package main

// GovernanceNotifier implements the SPIRE Notifier plugin interface.
//
// SPIRE Server calls Notify() on credential lifecycle events. This plugin
// bridges those events into the Guildhouse governance framework:
//
//  1. Credential issued → CreateIntent(registry_type="credential", verb="issue")
//  2. Credential rotated → CreateIntent(registry_type="credential", verb="rotate")
//  3. Credential revoked → CreateIntent(registry_type="credential", verb="revoke")
//
// For each event, the plugin also constructs a MutationEnvelope containing
// the event payload (JCS-canonicalized) and submits the SHA-256 hash as a
// merkle leaf to the NotaryService for audit anchoring.
//
// See specs/credential-governance.md for the full specification.
type GovernanceNotifier struct {
	// TODO: add fields
	// - governance.Client for GovernanceService/CeremonyService/NotaryService
	// - config for cluster ID, trust domain
}