01-Product / 01.08.CNF-Features

01.08.CNF Features

01.08. CNF Features

This document outlines the core features and functionalities of the bnc-cpt-cnf (Configuration) project.

Configuration Pipeline

• Single Source of Truth: Centralized management of all application and infrastructure settings via YAML (*.env.yaml).
• YAML to JSON Conversion: Automated generation of intermediate JSON artifacts for template processing.
• Dynamic Template Rendering: Uses Jinja2 (tpl-gen) to transform configuration into technical output:
• .tfvars: Environment-specific variables for Terraform.
• .backend-config: GCS state bucket configurations.
• config.py: Type-safe application settings.

Environment & Release Management

• Environment Parity: Standardized configuration structure across dev, tst, prd, and inf.
• Environment Inheritance: Shared variables managed in all.env.yaml to reduce redundancy.
• Manual Release Triggers: (New) Implementation of workflow_dispatch patterns in CI/CD to gate deployments to tst and prd.

Sensitive Data & Secret Management

• Secret Metadata Containers: Terraform-driven creation of Secret Manager entries (metadata-only).
• External Secret Source: Integration with the UTL project for syncing secret values from secure external sources.
• Credential Segregation: Strict separation between configuration metadata and actual sensitive values.

Validation & Quality Assurance

• Config Validator: Automated schema validation of YAML files before they are consumed by the pipeline.
• Consistency Checks: Ensures all required environment variables and infrastructure references are present.