/openapi.json
Private machine-readable OpenAPI contract served by the build service.
Private build boundary
CMS publish API handoff
Public, non-secret documentation for the private Ensemble build service used by the Cloud Elephants CMS.
private servicelocal/S3/R2
Contract routes
Private API surface
/api/ensemble/cms/publish
Preferred signed Cloud Elephants CMS publish route.
/receipts/<request_id>
Private receipt lookup for build status, output paths, and publish result.
Publish request
What the CMS sends
The CMS sends a raw JSON body signed with X-Ensemble-Timestamp and X-Ensemble-Signature. The request identifies the tenant, snapshot, Content API base URI, requested paths, publish target, and optional public URL used for generated sitemap, robots, llms.txt, and receipts.
tenant_idtenant_slugsnapshot_idcontent_api_base_urirequested_pathspublish_target
Generated root
Files and receipts
The private service writes build output under the generated root. A completed receipt exposes output_root and snapshot_root as generated-root-relative paths so CI, operators, and the CMS can inspect exactly what was built.
generated/build-webhooks/<request_id>.json
generated/build-webhooks/<request_id>.log
generated/snapshots/<snapshot_id>/snapshot.json
generated/builds/<tenant_slug>/<request_id>/static-site
generated/tenant-builds/<tenant_id>/<request_id>.json
Publish targets
Directory and object-store delivery
publish_target=local
Writes the built static site to a generated-root-relative directory.
publish_target=s3
Uploads the generated static artifact through the S3-compatible adapter.
publish_target=r2
Uses the same object-store adapter shape for Cloudflare R2.
Public boundary
What stays hidden
ensemble.cloudelephants.com must keep ENSEMBLE_NEXT_BUILD_API_ENABLED=false. The public documentation can describe the contract, while the publish handlers and private /openapi.json route remain reachable only from the private build service.