3a34969a2f
Customer-side decommission UI + PDM release endpoints + Catalyst-Zero
redirect to console.<sovereign-fqdn> once handover is finalised.
Anti-duplication map (canonical seams reused, NOT duplicated):
- catalyst-api wipe.go: existing wipe endpoint already drives PDM
release + Hetzner purge + tofu destroy + local cleanup. The new
DecommissionPage POSTs to the same endpoint with an optional
backup-destination payload.
- PDM Allocator.Release: child zone delete + parent-zone NS revert
+ allocation row delete already idempotent. The new sovereign-side
POST /api/v1/release is a thin FQDN-shaped wrapper that splits at
the first dot and delegates to Allocator.Release.
- The orphan force-release path adds gates (X-Force-Release-Confirm
header, 30-day grace, DNS-NXDOMAIN check) on top of the same seam.
Scope contract with #317 (handover finalisation): NOT touching
internal/handler/handover.go. AdoptedAt is a new contract field on
Deployment + store.Record that the redirect helper consumes; future
#317 enhancement will populate it before deletion.
Files:
core/pool-domain-manager/internal/handler/release.go (NEW)
core/pool-domain-manager/internal/handler/release_test.go (NEW)
core/pool-domain-manager/internal/handler/handler.go (route wiring)
products/catalyst/bootstrap/api/internal/handler/deployments.go (AdoptedAt field + State()/toRecord/fromRecord)
products/catalyst/bootstrap/api/internal/handler/deployments_adopted_test.go (NEW)
products/catalyst/bootstrap/api/internal/store/store.go (AdoptedAt persistence)
products/catalyst/bootstrap/ui/src/pages/sovereign/DecommissionPage.tsx (NEW)
products/catalyst/bootstrap/ui/src/pages/sovereign/DecommissionPage.test.tsx (NEW)
products/catalyst/bootstrap/ui/src/pages/sovereign/Dashboard.tsx (Decommission link)
products/catalyst/bootstrap/ui/src/app/router.tsx (redirect + decom route)
docs/omantel-handover-wbs.md (T319 → done)
Tests: 13 new Go test cases + 5 new vitest cases all green. catalyst-
api + PDM full suites pass. Live execution against omantel deferred to
Phase 8 per ticket scope (no Dynadot/Hetzner exec here).
Co-authored-by: hatiyildiz <hatiyildiz@noreply.github.com>
|
||
|---|---|---|
| .. | ||
| admin | ||
| cmd/cert-manager-dynadot-webhook | ||
| console | ||
| marketplace | ||
| marketplace-api | ||
| pkg/dynadot-client | ||
| pool-domain-manager | ||
| services | ||
| README.md | ||
Catalyst Control Plane (core/)
The user-facing Catalyst control plane modules. Status: Consolidated and deployed on Catalyst-Zero (Contabo k3s) as of Pass 105 (2026-04-28).
Read first:
docs/PROVISIONING-PLAN.md,docs/GLOSSARY.md,docs/ARCHITECTURE.md,docs/IMPLEMENTATION-STATUS.md.
What this is
The four modules that constitute the Catalyst control plane's user-facing surface, plus the Go backend they share. Each is its own Containerfile-built workload, deployed on every Catalyst Sovereign (starting with Catalyst-Zero on Contabo, and on every franchised Sovereign provisioned thereafter).
| Module | Stack | Purpose | Deployed image |
|---|---|---|---|
console/ |
Astro + Svelte | Primary user-facing UI. Form / Advanced / IaC editor depths. The Sovereign-provisioning wizard at /sovereign (Phase 3) lives here. |
ghcr.io/openova-io/openova/console:<sha> |
admin/ |
Astro + Svelte | Sovereign-admin operations UI. Includes the canonical voucher / billing / catalog / orders / tenants admin surface that sovereign-admin uses to issue vouchers to franchised tenants. | ghcr.io/openova-io/openova/admin:<sha> |
marketplace/ |
Astro + Svelte | Public-facing Blueprint card grid (the "App Store"). 5-step Plan → Apps → Addons → Checkout → Review flow. |
ghcr.io/openova-io/openova/marketplace:<sha> |
marketplace-api/ |
Go | Backend API for marketplace and console. Handlers (handlers/), provisioner (provisioner/), store (store/). Phase 4 extends this with full Hetzner provisioning. |
ghcr.io/openova-io/openova/marketplace-api:<sha> |
The Helm chart that deploys all four (plus catalyst-ui, catalyst-api, and the legacy SME backend services) lives at products/catalyst/chart/.
CI / Build
Each module has a corresponding GitHub Actions workflow:
.github/workflows/console-build.yaml.github/workflows/admin-build.yaml.github/workflows/marketplace-build.yaml.github/workflows/marketplace-api-build.yaml.github/workflows/catalyst-build.yaml— coversproducts/catalyst/bootstrap/{ui,api}/(the React SPA + Go bootstrap API)
Each workflow watches its module path, builds the Containerfile, pushes to GHCR with a SHA tag, and pins the SHA into the corresponding manifest in products/catalyst/chart/templates/ (so Flux on Catalyst-Zero picks up the new image on the next reconciliation).
Migration history
- Pass 105 (2026-04-28):
console/,admin/,marketplace/consolidated fromopenova-private/apps/{console,admin,marketplace}/into this directory.marketplace-api/consolidated fromopenova-private/website/marketplace-api/. Six CI workflows migrated to.github/workflows/of the public repo. Catalyst-Zero K8s manifests migrated fromopenova-private/clusters/contabo-mkt/apps/{catalyst,sme/services,marketplace-api}/intoproducts/catalyst/chart/templates/. Image references updated fromghcr.io/openova-io/openova-private/sme-{admin,console,marketplace}toghcr.io/openova-io/openova/{admin,console,marketplace}. The 8 legacy SME backend services (auth,billing,catalog,domain,gateway,notification,provisioning,tenant) keep theiropenova-private/sme-*image refs until their source code migrates in a follow-up phase.
Part of OpenOva