Score Orchestrator (independent reference project)

Non-affiliation: This repository is an independent reference project and is not affiliated with the Score Official (Score Spec Maintainers). It aims to be Score-compatible while keeping the user experience runtime-agnostic.

Why this exists

Score defines a portable way to describe applications. This project provides a small, opinionated control plane so that users author only a Workload, while platform/runtime details and dependencies are handled behind the scenes.

What this project is

• A reference orchestrator built around Kubernetes CRDs (group/version: score.dev/v1b1)
• Public API surface: Workload only
• Internal contracts for platform use: ResourceClaim, WorkloadPlan
• Status is abstract and user-centric (a single endpoint, abstract conditions, claim summaries)
• Validation boundary: CRD OpenAPI + CEL for spec invariants; org policy via VAP/OPA/Kyverno
• Development-grade provisioning for databases and services (aligned with score-k8s approach)

What happens when dependencies are not ready?

When required outputs from ResourceClaim resolvers contain unresolved ${...} placeholders, the Orchestrator detects this before emitting a WorkloadPlan. Instead of passing unresolved values to the runtime, it sets Workload.status with RuntimeReady=False and Reason=ProjectionError. Once resolver outputs are complete, the Orchestrator emits the Plan and the Workload converges to Ready.

Design tenets (at a glance)

• Runtime-agnostic UX — no runtime-specific nouns in user-visible docs
• Single-writer status — only the orchestrator updates Workload.status
• Runtime-sourced endpoints — canonical URLs are published by Runtime, mirrored by Orchestrator
• Separation of concerns — plan vs. claims; users vs. platform
• RBAC by default — users see only Workload

Documentation

• Getting Started: docs/guides/getting-started.md
• Spec & APIs: docs/spec/crds.md
• Controllers & responsibilities: docs/spec/control-plane.md
• Lifecycle & state: docs/spec/lifecycle.md
• Orchestrator Config (profiles/selection/defaults): docs/spec/orchestrator-config.md
• Validation strategy (OpenAPI + CEL): docs/spec/validation.md
• RBAC recommendations: docs/spec/rbac.md
• ADR index: docs/ADR/

Discussion & background

• Score spec discussion: score-spec/spec#157

Implementation Status

Golden Path Complete: End-to-end flow from Workload creation to Ready state is functional.

Current Limitations (marked as TODO in code):

• Kubernetes runtime: Resource requests/limits parsing not fully implemented
• Endpoint derivation: Template-based endpoint generation is placeholder
• Service-based endpoint derivation: Simplified implementation

See code comments with TODO for detailed improvement areas.

Contributing

See CONTRIBUTING.md. PRs that improve docs, tests, and conformance are welcome.