cameleer/cameleer-saas
1
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity

Epic: Tenant Provisioning & Lifecycle #3

New Issue
Open
opened 2026-03-29 23:16:46 +02:00 by claude · 1 comment
claude commented 2026-03-29 23:16:46 +02:00
Owner
Copy Link

Overview

Automated tenant provisioning pipeline. Docker deployments have 1 pre-configured tenant. K8s deployments get full automated provisioning.

Architecture decision (2026-04-04): Docker-first. Application is always multi-tenant (Docker = 1 tenant). K8s provisioning (Flux HelmRelease, namespaces, NetworkPolicies) deferred to Phase 5. Docker provisioning is simple: create tenant record + Logto org. See docs/superpowers/specs/2026-04-04-dual-deployment-architecture.md.

Provisioning by Deployment Mode

Docker Compose (Phase 2)

  1. Create tenant record in platform DB
  2. Create Logto organization via Management API
  3. Generate Ed25519-signed license token
  4. Tenant status → ACTIVE
  5. (Single cameleer3-server instance, shared)

Kubernetes (Phase 5)

  1. All Docker steps, plus:
  2. Generate Flux HelmRelease CR
  3. Flux reconciles: namespace, ResourceQuota, NetworkPolicies, cameleer3-server
  4. Provision per-tenant ClickHouse partitioning
  5. Health check: server up, data flowing
  6. Generate bootstrap tokens, present onboarding

Tenant Lifecycle

  • PROVISIONINGACTIVESUSPENDEDDELETED
  • Suspend: stop customer app containers, retain data
  • Delete: remove containers, archive data per retention policy

Implemented In

  • Phase 2 (#24 — Tenant CRUD + Logto org, Docker provisioning)
  • Phase 5 (#25 — K8s namespace provisioning, Flux, NetworkPolicies)
## Overview Automated tenant provisioning pipeline. Docker deployments have 1 pre-configured tenant. K8s deployments get full automated provisioning. > **Architecture decision (2026-04-04):** Docker-first. Application is always multi-tenant (Docker = 1 tenant). K8s provisioning (Flux HelmRelease, namespaces, NetworkPolicies) deferred to Phase 5. Docker provisioning is simple: create tenant record + Logto org. See `docs/superpowers/specs/2026-04-04-dual-deployment-architecture.md`. ## Provisioning by Deployment Mode ### Docker Compose (Phase 2) 1. Create tenant record in platform DB 2. Create Logto organization via Management API 3. Generate Ed25519-signed license token 4. Tenant status → ACTIVE 5. (Single cameleer3-server instance, shared) ### Kubernetes (Phase 5) 1. All Docker steps, plus: 2. Generate Flux HelmRelease CR 3. Flux reconciles: namespace, ResourceQuota, NetworkPolicies, cameleer3-server 4. Provision per-tenant ClickHouse partitioning 5. Health check: server up, data flowing 6. Generate bootstrap tokens, present onboarding ## Tenant Lifecycle - **PROVISIONING** → **ACTIVE** → **SUSPENDED** → **DELETED** - Suspend: stop customer app containers, retain data - Delete: remove containers, archive data per retention policy ## Implemented In - Phase 2 (#24 — Tenant CRUD + Logto org, Docker provisioning) - Phase 5 (#25 — K8s namespace provisioning, Flux, NetworkPolicies)
claude added the epicinfra labels 2026-03-29 23:17:58 +02:00
claude commented 2026-04-07 12:31:23 +02:00
Author
Owner
Copy Link

Status Update (2026-04-07)

Bootstrap tenant provisioning works:

  • logto-bootstrap.sh creates Logto organization + assigns users with org roles
  • BootstrapDataSeeder.java creates DB tenant, default environment, license
  • TenantService.create() calls LogtoManagementClient.createOrganization()
  • POST /api/tenants endpoint exists with @PreAuthorize("SCOPE_platform:admin")

Remaining:

  • Self-service tenant creation UI (admin page is read-only)
  • Tenant suspension/deletion UI
  • Tenant settings (custom domains, branding)
  • Multi-tenant org switcher in frontend
## Status Update (2026-04-07) ### Bootstrap tenant provisioning works: - `logto-bootstrap.sh` creates Logto organization + assigns users with org roles - `BootstrapDataSeeder.java` creates DB tenant, default environment, license - `TenantService.create()` calls `LogtoManagementClient.createOrganization()` - `POST /api/tenants` endpoint exists with `@PreAuthorize("SCOPE_platform:admin")` ### Remaining: - Self-service tenant creation UI (admin page is read-only) - Tenant suspension/deletion UI - Tenant settings (custom domains, branding) - Multi-tenant org switcher in frontend
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
auth
Identity, authentication, OIDC, RBAC
 billing
Billing, metering, and Stripe integration
 day-1
Required for initial launch
 epic
Top-level epic grouping related issues
 future
Planned for future release
 infra
Infrastructure, GitOps, K8s orchestration
 licensing
License module and feature gating
 networking
Network isolation, VPN, tenant separation
 observability
Observability integration (cameleer3-server)
 ops
Platform operations and self-monitoring
 phase-1
Phase 1: Foundation + Auth
 phase-2
Phase 2: Tenants + Licensing
 phase-3
Phase 3: Runtime Orchestration + Environments
 phase-4
Phase 4: Observability Pipeline + Inbound Routing
 phase-5
Phase 5: K8s Operational Layer
 phase-6
Phase 6: Billing + Metering
 phase-7
Phase 7: Billing + Metering
 phase-8
Phase 8: Security Hardening + Self-Monitoring
 phase-9
Phase 9: Frontend (React Shell)
 platform
SaaS management platform
 runtime
Camel application runtime
 secrets
Secrets management and vault integration
 security
Security, compliance, SOC 2, audit
 task
Implementation task within a phase
No Label epic infra
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claude
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: cameleer/cameleer-saas#3
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?