Skip to content

feat: port entity schema to gen-schema#563

Draft
sini wants to merge 33 commits into
denful:mainfrom
sini:feat/entity-gen-schema-port
Draft

feat: port entity schema to gen-schema#563
sini wants to merge 33 commits into
denful:mainfrom
sini:feat/entity-gen-schema-port

Conversation

@sini

@sini sini commented May 21, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Replace hand-rolled schemaEntryType in options.nix with gen-schema's mkSchemaOption (sidecars: includes, excludes; computed: isEntity)
  • Add flat-form entity declarations alongside legacy two-level form for both hosts and homes
  • Wire _topology and _meta introspection from gen-schema
  • Extract resolvedCtxModule to shared _types.nix for reuse across entity types

Details

Schema port: den.schema now uses gen-schema's mkSchemaEntryType which provides sidecar extraction, computed fields, and __functor wrapping. The resolvedCtxModule (id_hash, resolved, collisionPolicy) is extracted to _types.nix and injected into entity submodule imports.

Flat form: Both den.hosts and den.homes now accept flat declarations:

den.hosts.igloo = { system = "x86_64-linux"; users.tux = { }; };
den.homes."tux@igloo" = { system = "x86_64-linux"; };

A deepMergeAttrs custom type accepts both forms, and apply preprocesses flat entries into the canonical two-level shape via preprocessHosts. All 6 consumers see the unchanged { system.name = entity } shape.

Tests: 18 new tests (843 total, up from 825) covering flat hosts, flat homes, id_hash, freeform attrs, topology, meta introspection, isEntity computed, and schema sidecars.

Test plan

  • All 843 CI tests pass (nix develop -c just ci)
  • Flat host form produces correct two-level shape
  • Flat home form with @-name parsing works
  • Mixed flat + legacy forms coexist
  • Cross-entity host lookup from homes preserved
  • Existing templates (default, minimal, example) unaffected

@github-actions github-actions Bot added the allow-ci allow all CI integration tests label May 21, 2026
@sini sini force-pushed the feat/entity-gen-schema-port branch from 6574fac to a370d30 Compare May 21, 2026 22:37
@sini sini force-pushed the feat/entity-gen-schema-port branch 6 times, most recently from 407bd03 to 56bbc59 Compare June 2, 2026 19:51
sini added 22 commits June 5, 2026 12:14
@sini
refactor: remove diag library, add den-gram input, expose capture
936b674
@sini
test: update diag tests for den-gram extraction
e029cd9
@sini
refactor: migrate diagram-demo and fleet-demo to den-gram
903a631
@sini
refactor: move diagram tests to den-gram, keep capture tests
72e521c
@sini
rename: den-gram → den-diagram
3bbd13b
@sini
docs: update CLAUDE.md for den-diagram extraction
5bc3889
@sini
fix: treefmt exclude CLAUDE.md, fix markdown list spacing
0d3077d
@sini
fix: update den-diagram references to denful org
336200c
@sini
docs: remove accidentally commited specs
30c754b
@sini
docs: update diagram references for den-diagram extraction
4d3daaf
@sini
refactor: rename gram to diagram across API
9dc137e
@sini
chore: lock den-diagram input in templates
8c5f249
@sini
refactor: rename inherit_ to inherit' in scope ancestry walker
8e348db
@sini
refactor(templates): use projectScope for per-entity diagram views
2e6dab3 
Replace standalone captureWithPathsWith + resolveEntity captures with
diagram.projectScope which projects the fleet capture onto scope
subtrees. One fleet pipeline run, N projections — more accurate (sees
full policy resolution) and more performant.

Both fleet-demo and diagram-demo updated. Pin den-diagram to
feat/fleet-subtree-context.
@sini
chore: pin templates den-diagram to main (projectScope merged)
0ae9277
@sini
chore: fix formatting on upstream README.md
bcf8833
@sini
docs: update flake-aspects spec to reflect Palmer flat typing impleme…
af0ffe1 
…ntation
@sini
feat: add gen-schema flake input to CI template
2affca3
@sini
feat: port den.schema to gen-schema mkSchemaOption
e6824de 
Replaces hand-rolled schemaEntryType with gen-schema mkSchemaOption.
Sidecars: includes, excludes. Computed: isEntity (structural content only).
Extracts resolvedCtxModule (id_hash, resolved, collisionPolicy) to
_types.nix for entity type reuse. collisionPolicy flows through deferred
module merge to entity instances (not a sidecar) preserving existing
ctx.host.collisionPolicy resolution path.
@sini
feat: support flat host declarations alongside legacy two-level form
c8dd6a6 
den.hosts now accepts both forms:
  - Legacy: den.hosts.x86_64-linux.igloo = { ... }
  - Flat:   den.hosts.igloo = { system = "x86_64-linux"; ... }

The outer option type uses a permissive submodule with deepMergeAttrs
freeformType (lib.recursiveUpdate-based merge that avoids the infinite
recursion lib.types.anything causes with cross-option references).
The apply function preprocesses flat entries into two-level form and
re-evaluates through the original attrsOf systemType, so all 6
consumers see the canonical { system.name = hostConfig } shape.
@sini
feat: port den.homes to support flat and legacy two-level forms
a4d7185 
Same pattern as den.hosts: deepMergeAttrs + preprocessHosts + apply.
Cross-entity host lookup and osConfig injection preserved.
@sini
test: add entity gen-schema port tests
e4a5925 
Covers: id_hash, freeform, topology, meta introspection,
isEntity computed, schema includes sidecar.
sini added 11 commits June 5, 2026 12:30
@sini
chore: rename den-schema to gen-schema
4bd8845 
Update flake inputs and references to match the renamed repo
at github:sini/gen-schema.
@sini
feat: isEntity as settable sidecar with computed fallback
9b4b04b
@sini
feat: update gen-schema, add parent sidecars for user/home, fix compu…
6b8a579 
…ted signature
@sini
feat: reserve 'settings' as structural key on aspects
a4c4640
@sini
feat: den.reservedKeys — user-extensible structural keys for aspects
cc3d95f
@sini
fix: update for gen-schema collections rename and nix-effects v0.12
2576eb8 
gen-schema flattened _meta into _-prefixed options and renamed
sidecars → collections. nix-effects changed bindAttrs so true is a
literal param, not an optionality marker — translate __args values
to fx.bind.optionalArg before bind.fn.
@sini
chore: update gen-schema
2a8cae7
@sini
chore: update flake.lock
da7cb0e
@sini
chore: update flake.lock
ba7f70d
@sini
feat(aspects): add entity.aspects accessor for resolved nodes
c8c3215 
Expose entity.aspects alongside entity.hasAspect: the flat list of all resolved aspect nodes (every depth), each the resolved node augmented with .identity (base FQN, ctx-stripped), .identityKey (full unique key incl {ctxId}), and .isNamed. Excludes the entity root and tombstoned/excluded aspects; anonymous nodes are included so callers can surface them.

One fxFullResolve per class now yields both the membership pathSet (hasAspect) and a parallel resolvedNodes state map, so the accessor adds no extra resolution beyond what hasAspect already pays. Nodes are stored behind the existing state thunk, preserving deepSeq-safety (class-content bodies are never forced by state deepSeq; reading .aspects forces only name/meta/identity).

isNamed inspects the full identity, not just the node name: isMeaningfulName misses nested anonymous instances like roles/dev/<anon>:3 (whose name slips past the exact-<anon> check), so consumers (e.g. colmena tags) can filter cleanly on .isNamed.

Adds Group K has-aspect tests: flat coverage across depths, exclude-aware, entity-root excluded, anonymous exposure, nested identity distinctness, and the named-have-clean-identity invariant.
@sini
feat(policy): add self guard — fire once at the registration scope
1b56211 
A policy's destructured args double as a dispatch guard: `{ <kind>, ... }:`
fans the policy across every entity of that kind. There was no way to say
"fire once at my own scope, don't fan" — and naming the scope's own kind
doesn't work when that kind isn't bound in the scope's ctx. A flake-scope
resolution policy is the motivating case: `{ flake, ... }:` fails
resolveArgsSatisfied (flake isn't in its own ctx), so the policy silently
never fires — which is exactly how a stale `{ flake-system, ... }:` on
to-fleet broke the fleet→env→cluster cascade.

Add `self`: always bound in the dispatch ctx (to the scope's own context), so
`{ self, ... }:` is satisfiable and callable at any scope, and excluded from
the late-sibling fan so it fires only at its registration scope.

- dispatch.nix: inject `self` at the single dispatch chokepoint, used for both
  resolveArgsSatisfied and the policy call. Backwards compatible — existing
  policies use `...` and ignore the extra key.
- policy/schema.nix: drop `self`-guarded policies from the late-dispatch
  fan-out so they fire once, at their own scope.

`self` is the right guard for resolution policies (to-fleet, fleet-to-envs, …)
that create children and must fire once; `{ <kind>, ... }:` stays the tool for
genuine fan-out.

Tests (self-guard): self fires at its registration scope (host OS config set);
a host-registered self policy does not fan to user children, whereas
`{ user, ... }:` fans to each.
@sini sini force-pushed the feat/entity-gen-schema-port branch from b2bcfd4 to 1b56211 Compare June 5, 2026 19:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vic vic Awaiting requested review from vic vic will be requested when the pull request is marked ready for review vic is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

allow-ci allow all CI integration tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sini