Documentation
¶
Overview ¶
Package trustedagents holds the daemon-side service that periodically refreshes the trusted-agents allowlist from GitHub. The data layer (embedded JSON, Agent type, IsTrusted, All) lives in internal/trustedagents so the CLI can read the list without pulling in an L11 plugin import.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsTrusted ¶
IsTrusted is re-exported for source compatibility. New code should import internal/trustedagents.IsTrusted directly.
func Run ¶
Run polls the canonical URL on a timer, replacing the active list whenever a new one is fetched. Blocks until ctx is cancelled. The first fetch is delayed 0–30s so a fleet rebooting at the same time doesn't thunder the URL.
func SetForTest ¶
func SetForTest(agents []Agent) (restore func())
SetForTest is re-exported for source compatibility.
Types ¶
type Agent ¶
type Agent = internaltrusted.Agent
Agent is re-exported for source compatibility. New code should import internal/trustedagents.Agent directly.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service is the L11 plugin adapter. Implements both coreapi.Service (lifecycle) and coreapi.TrustChecker (trust gate). Daemon stores it twice — once in the plugin registry, once as the trust checker — but it's the same struct.
func NewService ¶
func NewService() *Service
NewService returns a Service ready for daemon.RegisterPlugin and daemon.RegisterTrustChecker.
func (*Service) IsTrusted ¶
IsTrusted is the coreapi.TrustChecker side of the plugin. Delegates to the package-global allowlist that Run() maintains.
Source Files