sdk

package
v0.4.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 29, 2026 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Overview

Package sdk is the `da-adapter-sdk` Go surface that bootstrap skills use exclusively to write into scoped KG storage (graph-backend-adapter-contract §8.4).

The contract rule the SDK enforces (§8.2): bootstrap skills and named queries MUST NOT open direct DB connections. Every storage operation goes through the SDK, which attaches a short-lived namespace token scoped to the operation. The storage layer validates every namespace referenced by an operation against the token's authorized set, and rejects anything outside it before any row is touched.

This package ships the SDK surface (§8.4.1) and an in-memory store backing it. The in-memory store is the substrate the TTRPG dogfood (.agents/sandbox/ttrpg-adapter/) runs its hard test against without standing up SQLite/Postgres: it is a faithful model of the namespace-token contract, not a production backend. A production SDK swaps the Store implementation for one backed by the gcc role-segregated graphstore (§2.7) — the SDK surface (this file) does not change.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Edge

type Edge struct {
	Type string
	From string
	To   string
}

Edge is a single typed edge between two notes (by id).

type FiredPredicate

type FiredPredicate struct {
	Predicate string
	Args      map[string]any
}

FiredPredicate records a declare_predicate_fired call (§8.4.1).

type Grant

type Grant struct {
	Namespace string
	Mode      Mode
}

Grant is one (namespace, mode) pair in a token's authorized set (§8.2).

type MemStore

type MemStore struct {
	// contains filtered or unexported fields
}

MemStore is an in-memory Store for tests and the dogfood hard test. It enforces the §8.2 namespace-token contract: every operation's namespace and mode must be authorized by the supplied token, else the operation is rejected before touching storage. The zero value is not usable; use NewMemStore.

func NewMemStore

func NewMemStore() *MemStore

NewMemStore returns an empty in-memory store.

func (*MemStore) Edges

func (m *MemStore) Edges(token Token, ns string) ([]Edge, error)

Edges returns ns's edges after token authorization.

func (*MemStore) Namespaces

func (m *MemStore) Namespaces() []string

Namespaces returns the namespaces with any data, sorted. Test/inspection aid.

func (*MemStore) Notes

func (m *MemStore) Notes(token Token, ns string) ([]Note, error)

Notes returns ns's notes after token authorization (§8.2 N9: defense in depth — even a valid token is checked per-namespace).

func (*MemStore) WriteEdges

func (m *MemStore) WriteEdges(token Token, ns string, edges []Edge) error

WriteEdges appends edges to ns after token authorization.

func (*MemStore) WriteNotes

func (m *MemStore) WriteNotes(token Token, ns string, notes []Note) error

WriteNotes appends notes to ns after token authorization (§8.2 N8: a write to a namespace the token does not grant write on is rejected at the storage layer regardless of token contents).

type Mode

type Mode string

Mode is a namespace access mode (§8.2): read or write.

const (
	// ModeRead authorizes reads against a namespace.
	ModeRead Mode = "read"
	// ModeWrite authorizes writes against a namespace.
	ModeWrite Mode = "write"
)

type NamespaceView

type NamespaceView struct {
	Notes []Note
	Edges []Edge
}

NamespaceView is the read-only data a QueryRunner sees.

func (NamespaceView) EdgesByType

func (v NamespaceView) EdgesByType(t string) []Edge

EdgesByType returns the namespace's edges of a given type.

func (NamespaceView) NotesByType

func (v NamespaceView) NotesByType(t string) []Note

NotesByType returns the namespace's notes of a given type.

type Note

type Note struct {
	ID     string
	Type   string
	Fields map[string]any
}

Note is a single note written to a namespace. The SDK is schema-agnostic at this layer: schema validation (§4) is the registry's job and runs before a bootstrap calls WriteNotes. ID and Type are required; Fields carries the declared note-type fields.

type QueryRunner

type QueryRunner func(NamespaceView) []Row

QueryRunner runs a named query over a single namespace's data and returns rows. It is the in-process stand-in for a compiled DSL query.

type Row

type Row map[string]any

Row is a single named-query result row: an ordered set of column values keyed by the RETURN column name.

type SDK

type SDK struct {
	// contains filtered or unexported fields
}

SDK is the `da-adapter-sdk` surface (§8.4.1). A bootstrap skill is constructed with For(adapter, store) and calls only these methods; it never sees a Store, a Token, or a namespace string it did not declare. The SDK derives the token for each operation from the adapter's identity and the operation kind — the bootstrap cannot widen its own authority.

func For

func For(adapter string, store Store) *SDK

For constructs an SDK bound to a single adapter's namespace and store. This is the only constructor a bootstrap skill uses; it cannot reach storage any other way (§8.2: direct DB connections are forbidden by contract).

func (*SDK) Adapter

func (s *SDK) Adapter() string

Adapter returns the namespace this SDK is bound to.

func (*SDK) DeclarePredicateFired

func (s *SDK) DeclarePredicateFired(predicate string, args map[string]any)

DeclarePredicateFired fires an env predicate (§8.4.1 sdk.declare_predicate_fired). The SDK records it; production routes it to the scoped-KG driver bus.

func (*SDK) FiredPredicates

func (s *SDK) FiredPredicates() []FiredPredicate

FiredPredicates returns the predicates fired through this SDK, in call order.

func (*SDK) MaterializeView

func (s *SDK) MaterializeView(name string, readsFrom []string, runner ViewRunner) error

MaterializeView computes and persists a view (§8.4.1 sdk.materialize_view). The SDK derives a multi-namespace token from readsFrom: {adapter, write} plus {dep, read} for each dependency. This is the ONLY surface that may read cross-namespace (§8.3). readNotes lets the runner pull a dependency's notes; the store rejects any namespace not in readsFrom.

func (*SDK) Query

func (s *SDK) Query(runner QueryRunner) ([]Row, error)

Query executes a read-only operation within the adapter's own namespace and returns the matching notes (§8.4.1 sdk.query). The runner is a caller- supplied function that operates on the namespace's notes and edges; in v1 the named-query DSL compiler (internal/kg/dsl, a sibling task) would produce these runners from queries.yaml. Until that lands, the dogfood supplies runners directly — the SDK's job here is the token-scoped read boundary, not DSL compilation. The runner receives ONLY this adapter's namespace data: cross-namespace reads are not reachable from a named query (§8.3).

func (*SDK) WriteEdges

func (s *SDK) WriteEdges(edges []Edge) error

WriteEdges bulk-writes edges to the adapter's own namespace (§8.4.1).

func (*SDK) WriteNotes

func (s *SDK) WriteNotes(notes []Note) error

WriteNotes bulk-writes notes to the adapter's own namespace (§8.4.1). The SDK attaches a {adapter, write} bootstrap token; the store rejects any attempt to write elsewhere.

type Store

type Store interface {
	// WriteNotes bulk-writes notes to ns. token must grant {ns, write}.
	WriteNotes(token Token, ns string, notes []Note) error
	// WriteEdges bulk-writes edges to ns. token must grant {ns, write}.
	WriteEdges(token Token, ns string, edges []Edge) error
	// Notes returns all notes in ns. token must grant {ns, read}.
	Notes(token Token, ns string) ([]Note, error)
	// Edges returns all edges in ns. token must grant {ns, read}.
	Edges(token Token, ns string) ([]Edge, error)
}

Store is the storage substrate the SDK writes into. It is the only thing the SDK touches; a production SDK injects a gcc-backed Store (§2.7) and the SDK surface is unchanged. Every method takes the operation token and rejects out-of-namespace access (§8.2 storage-layer enforcement).

type Token

type Token struct {
	PrimaryAdapter string
	Authorized     []Grant
	IssuedFor      string
}

Token is the namespace token of §8.2: a set of authorized (namespace, mode) pairs derived from the executing adapter's own namespace plus any cross-namespace dependencies declared in the operation being authorized.

In a production backend the token is signed and validated at the storage layer (§8.2.1 N13). Here the SDK constructs and checks it in-process; the authorization model — every referenced namespace must be in the authorized set — is identical, which is what the dogfood needs to exercise.

func BootstrapToken

func BootstrapToken(adapter string) Token

BootstrapToken derives the token for an adapter's bootstrap skill (§8.2 derivation rule: bootstrap grants {adapter, write}). N2.

func OwnReadToken

func OwnReadToken(adapter, operation string) Token

OwnReadToken derives the token for an adapter reading its own namespace (§8.2 derivation rule: own queries grant {adapter, read}). N1/N5.

func ViewToken

func ViewToken(adapter, view string, readsFrom []string) Token

ViewToken derives the token for a materialized view that declares reads_from (§8.2 derivation rule: grants {adapter, write} plus {dep, read} for each dependency). N3/N4.

type ViewRunner

type ViewRunner func(read func(ns string) ([]Note, error)) ([]Note, error)

ViewRunner computes a materialized view's notes, pulling dependency notes via read (which is token-checked at the storage layer).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL