@swampadmin/platform-ops
v2026.03.10.0
All-in-one platform operations toolkit.
Included
- Infrastructure models — provision and teardown with status tracking
- Compliance scanning — automated audit with remediation
- SSH driver — remote execution on provisioned hosts
- State persistence — PostgreSQL-backed state store
- Secrets — platform credential management
- Reports — compliance and resource inventory
Depends on
@swampadmin/vault-secretsand@swampadmin/db-adapters.
Repository
https://github.com/swamp-club/platform-ops
Labels
platformopsinfrastructurecompliance
Install
$ swamp extension pull @swampadmin/platform-opsRelease Notes
Highlights
This extension demonstrates every content type swamp supports:
- 2 models — infrastructure provisioning and compliance scanning
- 1 workflow — provision environment then run compliance
- 1 vault — platform secret storage
- 1 datastore — persistent state backend
- 1 driver — SSH remote execution
- 2 reports — compliance audit and resource inventory
@swampadmin/platform-ops/infrav1.0.0infra.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| environment | string | Target environment (dev, staging, prod) |
| region | string | Deployment region |
| dry_run? | boolean | Preview changes without applying |
provisionprovision operation
| Argument | Type | Description |
|---|---|---|
| environment | string | Target environment name |
| size? | string | Instance size (small, medium, large) |
| count? | number | Number of instances |
teardownteardown operation
| Argument | Type | Description |
|---|---|---|
| name | string | Resource name |
statusstatus operation
| Argument | Type | Description |
|---|---|---|
| name | string | Resource name |
Resources
infra.state(persistent)— Managed resource state
infra.lock(ephemeral)— Concurrency lock
@swampadmin/platform-ops/compliancev1.0.0compliance.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| environment | string | Target environment (dev, staging, prod) |
| region | string | Deployment region |
| dry_run? | boolean | Preview changes without applying |
scanscan operation
| Argument | Type | Description |
|---|---|---|
| scope? | string | Scan scope (all, network, storage, compute) |
| severity? | string | Minimum severity level (low, medium, high, critical) |
remediateremediate operation
| Argument | Type | Description |
|---|---|---|
| name | string | Resource name |
auditaudit operation
| Argument | Type | Description |
|---|---|---|
| name | string | Resource name |
Files
compliance.log(text/plain)— Operation audit log
compliance.json(application/json)— Structured output
Provision Environmentprovision-env
Provision Environment workflow
provision-env-jobExecute Provision Environment
1.Provision Infra@swampadmin/platform-ops/infra.provision— Provision Infra step
2.Run Compliance@swampadmin/platform-ops/compliance.scan— Run Compliance step
platform-secretsconfigurable
vault-providerplatform-secrets.ts
platform-secrets secrets provider
Config Fields
| Field | Type | Description |
|---|---|---|
| backend | string | Vault backend type (hashicorp, aws, env) |
| prefix? | string | Key prefix for secret namespacing |
platform-stateconfigurable
datastore-providerstate-db.ts
platform-state datastore provider
Config Fields
| Field | Type | Description |
|---|---|---|
| connection_string | string | Database connection URL |
ssh-executorconfigurable
driverssh.ts
ssh-executor execution driver
Config Fields
| Field | Type | Description |
|---|---|---|
| host | string | SSH target hostname or IP |
| port? | number | SSH port (default: 22) |
| user | string | SSH username |
| private_key_path? | string | Path to SSH private key |
| proxy_host? | string | Jump host / bastion for tunneling |
compliance-reportmodel
compliance-report.ts
Aggregated compliance scan results across all provisioned infrastructure with remediation priorities
complianceauditsecurity
resource-inventoryworkflow
resource-inventory.ts
Full resource inventory collected during provisioning workflows with lifecycle status tracking
inventoryresources