api

package
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 29, 2026 License: AGPL-3.0 Imports: 2 Imported by: 0

Documentation

Overview

Package api defines the read-only view contracts that observability (dashboard, metrics, audit, webhook) and auth gates consume from the registry's state stores (directory, membership, trust, policy, identity).

This package is the contract layer for the registry split. No implementations live here. Concrete stores in their own sub-packages satisfy these interfaces; consumers hold only the interface types, never the writeable *Store pointers.

Stability contract: every exported identifier is part of the registry-internal layer-boundary ABI. Adding fields to the snapshot view structs is backward-compatible; renaming or removing them breaks every observability/auth consumer in lockstep with the store that produces the snapshot.

Allowed imports: stdlib only (plus crypto/ed25519 and time when a view structurally needs them). No store-package imports — the import direction is consumer → api ← store.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DirectoryView 

type DirectoryView interface {
	// GetNode returns a snapshot of the node and true if present.
	GetNode(nodeID uint32) (*NodeInfo, bool)

	// NodeCount returns the total number of registered nodes.
	NodeCount() int

	// List returns a snapshot slice of every node. The returned slice
	// is owned by the caller; mutations do not affect the store.
	List() []*NodeInfo

	// Online returns the count of nodes whose LastSeen is at or after
	// threshold (i.e., considered live).
	Online(threshold time.Time) int

	// TaskExecutorCount returns the number of nodes advertising task
	// execution capability.
	TaskExecutorCount() int

	// LookupByPubKey returns the nodeID owning the given base64-encoded
	// Ed25519 public key. The bool is false on miss.
	LookupByPubKey(pubKeyB64 string) (uint32, bool)

	// LookupByHostname returns the nodeID with the given unique
	// hostname. The bool is false on miss.
	LookupByHostname(name string) (uint32, bool)
}

DirectoryView is the read-only contract over the registry's directory store. R7 (dashboard, metrics) and R4 (authz) consume this; only the directory store package produces it.

Implementations must be safe for concurrent use; callers may call any method from any goroutine without external synchronization.

type IdentityView 

type IdentityView interface {
	// Configured reports whether an external IDP integration is set
	// up (mirrors today's "idpConfig != nil" check on Server).
	Configured() bool

	// GetKeyInfo returns the lifecycle metadata for nodeID's current
	// key and true if present.
	GetKeyInfo(nodeID uint32) (*KeyInfo, bool)
}

IdentityView is the read-only contract over the registry's identity store (key lifecycle, IDP configuration). R7 (dashboard) and R4 consume this; only the identity store package produces it.

Implementations must be safe for concurrent use.

type KeyInfo 

type KeyInfo struct {
	CreatedAt   time.Time `json:"created_at"`
	RotatedAt   time.Time `json:"rotated_at,omitempty"` // zero if never rotated
	RotateCount int       `json:"rotate_count"`
	ExpiresAt   time.Time `json:"expires_at,omitempty"` // zero = no expiry
}

KeyInfo is a read-only snapshot of a node's key lifecycle metadata, surfaced for compliance reporting and trust decisions. Field shape mirrors pkg/registry/server.KeyInfo for mechanical adoption.

type MembershipView 

type MembershipView interface {
	// GetNetwork returns a snapshot of the network and true if present.
	GetNetwork(networkID uint16) (*NetworkInfo, bool)

	// Count returns the total number of networks.
	Count() int

	// Networks returns a snapshot slice of every network.
	Networks() []*NetworkInfo

	// Members returns the node IDs that belong to networkID. Returns
	// nil if the network does not exist.
	Members(networkID uint16) []uint32

	// NetworksFor returns the network IDs nodeID is a member of.
	NetworksFor(nodeID uint32) []uint16

	// MemberRole returns the member's role in the network. The error
	// is non-nil when the network or membership does not exist.
	MemberRole(networkID uint16, nodeID uint32) (Role, error)

	// MemberTags returns the admin-assigned tags for the member.
	// Returns nil when no tags are set or the membership is absent.
	MemberTags(networkID uint16, nodeID uint32) []string

	// PendingInvites returns the count of pending network invites in
	// the node's inbox.
	PendingInvites(nodeID uint32) int
}

MembershipView is the read-only contract over the registry's membership store. R7 (dashboard) and R4 (authz role check) consume this; only the membership store package produces it.

Implementations must be safe for concurrent use.

type NetworkInfo 

type NetworkInfo struct {
	ID          uint16
	Name        string
	JoinRule    string
	Token       string // for token-gated networks
	Members     []uint32
	MemberRoles map[uint32]Role     // per-member RBAC roles
	MemberTags  map[uint32][]string // admin-assigned per-member tags
	AdminToken  string              // per-network admin token (optional)
	Policy      NetworkPolicy       // network policy (limits, port restrictions)
	Rules       json.RawMessage     // managed network rules document (nil = none)
	ExprPolicy  json.RawMessage     // programmable policy engine document (nil = none)
	Enterprise  bool                // enterprise network (gates phase 2-5 features)
	Created     time.Time
}

NetworkInfo is a read-only snapshot of a network record.

Field shape mirrors pkg/registry/server.NetworkInfo. The server type's *wire.NetworkRules pointer is represented here as the marshaled rules document (json.RawMessage); a nil/empty value means the network has no managed rules. Internal atomic counters (requestCount) are intentionally absent from the snapshot.

type NetworkInvite 

type NetworkInvite struct {
	NetworkID uint16    `json:"network_id"`
	InviterID uint32    `json:"inviter_id"`
	Timestamp time.Time `json:"timestamp"`
}

NetworkInvite is a read-only snapshot of a pending network invitation in the registry's invite inbox. Field shape mirrors pkg/registry/server.NetworkInvite for mechanical adoption.

type NetworkPolicy 

type NetworkPolicy struct {
	MaxMembers   int      `json:"max_members"`   // 0 = unlimited
	AllowedPorts []uint16 `json:"allowed_ports"` // empty = all ports allowed
	Description  string   `json:"description"`   // human-readable description
}

NetworkPolicy is a read-only snapshot of a network's policy constraints. Field shape mirrors pkg/registry/server.NetworkPolicy for mechanical adoption.

type NodeInfo 

type NodeInfo struct {
	ID         uint32
	Owner      string // email or identifier (for key rotation)
	PublicKey  []byte
	RealAddr   string
	Networks   []uint16
	LastSeen   time.Time
	Public     bool   // if true, endpoint is visible in lookup/list_nodes
	Hostname   string // unique hostname for discovery (empty = none)
	Tags       []string
	TaskExec   bool     // node advertises task execution capability
	LANAddrs   []string // LAN addresses for same-network peer detection
	KeyMeta    KeyInfo  // key lifecycle metadata
	ExternalID string   // verified external identity (e.g., OIDC sub)
	Version    string   // binary version reported by daemon
	RelayOnly  bool     // peers must reach this node via beacon relay only
}

NodeInfo is a read-only snapshot of a directory entry.

Field shape mirrors the internal server.NodeInfo so the directory store can either type-alias api.NodeInfo or copy fields into it on read. The internal atomic counters that live on server.NodeInfo (lastSeenNano, lastVerifiedNano) are intentionally absent — readers receive the resolved LastSeen value, not the raw atomic.

type PolicyView 

type PolicyView interface {
	// Get returns the policy for networkID and true if set.
	Get(networkID uint16) (*NetworkPolicy, bool)

	// GetExpr returns the marshaled expression-policy document for
	// networkID, or (nil, false) when none is set. The bytes are
	// owned by the caller and may be retained or mutated freely.
	GetExpr(networkID uint16) ([]byte, bool)
}

PolicyView is the read-only contract over the registry's per-network policy store. R7 and R4 consume this; only the policy store package produces it.

Implementations must be safe for concurrent use.

type Role 

type Role string

Role is a member's permission level within a network. Values are the same string constants used today by server.Role. 

const (
	RoleOwner  Role = "owner"  // created the network, full control
	RoleAdmin  Role = "admin"  // can invite, remove members, change settings
	RoleMember Role = "member" // can communicate, cannot manage
)

type TrustView 

type TrustView interface {
	// Count returns the total number of trust pairs currently stored.
	Count() int

	// IsTrusted reports whether nodes a and b have an established
	// trust pair. The relation is symmetric: IsTrusted(a, b) ==
	// IsTrusted(b, a).
	IsTrusted(a, b uint32) bool
}

TrustView is the read-only contract over the registry's trust-pair store. R7 (dashboard) and R4 (authz) consume this; only the trust store package produces it.

Implementations must be safe for concurrent use.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.