From 4040cbebacee5348a3cfa2f62ca8c6703b3a98d5 Mon Sep 17 00:00:00 2001 From: Javi Date: Wed, 22 Apr 2026 11:48:28 -0300 Subject: [PATCH 1/2] chore(endpoint-exposer): remove unused groups field from service spec MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The `groups` property was declared on each route in the Endpoint Exposer service spec but never consumed by any workflow, script, or Istio template — it was a dead UI field with no enforcement. Drop the property, its uiSchema Controls, and the stale documentation/examples that referenced it across all five schema copies (attributes + create/delete parameters + results). Co-Authored-By: Claude Opus 4.7 (1M context) --- .../install/specs/service-spec.json.tpl | 125 ++---------------- 1 file changed, 10 insertions(+), 115 deletions(-) diff --git a/endpoint-exposer/install/specs/service-spec.json.tpl b/endpoint-exposer/install/specs/service-spec.json.tpl index 1d6b921..f436990 100644 --- a/endpoint-exposer/install/specs/service-spec.json.tpl +++ b/endpoint-exposer/install/specs/service-spec.json.tpl @@ -43,7 +43,7 @@ "label": "Routes", "elements": [ { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n| **Groups** | Security groups allowed to access this route. Leave empty for unrestricted access |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", + "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", "type": "Label", "options": { "format": "markdown" @@ -56,7 +56,7 @@ "label": "Examples", "elements": [ { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\",\n \"groups\": []\n}\n```\n\n### Protected Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\",\n \"groups\": [\"AWS_PlataformaUpstream_Administrador_Desa\"]\n}\n```", + "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", "type": "Label", "options": { "format": "markdown" @@ -119,11 +119,6 @@ "scope": "#/properties/visibility" } ] - }, - { - "type": "Control", - "label": "Required Endpoint Permissions", - "scope": "#/properties/groups" } ] }, @@ -157,22 +152,6 @@ "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" } }, - "groups": { - "type": "array", - "items": { - "oneOf": [ - { "const": "AWS_PlataformaUpstream_Gestor_Desa", "title": "Gestor Desarrollo" }, - { "const": "AWS_PlataformaUpstream_Programador_Desa", "title": "Programador Desarrollo" }, - { "const": "AWS_PlataformaUpstream_Pulling_Desa", "title": "Pulling Desarrollo" }, - { "const": "AWS_PlataformaUpstream_Workover_Desa", "title": "Workover Desarrollo" }, - { "const": "AWS_PlataformaUpstream_Visita_Desa", "title": "Visita Desarrollo" }, - { "const": "AWS_PlataformaUpstream_Administrador_Desa", "title": "Administrador Desarrollo" } - ], - "type": "string" - }, - "title": "Authorized Groups", - "uniqueItems": true - }, "method": { "enum": [ "GET", @@ -297,7 +276,7 @@ "label": "Routes", "elements": [ { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n| **Groups** | Security groups allowed to access this route. Leave empty for unrestricted access |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", + "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", "type": "Label", "options": { "format": "markdown" @@ -310,7 +289,7 @@ "label": "Examples", "elements": [ { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\",\n \"groups\": []\n}\n```\n\n### Protected Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\",\n \"groups\": [\"AWS_PlataformaUpstream_Administrador_Desa\"]\n}\n```", + "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", "type": "Label", "options": { "format": "markdown" @@ -373,11 +352,6 @@ "scope": "#/properties/visibility" } ] - }, - { - "type": "Control", - "label": "Groups", - "scope": "#/properties/groups" } ] }, @@ -405,22 +379,6 @@ "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" } }, - "groups": { - "type": "array", - "items": { - "enum": [ - "AWS_PlataformaUpstream_Gestor_Desa", - "AWS_PlataformaUpstream_Programador_Desa", - "AWS_PlataformaUpstream_Pulling_Desa", - "AWS_PlataformaUpstream_Workover_Desa", - "AWS_PlataformaUpstream_Visita_Desa", - "AWS_PlataformaUpstream_Administrador_Desa" - ], - "type": "string" - }, - "title": "Authorized Groups", - "uniqueItems": true - }, "method": { "enum": [ "GET", @@ -517,7 +475,7 @@ "label": "Routes", "elements": [ { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n| **Groups** | Security groups allowed to access this route. Leave empty for unrestricted access |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", + "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", "type": "Label", "options": { "format": "markdown" @@ -530,7 +488,7 @@ "label": "Examples", "elements": [ { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\",\n \"groups\": []\n}\n```\n\n### Protected Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\",\n \"groups\": [\"AWS_PlataformaUpstream_Administrador_Desa\"]\n}\n```", + "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", "type": "Label", "options": { "format": "markdown" @@ -593,11 +551,6 @@ "scope": "#/properties/visibility" } ] - }, - { - "type": "Control", - "label": "Groups", - "scope": "#/properties/groups" } ] }, @@ -631,22 +584,6 @@ "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" } }, - "groups": { - "type": "array", - "items": { - "enum": [ - "AWS_PlataformaUpstream_Gestor_Desa", - "AWS_PlataformaUpstream_Programador_Desa", - "AWS_PlataformaUpstream_Pulling_Desa", - "AWS_PlataformaUpstream_Workover_Desa", - "AWS_PlataformaUpstream_Visita_Desa", - "AWS_PlataformaUpstream_Administrador_Desa" - ], - "type": "string" - }, - "title": "Authorized Groups", - "uniqueItems": true - }, "method": { "enum": [ "GET", @@ -751,7 +688,7 @@ "label": "Routes", "elements": [ { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n| **Groups** | Security groups allowed to access this route. Leave empty for unrestricted access |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", + "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", "type": "Label", "options": { "format": "markdown" @@ -764,7 +701,7 @@ "label": "Examples", "elements": [ { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\",\n \"groups\": []\n}\n```\n\n### Protected Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\",\n \"groups\": [\"AWS_PlataformaUpstream_Administrador_Desa\"]\n}\n```", + "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", "type": "Label", "options": { "format": "markdown" @@ -827,11 +764,6 @@ "scope": "#/properties/visibility" } ] - }, - { - "type": "Control", - "label": "Groups", - "scope": "#/properties/groups" } ] }, @@ -865,22 +797,6 @@ "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" } }, - "groups": { - "type": "array", - "items": { - "enum": [ - "AWS_PlataformaUpstream_Gestor_Desa", - "AWS_PlataformaUpstream_Programador_Desa", - "AWS_PlataformaUpstream_Pulling_Desa", - "AWS_PlataformaUpstream_Workover_Desa", - "AWS_PlataformaUpstream_Visita_Desa", - "AWS_PlataformaUpstream_Administrador_Desa" - ], - "type": "string" - }, - "title": "Authorized Groups", - "uniqueItems": true - }, "method": { "enum": [ "GET", @@ -973,7 +889,7 @@ "label": "Routes", "elements": [ { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n| **Groups** | Security groups allowed to access this route. Leave empty for unrestricted access |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", + "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", "type": "Label", "options": { "format": "markdown" @@ -986,7 +902,7 @@ "label": "Examples", "elements": [ { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\",\n \"groups\": []\n}\n```\n\n### Protected Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\",\n \"groups\": [\"AWS_PlataformaUpstream_Administrador_Desa\"]\n}\n```", + "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", "type": "Label", "options": { "format": "markdown" @@ -1049,11 +965,6 @@ "scope": "#/properties/visibility" } ] - }, - { - "type": "Control", - "label": "Groups", - "scope": "#/properties/groups" } ] }, @@ -1087,22 +998,6 @@ "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" } }, - "groups": { - "type": "array", - "items": { - "enum": [ - "AWS_PlataformaUpstream_Gestor_Desa", - "AWS_PlataformaUpstream_Programador_Desa", - "AWS_PlataformaUpstream_Pulling_Desa", - "AWS_PlataformaUpstream_Workover_Desa", - "AWS_PlataformaUpstream_Visita_Desa", - "AWS_PlataformaUpstream_Administrador_Desa" - ], - "type": "string" - }, - "title": "Authorized Groups", - "uniqueItems": true - }, "method": { "enum": [ "GET", From 486b559f2ae6576258f03228ec65c2520b2b4740 Mon Sep 17 00:00:00 2001 From: Javi Date: Wed, 22 Apr 2026 12:05:35 -0300 Subject: [PATCH 2/2] chore(endpoint-exposer): drop dead action_specifications from service spec The inline `action_specifications` array was ignored by the tofu `service_definition` module, which only reads `attributes`, `use_default_actions`, `selectors`, `available_actions` and `available_links` from the service spec and registers actions from separate `specs/actions/*.json.tpl` files. The ~845-line block was documentation-only noise that suggested custom actions were registered when none were. Lifecycle actions keep coming from `use_default_actions: true`. Co-Authored-By: Claude Opus 4.7 (1M context) --- .../install/specs/service-spec.json.tpl | 847 +----------------- 1 file changed, 1 insertion(+), 846 deletions(-) diff --git a/endpoint-exposer/install/specs/service-spec.json.tpl b/endpoint-exposer/install/specs/service-spec.json.tpl index f436990..d184a61 100644 --- a/endpoint-exposer/install/specs/service-spec.json.tpl +++ b/endpoint-exposer/install/specs/service-spec.json.tpl @@ -212,850 +212,5 @@ "imported": false, "provider": "K8S", "sub_category": "HTTP Routing" - }, - "action_specifications": [ - { - "name": "Read", - "slug": "read", - "type": "custom", - "parameters": { - "schema": { - "type": "object", - "required": [], - "properties": {} - }, - "values": {} - }, - "results": { - "schema": { - "type": "object", - "required": [], - "properties": {} - }, - "values": {} - }, - "icon": "", - "annotations": {}, - "enabled_when": "" - }, - { - "name": "delete Endpoint Exposer", - "slug": "delete-endpoint-exposer", - "type": "delete", - "parameters": { - "schema": { - "type": "object", - "$schema": "http://json-schema.org/draft-07/schema#", - "uiSchema": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Categorization", - "options": { - "collapsable": { - "label": "Documentation", - "collapsed": true - } - }, - "elements": [ - { - "type": "Category", - "label": "Domains", - "elements": [ - { - "text": "### Public Domain\nBase domain for routes exposed to external traffic. Requests matching routes with `visibility: public` will be served through this domain.\n\n### Private Domain\nBase domain for routes accessible only within the internal network. Use this for service-to-service communication.", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Routes", - "elements": [ - { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Examples", - "elements": [ - { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - } - ] - }, - { - "type": "Control", - "scope": "#/properties/environment" - }, - { - "type": "Group", - "label": "Domains", - "elements": [ - { - "type": "Control", - "scope": "#/properties/publicDomain" - }, - { - "type": "Control", - "scope": "#/properties/privateDomain" - } - ] - }, - { - "type": "Group", - "label": "Routes", - "elements": [ - { - "type": "Control", - "scope": "#/properties/routes", - "options": { - "detail": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Control", - "label": "Verb", - "scope": "#/properties/method" - }, - { - "type": "HorizontalLayout", - "elements": [ - { - "type": "Control", - "label": "Path", - "scope": "#/properties/path" - }, - { - "type": "Control", - "label": "Scope", - "scope": "#/properties/scope" - }, - { - "type": "Control", - "label": "Visibility", - "scope": "#/properties/visibility" - } - ] - } - ] - }, - "showSortButtons": true - } - } - ] - } - ] - }, - "properties": { - "routes": { - "type": "array", - "items": { - "type": "object", - "properties": { - "path": { - "type": "string", - "title": "Path" - }, - "scope": { - "type": "string", - "title": "Scope", - "additionalKeywords": { - "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" - } - }, - "method": { - "enum": [ - "GET", - "POST", - "PUT", - "PATCH", - "DELETE", - "HEAD", - "OPTIONS" - ], - "type": "string", - "title": "Verb" - }, - "visibility": { - "enum": [ - "public", - "private" - ], - "type": "string", - "title": "Visibility", - "default": "public" - } - } - }, - "title": "Routes", - "target": "routes" - }, - "environment": { - "type": "string", - "title": "Environment", - "target": "environment", - "additionalKeywords": { - "enum": "[.scopes[]?.dimensions?.environment] | unique | if length == 0 then [\"No environments available\"] else . end" - } - }, - "publicDomain": { - "type": "string", - "title": "Public Domain", - "description": "Base domain for routes with visibility=public. Tenant-specific — provide the FQDN that resolves to the public Istio gateway of the target cluster.", - "target": "publicDomain", - "editableOn": [ - "create", - "update" - ] - }, - "privateDomain": { - "type": "string", - "title": "Private Domain", - "description": "Base domain for routes with visibility=private. Tenant-specific — provide the FQDN that resolves to the private (internal) Istio gateway of the target cluster.", - "target": "privateDomain", - "editableOn": [ - "create", - "update" - ] - } - } - }, - "values": {} - }, - "results": { - "schema": { - "type": "object", - "$schema": "http://json-schema.org/draft-07/schema#", - "required": [ - "publicDomain" - ], - "uiSchema": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Categorization", - "options": { - "collapsable": { - "label": "Documentation", - "collapsed": true - } - }, - "elements": [ - { - "type": "Category", - "label": "Domains", - "elements": [ - { - "text": "### Public Domain\nBase domain for routes exposed to external traffic. Requests matching routes with `visibility: public` will be served through this domain.\n\n### Private Domain\nBase domain for routes accessible only within the internal network. Use this for service-to-service communication.", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Routes", - "elements": [ - { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Examples", - "elements": [ - { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - } - ] - }, - { - "type": "Control", - "scope": "#/properties/environment" - }, - { - "type": "Group", - "label": "Domains", - "elements": [ - { - "type": "Control", - "scope": "#/properties/publicDomain" - }, - { - "type": "Control", - "scope": "#/properties/privateDomain" - } - ] - }, - { - "type": "Group", - "label": "Routes", - "elements": [ - { - "type": "Control", - "scope": "#/properties/routes", - "options": { - "detail": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Control", - "label": "Verb", - "scope": "#/properties/method" - }, - { - "type": "HorizontalLayout", - "elements": [ - { - "type": "Control", - "label": "Path", - "scope": "#/properties/path" - }, - { - "type": "Control", - "label": "Scope", - "scope": "#/properties/scope" - }, - { - "type": "Control", - "label": "Visibility", - "scope": "#/properties/visibility" - } - ] - } - ] - }, - "showSortButtons": true - } - } - ] - } - ] - }, - "properties": { - "routes": { - "type": "array", - "items": { - "type": "object", - "required": [ - "method", - "path", - "scope", - "visibility" - ], - "properties": { - "path": { - "type": "string", - "title": "Path" - }, - "scope": { - "type": "string", - "title": "Scope", - "additionalKeywords": { - "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" - } - }, - "method": { - "enum": [ - "GET", - "POST", - "PUT", - "PATCH", - "DELETE", - "HEAD", - "OPTIONS" - ], - "type": "string", - "title": "Verb" - }, - "visibility": { - "enum": [ - "public", - "private" - ], - "type": "string", - "title": "Visibility", - "default": "public" - } - } - }, - "title": "Routes", - "target": "routes" - }, - "environment": { - "type": "string", - "title": "Environment", - "target": "environment", - "additionalKeywords": { - "enum": "[.scopes[]?.dimensions?.environment] | unique | if length == 0 then [\"No environments available\"] else . end" - } - }, - "publicDomain": { - "type": "string", - "title": "Public Domain", - "description": "Base domain for routes with visibility=public. Tenant-specific — provide the FQDN that resolves to the public Istio gateway of the target cluster.", - "target": "publicDomain", - "editableOn": [ - "create", - "update" - ] - }, - "privateDomain": { - "type": "string", - "title": "Private Domain", - "description": "Base domain for routes with visibility=private. Tenant-specific — provide the FQDN that resolves to the private (internal) Istio gateway of the target cluster.", - "target": "privateDomain", - "editableOn": [ - "create", - "update" - ] - } - } - }, - "values": {} - }, - "icon": "", - "annotations": {}, - "enabled_when": null - }, - { - "name": "create Endpoint Exposer", - "slug": "create-endpoint-exposer", - "type": "create", - "parameters": { - "schema": { - "type": "object", - "$schema": "http://json-schema.org/draft-07/schema#", - "required": [ - "publicDomain" - ], - "uiSchema": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Categorization", - "options": { - "collapsable": { - "label": "Documentation", - "collapsed": true - } - }, - "elements": [ - { - "type": "Category", - "label": "Domains", - "elements": [ - { - "text": "### Public Domain\nBase domain for routes exposed to external traffic. Requests matching routes with `visibility: public` will be served through this domain.\n\n### Private Domain\nBase domain for routes accessible only within the internal network. Use this for service-to-service communication.", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Routes", - "elements": [ - { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Examples", - "elements": [ - { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - } - ] - }, - { - "type": "Control", - "scope": "#/properties/environment" - }, - { - "type": "Group", - "label": "Domains", - "elements": [ - { - "type": "Control", - "scope": "#/properties/publicDomain" - }, - { - "type": "Control", - "scope": "#/properties/privateDomain" - } - ] - }, - { - "type": "Group", - "label": "Routes", - "elements": [ - { - "type": "Control", - "scope": "#/properties/routes", - "options": { - "detail": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Control", - "label": "Verb", - "scope": "#/properties/method" - }, - { - "type": "HorizontalLayout", - "elements": [ - { - "type": "Control", - "label": "Path", - "scope": "#/properties/path" - }, - { - "type": "Control", - "label": "Scope", - "scope": "#/properties/scope" - }, - { - "type": "Control", - "label": "Visibility", - "scope": "#/properties/visibility" - } - ] - } - ] - }, - "showSortButtons": true - } - } - ] - } - ] - }, - "properties": { - "routes": { - "type": "array", - "items": { - "type": "object", - "required": [ - "method", - "path", - "scope", - "visibility" - ], - "properties": { - "path": { - "type": "string", - "title": "Path" - }, - "scope": { - "type": "string", - "title": "Scope", - "additionalKeywords": { - "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" - } - }, - "method": { - "enum": [ - "GET", - "POST", - "PUT", - "PATCH", - "DELETE", - "HEAD", - "OPTIONS" - ], - "type": "string", - "title": "Verb" - }, - "visibility": { - "enum": [ - "public", - "private" - ], - "type": "string", - "title": "Visibility", - "default": "public" - } - } - }, - "title": "Routes" - }, - "environment": { - "type": "string", - "title": "Environment", - "additionalKeywords": { - "enum": "[.scopes[]?.dimensions?.environment] | unique | if length == 0 then [\"No environments available\"] else . end" - } - }, - "publicDomain": { - "type": "string", - "title": "Public Domain", - "description": "Base domain for routes with visibility=public. Tenant-specific — provide the FQDN that resolves to the public Istio gateway of the target cluster.", - "editableOn": [ - "create", - "update" - ] - }, - "privateDomain": { - "type": "string", - "title": "Private Domain", - "description": "Base domain for routes with visibility=private. Tenant-specific — provide the FQDN that resolves to the private (internal) Istio gateway of the target cluster.", - "editableOn": [ - "create", - "update" - ] - } - } - }, - "values": {} - }, - "results": { - "schema": { - "type": "object", - "$schema": "http://json-schema.org/draft-07/schema#", - "required": [ - "publicDomain" - ], - "uiSchema": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Categorization", - "options": { - "collapsable": { - "label": "Documentation", - "collapsed": true - } - }, - "elements": [ - { - "type": "Category", - "label": "Domains", - "elements": [ - { - "text": "### Public Domain\nBase domain for routes exposed to external traffic. Requests matching routes with `visibility: public` will be served through this domain.\n\n### Private Domain\nBase domain for routes accessible only within the internal network. Use this for service-to-service communication.", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Routes", - "elements": [ - { - "text": "### Route Configuration\nDefine how incoming requests are matched and forwarded to backend services.\n\n| Field | Description |\n|-------|-------------|\n| **Verb** | HTTP method to match (GET, POST, PUT, etc.) |\n| **Path** | URL path pattern. See *Path Types* below |\n| **Scope** | Target service that will handle the request |\n| **Visibility** | `public` (external) or `private` (internal network only) |\n\n### Path Types\n| Type | Example | Description |\n|------|---------|-------------|\n| **Exact** | `/api/users` | Matches the exact path only |\n| **Parameterized** | `/api/users/{id}` | Matches path with dynamic segments |\n| **Wildcard** | `/api/users/*` | Matches any path starting with the prefix |", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - }, - { - "type": "Category", - "label": "Examples", - "elements": [ - { - "text": "### Public API Route\n```json\n{\n \"method\": \"GET\",\n \"path\": \"/api/v1/wells\",\n \"scope\": \"wells-service\",\n \"visibility\": \"public\"\n}\n```\n\n### Private Internal Route\n```json\n{\n \"method\": \"POST\",\n \"path\": \"/internal/sync\",\n \"scope\": \"sync-service\",\n \"visibility\": \"private\"\n}\n```", - "type": "Label", - "options": { - "format": "markdown" - } - } - ] - } - ] - }, - { - "type": "Control", - "scope": "#/properties/environment" - }, - { - "type": "Group", - "label": "Domains", - "elements": [ - { - "type": "Control", - "scope": "#/properties/publicDomain" - }, - { - "type": "Control", - "scope": "#/properties/privateDomain" - } - ] - }, - { - "type": "Group", - "label": "Routes", - "elements": [ - { - "type": "Control", - "scope": "#/properties/routes", - "options": { - "detail": { - "type": "VerticalLayout", - "elements": [ - { - "type": "Control", - "label": "Verb", - "scope": "#/properties/method" - }, - { - "type": "HorizontalLayout", - "elements": [ - { - "type": "Control", - "label": "Path", - "scope": "#/properties/path" - }, - { - "type": "Control", - "label": "Scope", - "scope": "#/properties/scope" - }, - { - "type": "Control", - "label": "Visibility", - "scope": "#/properties/visibility" - } - ] - } - ] - }, - "showSortButtons": true - } - } - ] - } - ] - }, - "properties": { - "routes": { - "type": "array", - "items": { - "type": "object", - "required": [ - "method", - "path", - "scope", - "visibility" - ], - "properties": { - "path": { - "type": "string", - "title": "Path" - }, - "scope": { - "type": "string", - "title": "Scope", - "additionalKeywords": { - "enum": "[.scopes[]?.slug] | if length == 0 then [\"No scopes available for selected environment\"] else . end" - } - }, - "method": { - "enum": [ - "GET", - "POST", - "PUT", - "PATCH", - "DELETE", - "HEAD", - "OPTIONS" - ], - "type": "string", - "title": "Verb" - }, - "visibility": { - "enum": [ - "public", - "private" - ], - "type": "string", - "title": "Visibility", - "default": "public" - } - } - }, - "title": "Routes" - }, - "environment": { - "type": "string", - "title": "Environment", - "additionalKeywords": { - "enum": "[.scopes[]?.dimensions?.environment] | unique | if length == 0 then [\"No environments available\"] else . end" - } - }, - "publicDomain": { - "type": "string", - "title": "Public Domain", - "description": "Base domain for routes with visibility=public. Tenant-specific — provide the FQDN that resolves to the public Istio gateway of the target cluster.", - "editableOn": [ - "create", - "update" - ] - }, - "privateDomain": { - "type": "string", - "title": "Private Domain", - "description": "Base domain for routes with visibility=private. Tenant-specific — provide the FQDN that resolves to the private (internal) Istio gateway of the target cluster.", - "editableOn": [ - "create", - "update" - ] - } - } - }, - "values": {} - }, - "icon": "", - "annotations": {}, - "enabled_when": null - } - ] + } }