Merge pull request 'feat: Add initial Tenant traits and data structures' (#43) from feat/tenant into master

Reviewed-on: https://git.nationtech.io/NationTech/harmony/pulls/43
2025-05-29 15:51:33 +00:00 · 2025-05-29 15:51:33 +00:00 · e7917843bc
commit e7917843bc
parent 270dd49567 7cd541bdd8
6 changed files with 121 additions and 10 deletions
--- a/harmony/src/domain/data/id.rs
+++ b/harmony/src/domain/data/id.rs
@ -1,6 +1,6 @@
 use serde::{Deserialize, Serialize};

-#[derive(Debug, Clone, Serialize, Deserialize)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
 pub struct Id {
    value: String,
 }
--- a/harmony/src/domain/topology/load_balancer.rs
+++ b/harmony/src/domain/topology/load_balancer.rs
@ -7,6 +7,12 @@ use serde::Serialize;
 use super::{IpAddress, LogicalHost};
 use crate::executors::ExecutorError;

+impl std::fmt::Debug for dyn LoadBalancer {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_fmt(format_args!("LoadBalancer {}", self.get_ip()))
+    }
+}
+
 #[async_trait]
 pub trait LoadBalancer: Send + Sync {
    fn get_ip(&self) -> IpAddress;
@ -32,11 +38,6 @@ pub trait LoadBalancer: Send + Sync {
    }
 }

-impl std::fmt::Debug for dyn LoadBalancer {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        f.write_fmt(format_args!("LoadBalancer {}", self.get_ip()))
-    }
-}
 #[derive(Debug, PartialEq, Clone, Serialize)]
 pub struct LoadBalancerService {
    pub backend_servers: Vec<BackendServer>,
--- a/harmony/src/domain/topology/mod.rs
+++ b/harmony/src/domain/topology/mod.rs
@ -3,6 +3,7 @@ mod host_binding;
 mod http;
 mod k8s_anywhere;
 mod localhost;
+pub mod tenant;
 pub use k8s_anywhere::*;
 pub use localhost::*;
 pub mod k8s;
--- a/harmony/src/domain/topology/tenant/manager.rs
+++ b/harmony/src/domain/topology/tenant/manager.rs
@ -0,0 +1,46 @@
+use super::*;
+use async_trait::async_trait;
+
+use crate::executors::ExecutorError;
+
+#[async_trait]
+pub trait TenantManager: Send + Sync + std::fmt::Debug {
+    /// Provisions a new tenant based on the provided configuration.
+    /// This operation should be idempotent; if a tenant with the same `config.name`
+    /// already exists and matches the config, it will succeed without changes.
+    /// If it exists but differs, it will be updated, or return an error if the update
+    /// action is not supported
+    ///
+    /// # Arguments
+    /// * `config`: The desired configuration for the new tenant.
+    async fn provision_tenant(&self, config: &TenantConfig) -> Result<(), ExecutorError>;
+
+    /// Updates the resource limits for an existing tenant.
+    ///
+    /// # Arguments
+    /// * `tenant_name`: The logical name of the tenant to update.
+    /// * `new_limits`: The new set of resource limits to apply.
+    async fn update_tenant_resource_limits(
+        &self,
+        tenant_name: &str,
+        new_limits: &ResourceLimits,
+    ) -> Result<(), ExecutorError>;
+
+    /// Updates the high-level network isolation policy for an existing tenant.
+    ///
+    /// # Arguments
+    /// * `tenant_name`: The logical name of the tenant to update.
+    /// * `new_policy`: The new network policy to apply.
+    async fn update_tenant_network_policy(
+        &self,
+        tenant_name: &str,
+        new_policy: &TenantNetworkPolicy,
+    ) -> Result<(), ExecutorError>;
+
+    /// Decommissions an existing tenant, removing its isolated context and associated resources.
+    /// This operation should be idempotent.
+    ///
+    /// # Arguments
+    /// * `tenant_name`: The logical name of the tenant to deprovision.
+    async fn deprovision_tenant(&self, tenant_name: &str) -> Result<(), ExecutorError>;
+}
--- a/harmony/src/domain/topology/tenant/mod.rs
+++ b/harmony/src/domain/topology/tenant/mod.rs
@ -0,0 +1,66 @@
+mod manager;
+pub use manager::*;
+use serde::{Deserialize, Serialize};
+
+use std::collections::HashMap;
+
+use crate::data::Id;
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)] // Assuming serde for Scores
+pub struct TenantConfig {
+    /// This will be used as the primary unique identifier for management operations and will never
+    /// change for the entire lifetime of the tenant
+    pub id: Id,
+
+    /// A human-readable name for the tenant (e.g., "client-alpha", "project-phoenix").
+    pub name: String,
+
+    /// Desired resource allocations and limits for the tenant.
+    pub resource_limits: ResourceLimits,
+
+    /// High-level network isolation policies for the tenant.
+    pub network_policy: TenantNetworkPolicy,
+
+    /// Key-value pairs for provider-specific tagging, labeling, or metadata.
+    /// Useful for billing, organization, or filtering within the provider's console.
+    pub labels_or_tags: HashMap<String, String>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default)]
+pub struct ResourceLimits {
+    /// Requested/guaranteed CPU cores (e.g., 2.0).
+    pub cpu_request_cores: Option<f32>,
+    /// Maximum CPU cores the tenant can burst to (e.g., 4.0).
+    pub cpu_limit_cores: Option<f32>,
+
+    /// Requested/guaranteed memory in Gigabytes (e.g., 8.0).
+    pub memory_request_gb: Option<f32>,
+    /// Maximum memory in Gigabytes tenant can burst to (e.g., 16.0).
+    pub memory_limit_gb: Option<f32>,
+
+    /// Total persistent storage allocation in Gigabytes across all volumes.
+    pub storage_total_gb: Option<f32>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct TenantNetworkPolicy {
+    /// Policy for ingress traffic originating from other tenants within the same Harmony-managed environment.
+    pub default_inter_tenant_ingress: InterTenantIngressPolicy,
+
+    /// Policy for egress traffic destined for the public internet.
+    pub default_internet_egress: InternetEgressPolicy,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub enum InterTenantIngressPolicy {
+    /// Deny all traffic from other tenants by default.
+    DenyAll,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub enum InternetEgressPolicy {
+    /// Allow all outbound traffic to the internet.
+    AllowAll,
+    /// Deny all outbound traffic to the internet by default.
+    DenyAll,
+}
--- a/harmony/src/modules/helm/command.rs
+++ b/harmony/src/modules/helm/command.rs
@ -1,12 +1,9 @@
 use async_trait::async_trait;
 use log::debug;
-use non_blank_string_rs::NonBlankString;
 use serde::Serialize;
 use std::collections::HashMap;
-use std::env::temp_dir;
-use std::ffi::OsStr;
 use std::io::ErrorKind;
-use std::path::{Path, PathBuf};
+use std::path::PathBuf;
 use std::process::{Command, Output};
 use temp_dir::{self, TempDir};
 use temp_file::TempFile;