state

package
v1.18.0-rc.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 21, 2026 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// MetadataKey is the state-store key holding the workflow's metadata row
	// (history/inbox/signature lengths + generation). Exported so other
	// packages can refresh just this row to pick up the latest ETag without
	// reloading the full workflow state.
	MetadataKey = "metadata"
)

Variables

This section is empty.

Functions

func IsTamperMarker 

func IsTamperMarker(e *backend.HistoryEvent) bool

IsTamperMarker reports whether e is the well-known terminal event written by MarkAsTamperFailed to record that the workflow's persisted state was detected as tampered. It is identified by an ExecutionCompleted with status FAILED and FailureDetails.ErrorType set to wferrors.ErrorTypeHistoryTampered. Loaders use this check to bypass signature verification on workflows that have already been terminally failed by tamper detection — without the bypass, the broken signature chain would block every subsequent load.

func WorkflowVersion 

func WorkflowVersion(events []*backend.HistoryEvent) *wrapperspb.StringValue

WorkflowVersion returns the version recorded on the first WorkflowStarted history event, or nil if none is set.

Types

type Options 

type Options struct {
	AppID             string
	Namespace         string
	WorkflowActorType string
	ActivityActorType string
	Signer            *signer.Signer
}

type State 

type State struct {
	Inbox                       []*backend.HistoryEvent
	History                     []*backend.HistoryEvent
	SigningCertificates         []*backend.SigningCertificate
	ExternalSigningCertificates []*backend.ExternalSigningCertificate
	Signatures                  []*backend.HistorySignature
	CustomStatus                *wrapperspb.StringValue
	Generation                  uint64

	// RawHistory holds the raw bytes of history events as loaded from the
	// state store. These are used for signature verification to verify
	// against the actual persisted bytes.
	RawHistory [][]byte

	// RawSignatures holds the raw serialized bytes of each HistorySignature
	// as loaded from the state store or returned by SignResult.RawSignature.
	// These are the single source of truth for digest computation in chain
	// linking and must be preserved exactly as stored.
	RawSignatures [][]byte

	// IncomingHistory is the propagated history this workflow received from
	// its caller. Stored as a separate state key, NOT as part of history
	// events. Set once at workflow creation, never modified.
	IncomingHistory *protos.PropagatedHistory
	// contains filtered or unexported fields
}

func LoadWorkflowState 

func LoadWorkflowState(ctx context.Context, state state.Interface, actorID string, opts Options) (*State, error)

func MarkAsTamperFailed 

func MarkAsTamperFailed(ctx context.Context, astate state.Interface, actorID string, opts Options, prior *State, cause error) (*State, error)

MarkAsTamperFailed appends a single terminal ExecutionCompleted(FAILED) event to the workflow's history to record that its persisted state was detected as tampered. The original (untrusted) history, inbox, signatures, and certs are left intact for forensics — only the marker event is added, and it is not signed. Subsequent loads detect the marker via IsTamperMarker and bypass signature verification, so the workflow surfaces as terminally FAILED with wferrors.ErrorTypeHistoryTampered in its FailureDetails.

MarkAsTamperFailed is idempotent: if prior already ends in a tamper marker the state is returned unchanged with no store write.

func NewState 

func NewState(opts Options) *State

func (*State) AddExternalCert 

func (s *State) AddExternalCert(digest []byte, certDER []byte) (uint64, error)

AddExternalCert appends a foreign signing certificate to the ext-sigcert table if its digest is not already present, and returns the table index. Idempotent: the same (digest, certDER) pair called twice in one run produces exactly one stored entry and returns the same index both times. digest must be the SHA-256 of certDER (the caller typically already has this value from historysigning.CertDigest). The caller is responsible for verifying that the digest matches certDER before calling - this method does not re-hash on the hot path. Returns an error if digest is not 32 bytes.

func (*State) AddSignature 

func (s *State) AddSignature(sig *backend.HistorySignature, raw []byte)

func (*State) AddSigningCertificate 

func (s *State) AddSigningCertificate(cert *backend.SigningCertificate)

func (*State) AddToHistory added in v1.16.0 

func (s *State) AddToHistory(e *backend.HistoryEvent)

func (*State) AddToInbox 

func (s *State) AddToInbox(e *backend.HistoryEvent)

func (*State) ApplyRuntimeStateChanges 

func (s *State) ApplyRuntimeStateChanges(rs *backend.WorkflowRuntimeState)

func (*State) ClearInbox 

func (s *State) ClearInbox()

func (*State) FindHistoryEventByID 

func (s *State) FindHistoryEventByID(id int32) *backend.HistoryEvent

FindHistoryEventByID returns the history event whose EventId matches id, or nil if no such event exists. Linear scan; small constant number of TaskScheduled / ChildWorkflowInstanceCreated lookups per inbound completion event.

func (*State) FromWorkflowState added in v1.16.0 

func (s *State) FromWorkflowState(state *protos.BackendWorkflowState)

func (*State) GetPurgeRequest 

func (s *State) GetPurgeRequest(actorID string) (*api.TransactionalRequest, error)

func (*State) GetSaveRequest 

func (s *State) GetSaveRequest(actorID string) (*api.TransactionalRequest, error)

func (*State) HasTamperMarker 

func (s *State) HasTamperMarker() bool

HasTamperMarker reports whether the workflow has been terminally failed by tamper detection (cold-store load tamper or attestation verification failure). True implies IsCompleted; the converse does not hold (a normally completed workflow returns false).

func (*State) HistoryAddedCount 

func (s *State) HistoryAddedCount() int

HistoryAddedCount returns the number of history events added since the last save or reset. Used by the orchestrator to know how many events need signing.

func (*State) IsCompleted 

func (s *State) IsCompleted() bool

IsCompleted reports whether the workflow's history ends in any ExecutionCompleted event - the runtime's terminal marker. Operates on stored state directly so callers that have a *State but not yet a runtime state (e.g. mid-load decisions) can check terminality.

func (*State) LookupExternalCert 

func (s *State) LookupExternalCert(digest []byte) (*backend.ExternalSigningCertificate, uint64, bool)

LookupExternalCert returns the ExternalSigningCertificate whose digest matches the given bytes, plus its table index. Returns (nil, 0, false) if not found. Used by attestation verification to resolve a payload's signerCertDigest to the corresponding cert.

func (*State) MetadataETag added in v1.17.7 

func (s *State) MetadataETag() *string

MetadataETag returns the cached metadata ETag, or nil if none is known. Callers performing optimistic concurrency pass this through to the metadata TransactionalUpsert via [GetSaveRequest].

func (*State) Reset 

func (s *State) Reset()

func (*State) ResetChangeTracking 

func (s *State) ResetChangeTracking()

ResetChangeTracking resets the change tracking counters. This should be called after a save request.

func (*State) SetIncomingHistory 

func (s *State) SetIncomingHistory(ph *protos.PropagatedHistory)

SetIncomingHistory sets the received propagated history on the state.

func (*State) SetMarshaledNewHistory 

func (s *State) SetMarshaledNewHistory(raw [][]byte)

SetMarshaledNewHistory stores pre-marshaled bytes for newly added history events. These bytes will be used by GetSaveRequest instead of re-marshaling, ensuring the persisted bytes match exactly what was signed.

func (*State) SetMetadataETag added in v1.17.7 

func (s *State) SetMetadataETag(etag *string)

SetMetadataETag updates the cached metadata ETag. Called after a successful save to record the new row-version token returned by a follow-up metadata-only Get, so the next save can present it as the prior ETag for the optimistic-concurrency check.

func (*State) String 

func (s *State) String() string

String implements fmt.Stringer and is primarily used for debugging purposes.

func (*State) ToWorkflowState added in v1.16.0 

func (s *State) ToWorkflowState() *protos.BackendWorkflowState

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.