Structs§
- Audit
Record - Backoff
Config - Configuration for exponential backoff without jitter.
- Backoff
State - Tracks how many attempts have been made so far.
- Cert
Metrics - In-process certificate operation counters (single-threaded). Serialize to JSON for periodic log-line metrics export.
- Cert
Record - A single certificate tracked by the reconciler.
- Cloud
Event - Domain
Policy - Per-domain backoff policy override.
hostname_patternis an exact hostname match for AAA-1/2; wildcard support is deferred to AAA-3. - Issuance
Report - Issuance
Request - State
Store - File-backed collection of
CertRecords. Single-writer assumption — concurrent cell runs must not share the same file. - State
Transition - Traefik
Router Config - Traefik
Static Config Input
Enums§
- Cert
State - Reconcile
Decision - The action the reconciler should take given the current certificate state.
reconcile_stepis a pure function: same input always produces the same output. - Request
Validation Error
Functions§
- advance_
record - Advance a
CertRecordby one reconcile step using the given backoff config. - cert_
state_ from_ str - Parse a
CertStatefrom its snake_case name string. - cert_
state_ names - dry_
run_ issue - events_
from_ report - generate_
router_ labels - new_
request - next_
backoff_ delay - Returns the delay before the next attempt, or
Noneif retries are exhausted. Delay doubles each attempt and is capped atconfig.max_delay_ms. - next_
backoff_ delay_ jittered - Jittered variant of
next_backoff_delay. - next_
state - The next state in the forward-progress pipeline for
Proceeddecisions. ReturnsNonefor terminal or wait states. - reconcile_
step - Pure reconcile function: given current state, return the required action. Makes no I/O, mutates nothing, has no side effects.
- render_
traefik_ static_ yaml - resolve_
backoff - Resolve the effective backoff config for a hostname.
- validate_
hostname - validate_
request - write_
audit_ jsonl - write_
events_ jsonl