Tyler King
a58d548518
- Network-policy SPIRE plugin extension - Governance event notification with merkle anchoring - Shellstream specs for consent channels + HFL embedded ABI - All 17 audit findings from AUDIT.md remediated - SSH credential composer + substrate key manager updates - Test coverage for config + sshcert packages Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
47 lines
1.2 KiB
Go
47 lines
1.2 KiB
Go
// Governance Notifier — SPIRE Notifier plugin.
|
|
//
|
|
// Runs in SPIRE Server. Notifies the Guildhouse GovernanceService of credential
|
|
// lifecycle events (issue, rotate, revoke) and submits MutationEnvelopes to the
|
|
// NotaryService for merkle anchoring.
|
|
package main
|
|
|
|
import (
|
|
"context"
|
|
"log"
|
|
|
|
"github.com/hashicorp/go-plugin"
|
|
"google.golang.org/grpc"
|
|
)
|
|
|
|
var handshakeConfig = plugin.HandshakeConfig{
|
|
ProtocolVersion: 1,
|
|
MagicCookieKey: "ServerAgent",
|
|
MagicCookieValue: "GuildhouseSpire",
|
|
}
|
|
|
|
// GovernanceNotifierPlugin implements plugin.GRPCPlugin for the governance notifier.
|
|
type GovernanceNotifierPlugin struct {
|
|
plugin.Plugin
|
|
Impl *GovernanceNotifier
|
|
}
|
|
|
|
func (p *GovernanceNotifierPlugin) GRPCServer(broker *plugin.GRPCBroker, s *grpc.Server) error {
|
|
log.Println("governance-notifier: gRPC server registered")
|
|
return nil
|
|
}
|
|
|
|
func (p *GovernanceNotifierPlugin) GRPCClient(ctx context.Context, broker *plugin.GRPCBroker, c *grpc.ClientConn) (interface{}, error) {
|
|
return nil, nil
|
|
}
|
|
|
|
func main() {
|
|
notifier := &GovernanceNotifier{}
|
|
|
|
plugin.Serve(&plugin.ServeConfig{
|
|
HandshakeConfig: handshakeConfig,
|
|
Plugins: map[string]plugin.Plugin{
|
|
"notifier": &GovernanceNotifierPlugin{Impl: notifier},
|
|
},
|
|
GRPCServer: plugin.DefaultGRPCServer,
|
|
})
|
|
}
|