
|
33
|
+
};
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Resources endpoints — operator-only recovery surface (OPS-3).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `apps/api/src/server/platform/routes/admin/resources.ts`.
|
|
5
|
+
*
|
|
6
|
+
* `DELETE /admin/resources/:id` replaces raw
|
|
7
|
+
* `DELETE FROM managed_resources WHERE id=...` from
|
|
8
|
+
* `docs/how-to/teardown-failure.md`. Scope: `platform:resources:forcedelete`.
|
|
9
|
+
*
|
|
10
|
+
* Sibling slice OPS-2 (reseal) extends this file with its own endpoint
|
|
11
|
+
* when it lands.
|
|
12
|
+
*
|
|
13
|
+
* Plane: `admin`.
|
|
14
|
+
*/
|
|
15
|
+
export declare const adminResourcesEndpoints: {
|
|
16
|
+
readonly forceDelete: import("../endpoint.js").Endpoint<"DELETE", "/admin/resources/:id", import("effect/Schema").Struct<{
|
|
17
|
+
id: import("effect/Schema").filter<typeof import("effect/Schema").String>;
|
|
18
|
+
}>, import("effect/Schema").Struct<{
|
|
19
|
+
reason: import("effect/Schema").filter<import("effect/Schema").filter<typeof import("effect/Schema").String>>;
|
|
20
|
+
cascade: import("effect/Schema").optional<import("effect/Schema").transform<import("effect/Schema").Union<[import("effect/Schema").Literal<["true"]>, import("effect/Schema").Literal<["false"]>]>, typeof import("effect/Schema").Boolean>>;
|
|
21
|
+
reallyForce: import("effect/Schema").optional<import("effect/Schema").transform<import("effect/Schema").Union<[import("effect/Schema").Literal<["true"]>, import("effect/Schema").Literal<["false"]>]>, typeof import("effect/Schema").Boolean>>;
|
|
22
|
+
}>, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
23
|
+
id: typeof import("effect/Schema").String;
|
|
24
|
+
previousStatus: typeof import("effect/Schema").String;
|
|
25
|
+
cascade: typeof import("effect/Schema").Boolean;
|
|
26
|
+
reallyForce: typeof import("effect/Schema").Boolean;
|
|
27
|
+
dependentsDeleted: typeof import("effect/Schema").Number;
|
|
28
|
+
}>>;
|
|
29
|
+
readonly reseal: import("../endpoint.js").Endpoint<"POST", "/admin/resources/reseal", import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
30
|
+
keyId: import("effect/Schema").filter<import("effect/Schema").filter<import("effect/Schema").filter<typeof import("effect/Schema").String>>>;
|
|
31
|
+
filter: import("effect/Schema").optional<import("effect/Schema").Struct<{
|
|
32
|
+
projectId: import("effect/Schema").optional<typeof import("effect/Schema").String>;
|
|
33
|
+
envId: import("effect/Schema").optional<typeof import("effect/Schema").String>;
|
|
34
|
+
}>>;
|
|
35
|
+
}>, import("effect/Schema").Struct<{
|
|
36
|
+
activeKeyId: typeof import("effect/Schema").String;
|
|
37
|
+
totalRotated: typeof import("effect/Schema").Number;
|
|
38
|
+
totalFailed: typeof import("effect/Schema").Number;
|
|
39
|
+
fields: import("effect/Schema").Array$<import("effect/Schema").Struct<{
|
|
40
|
+
fieldName: typeof import("effect/Schema").String;
|
|
41
|
+
rowsSeen: typeof import("effect/Schema").Number;
|
|
42
|
+
rowsRotated: typeof import("effect/Schema").Number;
|
|
43
|
+
rowsFailed: typeof import("effect/Schema").Number;
|
|
44
|
+
failures: import("effect/Schema").Array$<import("effect/Schema").Struct<{
|
|
45
|
+
id: typeof import("effect/Schema").String;
|
|
46
|
+
reason: typeof import("effect/Schema").String;
|
|
47
|
+
}>>;
|
|
48
|
+
}>>;
|
|
49
|
+
}>>;
|
|
50
|
+
};
|
|
51
|
+
//# sourceMappingURL=admin-resources.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"admin-resources.d.ts","sourceRoot":"","sources":["../../src/endpoints/admin-resources.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAWH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAsC1B,CAAA"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Resources endpoints — operator-only recovery surface (OPS-3).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors `apps/api/src/server/platform/routes/admin/resources.ts`.
|
|
5
|
+
*
|
|
6
|
+
* `DELETE /admin/resources/:id` replaces raw
|
|
7
|
+
* `DELETE FROM managed_resources WHERE id=...` from
|
|
8
|
+
* `docs/how-to/teardown-failure.md`. Scope: `platform:resources:forcedelete`.
|
|
9
|
+
*
|
|
10
|
+
* Sibling slice OPS-2 (reseal) extends this file with its own endpoint
|
|
11
|
+
* when it lands.
|
|
12
|
+
*
|
|
13
|
+
* Plane: `admin`.
|
|
14
|
+
*/
|
|
15
|
+
import { defineEndpoint } from '../endpoint.js';
|
|
16
|
+
import { AdminResourceForceDeleteQuery, AdminResourceForceDeleteResult, AdminResourceIdParams, AdminResourceResealInput, AdminResourceResealResult, } from '../schemas/admin-resources.js';
|
|
17
|
+
export const adminResourcesEndpoints = {
|
|
18
|
+
forceDelete: defineEndpoint({
|
|
19
|
+
method: 'DELETE',
|
|
20
|
+
path: '/admin/resources/:id',
|
|
21
|
+
params: AdminResourceIdParams,
|
|
22
|
+
query: AdminResourceForceDeleteQuery,
|
|
23
|
+
response: AdminResourceForceDeleteResult,
|
|
24
|
+
plane: 'admin',
|
|
25
|
+
summary: 'Force-delete a stuck `managed_resources` row',
|
|
26
|
+
description: 'Hard-deletes the row and (when `cascade=true`) its dependent rows. ' +
|
|
27
|
+
'Refuses the call when `reconcile_status` is not `terminating` unless ' +
|
|
28
|
+
'`reallyForce=true` is passed. Every call writes one ' +
|
|
29
|
+
'`audit_logs` row tagged `resourceType=managed_resource`, ' +
|
|
30
|
+
'`action=force_delete`, `source=api`. Requires service token with ' +
|
|
31
|
+
'scope `platform:resources:forcedelete`.',
|
|
32
|
+
tags: ['admin-resources'],
|
|
33
|
+
}),
|
|
34
|
+
reseal: defineEndpoint({
|
|
35
|
+
method: 'POST',
|
|
36
|
+
path: '/admin/resources/reseal',
|
|
37
|
+
body: AdminResourceResealInput,
|
|
38
|
+
response: AdminResourceResealResult,
|
|
39
|
+
plane: 'admin',
|
|
40
|
+
summary: 'Re-encrypt every encrypted column under the active KEK',
|
|
41
|
+
description: 'Walks the canonical rotation registry (environment_secrets, ' +
|
|
42
|
+
'environment_secret_versions, projects.webhook_secret_encrypted, ' +
|
|
43
|
+
'project_environments.webhook_secret_encrypted, ' +
|
|
44
|
+
'jwt_keys.encrypted_private_key) and re-encrypts every row whose ' +
|
|
45
|
+
'envelope is not under the active KEK. Idempotent — re-running ' +
|
|
46
|
+
'after convergence rewrites zero rows. Refuses with 409 when the ' +
|
|
47
|
+
'request `keyId` does not match the live ring. Emits one ' +
|
|
48
|
+
'`audit_logs` row tagged `resourceType=managed_resource`, ' +
|
|
49
|
+
'`action=admin_action`, `operation=reseal`, `source=api`. ' +
|
|
50
|
+
'Requires service token with scope `platform:resources:reseal`.',
|
|
51
|
+
tags: ['admin-resources'],
|
|
52
|
+
}),
|
|
53
|
+
};
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Secrets endpoints — operator-driven rotation of platform HMAC /
|
|
3
|
+
* encryption secrets (G-5).
|
|
4
|
+
*
|
|
5
|
+
* Production mount: `/admin/secrets/*`.
|
|
6
|
+
*
|
|
7
|
+
* Auth: service-token + scope `platform:secrets:rotate` (NOT super-admin
|
|
8
|
+
* session — see schema header for rationale). The endpoint is the audit
|
|
9
|
+
* trail; actual K8s secret value updates remain a two-person Ops runbook
|
|
10
|
+
* step (`docs/runbooks/secret-rotation.md`).
|
|
11
|
+
*/
|
|
12
|
+
export declare const adminSecretsEndpoints: {
|
|
13
|
+
readonly list: import("../endpoint.js").Endpoint<"GET", "/admin/secrets", import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
14
|
+
secrets: import("effect/Schema").Array$<import("effect/Schema").Struct<{
|
|
15
|
+
type: import("effect/Schema").Literal<["break-glass", "encryption-key", "jwt-signing"]>;
|
|
16
|
+
lastRotatedAt: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
17
|
+
ageDays: import("effect/Schema").NullOr<typeof import("effect/Schema").Number>;
|
|
18
|
+
cadenceDays: typeof import("effect/Schema").Number;
|
|
19
|
+
overdue: typeof import("effect/Schema").Boolean;
|
|
20
|
+
clusterSecretRef: typeof import("effect/Schema").String;
|
|
21
|
+
}>>;
|
|
22
|
+
}>>;
|
|
23
|
+
readonly rotate: import("../endpoint.js").Endpoint<"POST", "/admin/secrets/rotate", import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Schema.AnyNoContext | undefined, import("effect/Schema").Struct<{
|
|
24
|
+
type: import("effect/Schema").Literal<["break-glass", "encryption-key", "jwt-signing"]>;
|
|
25
|
+
dryRun: import("effect/Schema").optional<typeof import("effect/Schema").Boolean>;
|
|
26
|
+
reason: import("effect/Schema").optional<typeof import("effect/Schema").String>;
|
|
27
|
+
}>, import("effect/Schema").Struct<{
|
|
28
|
+
rotated: typeof import("effect/Schema").Boolean;
|
|
29
|
+
status: import("effect/Schema").Struct<{
|
|
30
|
+
type: import("effect/Schema").Literal<["break-glass", "encryption-key", "jwt-signing"]>;
|
|
31
|
+
lastRotatedAt: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
32
|
+
ageDays: import("effect/Schema").NullOr<typeof import("effect/Schema").Number>;
|
|
33
|
+
cadenceDays: typeof import("effect/Schema").Number;
|
|
34
|
+
overdue: typeof import("effect/Schema").Boolean;
|
|
35
|
+
clusterSecretRef: typeof import("effect/Schema").String;
|
|
36
|
+
}>;
|
|
37
|
+
auditLogId: import("effect/Schema").NullOr<typeof import("effect/Schema").String>;
|
|
38
|
+
message: typeof import("effect/Schema").String;
|
|
39
|
+
}>>;
|
|
40
|
+
};
|
|
41
|
+
//# sourceMappingURL=admin-secrets.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"admin-secrets.d.ts","sourceRoot":"","sources":["../../src/endpoints/admin-secrets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AASH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqBxB,CAAA"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Admin Secrets endpoints — operator-driven rotation of platform HMAC /
|
|
3
|
+
* encryption secrets (G-5).
|
|
4
|
+
*
|
|
5
|
+
* Production mount: `/admin/secrets/*`.
|
|
6
|
+
*
|
|
7
|
+
* Auth: service-token + scope `platform:secrets:rotate` (NOT super-admin
|
|
8
|
+
* session — see schema header for rationale). The endpoint is the audit
|
|
9
|
+
* trail; actual K8s secret value updates remain a two-person Ops runbook
|
|
10
|
+
* step (`docs/runbooks/secret-rotation.md`).
|
|
11
|
+
*/
|
|
12
|
+
import { defineEndpoint } from '../endpoint.js';
|
|
13
|
+
import { AdminListSecretsResult, AdminRotateSecretInput, AdminRotateSecretResult, } from '../schemas/admin-secrets.js';
|
|
14
|
+
export const adminSecretsEndpoints = {
|
|
15
|
+
list: defineEndpoint({
|
|
16
|
+
method: 'GET',
|
|
17
|
+
path: '/admin/secrets',
|
|
18
|
+
response: AdminListSecretsResult,
|
|
19
|
+
plane: 'admin',
|
|
20
|
+
summary: 'List rotatable platform secrets with last-rotation age + overdue flag (drives `sylphx_secret_age_days`)',
|
|
21
|
+
tags: ['admin-secrets'],
|
|
22
|
+
}),
|
|
23
|
+
rotate: defineEndpoint({
|
|
24
|
+
method: 'POST',
|
|
25
|
+
path: '/admin/secrets/rotate',
|
|
26
|
+
body: AdminRotateSecretInput,
|
|
27
|
+
response: AdminRotateSecretResult,
|
|
28
|
+
plane: 'admin',
|
|
29
|
+
summary: 'Record a secret-rotation event for compliance + emit the audit row. ' +
|
|
30
|
+
'Pass dryRun=true to inspect status without writing.',
|
|
31
|
+
tags: ['admin-secrets'],
|
|
32
|
+
}),
|
|
33
|
+
};
|