74 lines
2.5 KiB
Go
74 lines
2.5 KiB
Go
// Package governance provides a gRPC client for the Guildhouse GovernanceService
|
|
// and CeremonyService, used by SPIRE plugins to participate in governed mutations.
|
|
package governance
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
)
|
|
|
|
// Config holds governance client configuration.
|
|
type Config struct {
|
|
// GovernanceAddr is the gRPC address of the GovernanceService.
|
|
GovernanceAddr string
|
|
|
|
// CeremonyAddr is the gRPC address of the CeremonyService.
|
|
CeremonyAddr string
|
|
|
|
// NotaryAddr is the gRPC address of the NotaryService.
|
|
NotaryAddr string
|
|
}
|
|
|
|
// IntentResult holds the result of a CreateIntent call.
|
|
type IntentResult struct {
|
|
IntentID string
|
|
CeremonyID string // non-empty if ceremony required
|
|
Denied bool
|
|
Error string
|
|
}
|
|
|
|
// RedeemResult holds the result of a RedeemIntent call.
|
|
type RedeemResult struct {
|
|
Success bool
|
|
SatHash []byte
|
|
Status string
|
|
Error string
|
|
}
|
|
|
|
// Client wraps gRPC clients for GovernanceService, CeremonyService, and NotaryService.
|
|
type Client struct {
|
|
config Config
|
|
}
|
|
|
|
// NewClient creates a governance client.
|
|
func NewClient(cfg Config) (*Client, error) {
|
|
if cfg.GovernanceAddr == "" {
|
|
return nil, fmt.Errorf("governance: governance address is required")
|
|
}
|
|
// TODO: implement — establish gRPC connections with mTLS
|
|
return &Client{config: cfg}, nil
|
|
}
|
|
|
|
// CreateIntent creates a MutationIntent for a credential operation.
|
|
func (c *Client) CreateIntent(ctx context.Context, registryType, verb, artifactScope, tenantID string) (*IntentResult, error) {
|
|
// TODO: implement — call GovernanceService.CreateIntent
|
|
return nil, fmt.Errorf("governance: CreateIntent not yet implemented")
|
|
}
|
|
|
|
// RedeemIntent redeems a MutationIntent to obtain a SAT.
|
|
func (c *Client) RedeemIntent(ctx context.Context, intentID string) (*RedeemResult, error) {
|
|
// TODO: implement — call GovernanceService.RedeemIntent
|
|
return nil, fmt.Errorf("governance: RedeemIntent not yet implemented")
|
|
}
|
|
|
|
// CreateCeremony creates a governance ceremony.
|
|
func (c *Client) CreateCeremony(ctx context.Context, ceremonyType, intentID string, requiredApprovals uint32) (string, error) {
|
|
// TODO: implement — call CeremonyService.CreateCeremony
|
|
return "", fmt.Errorf("governance: CreateCeremony not yet implemented")
|
|
}
|
|
|
|
// SubmitMerkleLeaf submits a credential event as a merkle leaf to the NotaryService.
|
|
func (c *Client) SubmitMerkleLeaf(ctx context.Context, clusterID string, leaf []byte) (string, error) {
|
|
// TODO: implement — call NotaryService.CreateAnchor
|
|
return "", fmt.Errorf("governance: SubmitMerkleLeaf not yet implemented")
|
|
}
|