Documentation
¶
Overview ¶
Package incident implements the operator-facing incident REST surface (agent-in-the-loop D1/D2): the read API (GET /v1/incidents, GET /:id) and the tier-3 approval decisions (POST /:id/approvals/:approval_id/{approve,reject}).
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
Controller serves the incident endpoints. It holds the event bus so approval decisions can emit incident lifecycle events on the existing /events stream.
func New ¶
func New(bus event.Bus) *Controller
New constructs an incident Controller bound to the event bus.
func (*Controller) Approve ¶
func (ctrl *Controller) Approve(c *echo.Context) error
Approve handles POST /v1/incidents/:id/approvals/:approval_id/approve.
SECURITY: this route is operator-gated by RBAC and — critically — agent session tokens are rejected OUTRIGHT in authorizeScope before reaching this handler, so the caller is always a human operator. That is the load-bearing half of the design's "tier 3 always terminates at a human" invariant.
func (*Controller) Get ¶
func (ctrl *Controller) Get(c *echo.Context) error
Get handles GET /v1/incidents/:id — the full triage timeline.