Skip to content
Caracal

Bootstrap Control State

Control Bootstrap is the canonical Control API automation example under examples/controlBootstrap. A small CI/CD-style pipeline keeps one agent’s environment — application, provider, resource, and policy — matching a declared plan, without adding product-management verbs to the runtime CLI.

What it demonstrates

Section titled “What it demonstrates”
AreaBehavior
Automation surfaceCalls /v1/control/invoke instead of using a root admin token.
Identity modelUses scoped, short-lived control keys created in Console, one scope tier per pipeline stage.
Reconciliationapply creates missing objects, patches drifted ones, and publishes a new policy version on content drift.
CI gatingverify is a read-only drift check that exits non-zero when the zone does not match the plan.
Safety modelUses replay protection, rate limits, scoped control permissions, and audit.

The plan describes the PiperNet reporter agent’s environment: the agent application, the provider://pipernet-mandate provider, the resource://pipernet resource wired to it, and the baseline policy that allows read.

Console setup

Section titled “Console setup”

  1. Start the runtime and open Console:

    Terminal window
    caracal up
    caracal status --ready
    caracal console

  2. Create or select the target zone.

  3. Create a control key with only the scopes the stage needs: read/write on app, provider, resource, and policy for apply; read for verify; read/delete for teardown.

  4. Save the one-time client_id and client_secret. STS resolves the zone from the bound control key.

Run the pipeline

Section titled “Run the pipeline”
Terminal window
cd examples/controlBootstrap
cp env.example .env
$EDITOR .env
. .env
npm run apply
npm run verify

apply is idempotent: rerunning it against an in-sync zone changes nothing, and rerunning it against a drifted zone converges the drift. Run teardown when you want to remove the environment:

Terminal window
npm run teardown

Files to study

Section titled “Files to study”
FilePurpose
controlClient.mjsExchanges client credentials at STS and calls the Control API.
plan.mjsDeclares the desired environment, drift checks, scope tiers, and env-driven config.
apply.mjsReconciles the live zone with the plan.
verify.mjsRead-only drift gate for CI.
teardown.mjsRemoves the environment in reverse dependency order.

Test

Section titled “Test”
Terminal window
cd examples/controlBootstrap
npm test

The tests use a fake zone and mock transport and do not call a live Caracal stack.

Next step

Section titled “Next step”

Continue to Check Provider Readiness before sending traffic through a provider-backed Gateway resource.