Skip to content

Module contract

Status: Draft
Version: 0.1

1. Identity

  • module_id: platform/onprem/postgresql-dr-source
  • epoch: 2026E
  • lifecycle: deploy | destroy | status
  • maturity: planned

2. Purpose

  • outcome:
  • Prepare an on-prem PostgreSQL HA source for managed-DR replication or controlled export by publishing the normalized source contract required by downstream managed DR workflows.
  • non-goals:
  • MUST NOT provision cloud database targets.
  • MUST NOT promote or fail over workloads.
  • MUST NOT replace the standard pgBackRest backup configuration path.

3. Inputs

3.1 Required inputs

  • inventory_state_ref or equivalent source cluster contract
  • dr_mode
  • source database/role selection
  • allowed consumer CIDRs or managed service access boundaries

3.2 Optional inputs

  • replication user contract
  • logical replication settings
  • export-mode settings
  • SSH/proxy inputs for source access

3.3 Input resolution

  • Source cluster identity SHOULD be consumed from platform/onprem/postgresql-ha state.
  • Secrets MUST be supplied through HyOps vault/env keys.

4. Dependencies

4.1 Init targets

  • on-prem connectivity target(s) required by the execution model

4.2 Drivers

  • config/ansible

4.3 External dependencies

  • reachable on-prem PostgreSQL leader
  • destination-specific replication or export requirements

5. Outputs

5.1 Produced outputs

  • normalized source endpoint contract
  • source readiness flags
  • replication/export posture flags
  • evidence of required source-side configuration

5.2 Evidence

Minimum evidence set:

  • source identity
  • resolved inputs (redacted)
  • source checks and reachability evidence
  • published normalized source contract

6. Failure semantics

  • MUST fail fast if source cluster state is absent or not ready
  • MUST fail clearly if source write topology is ambiguous
  • MUST distinguish between connectivity failure and source configuration failure

7. Security

  • MUST NOT emit source credentials in outputs
  • MUST restrict published outputs to normalized non-secret connection metadata
  • MUST require explicit allowlist configuration where source exposure is needed

8. Compatibility

  • MUST remain compatible with the standard platform/onprem/postgresql-ha state contract or explicitly version any divergence

9. Change control

Breaking changes require an updated module contract and compatibility notes.