byteor_app_kit/

capabilities.rs

use serde::Serialize;

/// Current schema version for enterprise runtime capability documents.
pub const CAPABILITY_SCHEMA_VERSION: u32 = 1;

/// Execution targets a runtime can advertise support for.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
#[serde(rename_all = "snake_case")]
pub enum ExecutionTarget {
    /// Canonical lowered SingleRing execution.
    SingleRing,
    /// Canonical lowered LaneGraph execution.
    LaneGraph,
}

/// LaneGraph feature families that matter to authoring and deploy checks.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
#[serde(rename_all = "snake_case")]
pub enum LaneFeature {
    /// Basic events lanes.
    Events,
    /// Sequenced slots lanes.
    SequencedSlots,
    /// Journal lanes.
    Journal,
    /// Fanout-broadcast lanes.
    FanoutBroadcast,
}

/// How a stage key should be interpreted by Cloud and policy surfaces.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
#[serde(rename_all = "snake_case")]
pub enum StageKeyKind {
    /// A fully stable, literal stage key.
    Stable,
    /// A parameterized stage key prefix such as `http_post:*`.
    Prefix,
}

/// Shared policy-class vocabulary for runtime stage entries.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
#[serde(rename_all = "snake_case")]
pub enum PolicyClassId {
    /// Pure or deterministic transforms without external side effects.
    PureTransform,
    /// Side-effecting execution that may require approval or replay restrictions.
    SideEffecting,
}

/// Replay posture attached to a stage or document.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
#[serde(rename_all = "snake_case")]
pub enum ReplaySupport {
    /// Replay execution is allowed.
    Allowed,
    /// Replay is supported only as dry-run.
    DryRunOnly,
    /// Replay is not supported.
    Unsupported,
}

/// Runtime environment posture recognized by Enterprise policy.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
#[serde(rename_all = "snake_case")]
pub enum RuntimeEnvironment {
    /// Development posture.
    Dev,
    /// Staging posture.
    Staging,
    /// Production posture.
    Prod,
}

/// Side-effect policy in a given environment posture.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
#[serde(rename_all = "snake_case")]
pub enum EnvironmentSideEffects {
    /// Side effects may execute without an approval token.
    Allowed,
    /// Side effects may execute only with approval.
    ApprovalRequired,
    /// Side effects are denied.
    Denied,
}

/// Machine-readable lane feature availability.
#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct LaneFeatureSupport {
    /// Feature identifier.
    pub feature: LaneFeature,
    /// Targets on which the feature is available.
    pub supported_targets: Vec<ExecutionTarget>,
}

/// Shared policy-class definitions published with a capability document.
#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct PolicyClassDefinition {
    /// Stable policy-class identifier.
    pub id: PolicyClassId,
    /// Human-readable meaning of the class.
    pub description: String,
}

/// Replay defaults that matter for authoring and deployment checks.
#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct ReplayConstraints {
    /// Default replay posture for governed executions.
    pub default_mode: ReplaySupport,
    /// Default replay action quota.
    pub max_actions: u64,
    /// Default replay input-byte quota.
    pub max_input_bytes: u64,
}

/// Environment-level restrictions relevant to approval and deployment.
#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct EnvironmentRestriction {
    /// Environment posture.
    pub environment: RuntimeEnvironment,
    /// Side-effect policy in that posture.
    pub side_effects: EnvironmentSideEffects,
    /// Approval capability ids that become relevant in that posture.
    #[serde(default, skip_serializing_if = "Vec::is_empty")]
    pub required_approval_capabilities: Vec<String>,
}

/// One catalog entry in the runtime capability document.
#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct StageCatalogEntry {
    /// Stable key or key family.
    pub key: String,
    /// Whether the key is literal or parameterized.
    pub key_kind: StageKeyKind,
    /// Short operator-facing description.
    pub description: String,
    /// Targets the stage may appear on.
    pub supported_targets: Vec<ExecutionTarget>,
    /// Policy-class identifier for the stage.
    pub policy_class: PolicyClassId,
    /// Approval capability ids required when this stage executes under governed postures.
    #[serde(default, skip_serializing_if = "Vec::is_empty")]
    pub approval_capabilities: Vec<String>,
    /// Replay support for this stage family.
    pub replay_support: ReplaySupport,
    /// Environment postures where the stage may appear.
    pub environments: Vec<RuntimeEnvironment>,
}

/// Machine-readable runtime capability contract published by Enterprise runtimes.
#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
#[serde(rename_all = "camelCase")]
pub struct RuntimeCapabilityDocument {
    /// Capability schema version.
    pub schema_version: u32,
    /// Product or binary publishing the document.
    pub product: String,
    /// Top-level target support.
    pub supported_targets: Vec<ExecutionTarget>,
    /// LaneGraph feature availability.
    pub lane_features: Vec<LaneFeatureSupport>,
    /// Stage catalog entries the runtime understands.
    pub stage_catalog: Vec<StageCatalogEntry>,
    /// Shared policy-class definitions.
    pub policy_classes: Vec<PolicyClassDefinition>,
    /// Replay defaults visible to Cloud and operators.
    pub replay_constraints: ReplayConstraints,
    /// Environment restrictions visible to Cloud and operators.
    pub environment_restrictions: Vec<EnvironmentRestriction>,
}

/// Build a stable-key stage catalog entry.
pub fn stable_stage_catalog_entry(
    key: impl Into<String>,
    description: impl Into<String>,
    supported_targets: Vec<ExecutionTarget>,
    policy_class: PolicyClassId,
    replay_support: ReplaySupport,
    environments: Vec<RuntimeEnvironment>,
    approval_capabilities: Vec<String>,
) -> StageCatalogEntry {
    StageCatalogEntry {
        key: key.into(),
        key_kind: StageKeyKind::Stable,
        description: description.into(),
        supported_targets,
        policy_class,
        approval_capabilities,
        replay_support,
        environments,
    }
}

/// Build a parameterized-key stage catalog entry.
pub fn prefix_stage_catalog_entry(
    key: impl Into<String>,
    description: impl Into<String>,
    supported_targets: Vec<ExecutionTarget>,
    policy_class: PolicyClassId,
    replay_support: ReplaySupport,
    environments: Vec<RuntimeEnvironment>,
    approval_capabilities: Vec<String>,
) -> StageCatalogEntry {
    StageCatalogEntry {
        key: key.into(),
        key_kind: StageKeyKind::Prefix,
        description: description.into(),
        supported_targets,
        policy_class,
        approval_capabilities,
        replay_support,
        environments,
    }
}

/// Build a complete runtime capability document around a stage catalog.
pub fn runtime_capability_document(
    product: impl Into<String>,
    stage_catalog: Vec<StageCatalogEntry>,
) -> RuntimeCapabilityDocument {
    let replay_limits = byteor_policy::ReplayLimits::default();
    RuntimeCapabilityDocument {
        schema_version: CAPABILITY_SCHEMA_VERSION,
        product: product.into(),
        supported_targets: default_supported_targets(),
        lane_features: default_lane_feature_support(),
        stage_catalog,
        policy_classes: vec![
            PolicyClassDefinition {
                id: PolicyClassId::PureTransform,
                description: "Deterministic or pure transforms with no external side effects"
                    .to_string(),
            },
            PolicyClassDefinition {
                id: PolicyClassId::SideEffecting,
                description:
                    "Side-effecting execution that may require approval and replay gating"
                        .to_string(),
            },
        ],
        replay_constraints: ReplayConstraints {
            default_mode: ReplaySupport::DryRunOnly,
            max_actions: replay_limits.max_actions,
            max_input_bytes: replay_limits.max_input_bytes,
        },
        environment_restrictions: vec![
            EnvironmentRestriction {
                environment: RuntimeEnvironment::Dev,
                side_effects: EnvironmentSideEffects::Allowed,
                required_approval_capabilities: Vec::new(),
            },
            EnvironmentRestriction {
                environment: RuntimeEnvironment::Staging,
                side_effects: EnvironmentSideEffects::ApprovalRequired,
                required_approval_capabilities: vec!["execute_side_effects".to_string()],
            },
            EnvironmentRestriction {
                environment: RuntimeEnvironment::Prod,
                side_effects: EnvironmentSideEffects::ApprovalRequired,
                required_approval_capabilities: vec!["execute_side_effects".to_string()],
            },
        ],
    }
}

fn default_supported_targets() -> Vec<ExecutionTarget> {
    vec![ExecutionTarget::SingleRing, ExecutionTarget::LaneGraph]
}

fn default_lane_feature_support() -> Vec<LaneFeatureSupport> {
    let lane_graph_only = vec![ExecutionTarget::LaneGraph];
    vec![
        LaneFeatureSupport {
            feature: LaneFeature::Events,
            supported_targets: lane_graph_only.clone(),
        },
        LaneFeatureSupport {
            feature: LaneFeature::SequencedSlots,
            supported_targets: lane_graph_only.clone(),
        },
        LaneFeatureSupport {
            feature: LaneFeature::Journal,
            supported_targets: lane_graph_only.clone(),
        },
        LaneFeatureSupport {
            feature: LaneFeature::FanoutBroadcast,
            supported_targets: lane_graph_only,
        },
    ]
}