canic_host/deployment_truth/
model.rs

1use serde::{Deserialize, Serialize};
2
3///
4/// DeploymentPlanV1
5///
6#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
7pub struct DeploymentPlanV1 {
8    pub schema_version: u32,
9    pub plan_id: String,
10    pub deployment_identity: DeploymentIdentityV1,
11    pub trust_domain: TrustDomainV1,
12    pub fleet_template: String,
13    pub runtime_variant: String,
14    pub authority_profile: AuthorityProfileV1,
15    pub role_artifacts: Vec<RoleArtifactV1>,
16    pub expected_canisters: Vec<ExpectedCanisterV1>,
17    pub expected_pool: Vec<ExpectedPoolCanisterV1>,
18    pub expected_verifier_readiness: VerifierReadinessExpectationV1,
19    pub unresolved_assumptions: Vec<DeploymentAssumptionV1>,
20}
21
22///
23/// DeploymentInventoryV1
24///
25#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
26pub struct DeploymentInventoryV1 {
27    pub schema_version: u32,
28    pub inventory_id: String,
29    pub observed_at: String,
30    pub observed_identity: Option<DeploymentIdentityV1>,
31    pub local_config: LocalDeploymentConfigV1,
32    pub observed_canisters: Vec<ObservedCanisterV1>,
33    pub observed_pool: Vec<ObservedPoolCanisterV1>,
34    pub observed_artifacts: Vec<ObservedArtifactV1>,
35    pub observed_verifier_readiness: VerifierReadinessObservationV1,
36    pub unresolved_observations: Vec<DeploymentObservationGapV1>,
37}
38
39///
40/// DeploymentReceiptV1
41///
42#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
43pub struct DeploymentReceiptV1 {
44    pub schema_version: u32,
45    pub operation_id: String,
46    pub plan_id: String,
47    pub operation_status: DeploymentExecutionStatusV1,
48    pub started_at: String,
49    pub finished_at: Option<String>,
50    pub operator_principal: Option<String>,
51    pub root_principal: Option<String>,
52    pub previous_observed_deployment_epoch: Option<u64>,
53    pub phase_receipts: Vec<PhaseReceiptV1>,
54    pub role_phase_receipts: Vec<RolePhaseReceiptV1>,
55    pub final_inventory_id: Option<String>,
56    pub command_result: DeploymentCommandResultV1,
57}
58
59///
60/// AuthorityReceiptV1
61///
62#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
63pub struct AuthorityReceiptV1 {
64    pub schema_version: u32,
65    pub operation_id: String,
66    pub reconciliation_plan_id: String,
67    pub operation_status: DeploymentExecutionStatusV1,
68    pub started_at: String,
69    pub finished_at: Option<String>,
70    pub attempted_actions: Vec<AuthorityAttemptedActionV1>,
71    pub verified_controller_observations: Vec<AuthorityControllerObservationV1>,
72    pub unresolved_external_actions: Vec<AuthorityExternalActionV1>,
73    pub command_result: DeploymentCommandResultV1,
74}
75
76///
77/// AuthorityDryRunEvidenceV1
78///
79#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
80pub struct AuthorityDryRunEvidenceV1 {
81    pub schema_version: u32,
82    pub evidence_id: String,
83    pub check_id: String,
84    pub generated_at: String,
85    pub reconciliation_plan: AuthorityReconciliationPlanV1,
86    pub authority_report: AuthorityReportV1,
87    pub authority_receipt: AuthorityReceiptV1,
88}
89
90///
91/// AuthorityAttemptedActionV1
92///
93#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
94pub struct AuthorityAttemptedActionV1 {
95    pub subject: String,
96    pub canister_id: Option<String>,
97    pub role: Option<String>,
98    pub action: AuthorityActionV1,
99    pub result: RolePhaseResultV1,
100    pub error: Option<String>,
101}
102
103///
104/// AuthorityControllerObservationV1
105///
106#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
107pub struct AuthorityControllerObservationV1 {
108    pub subject: String,
109    pub canister_id: Option<String>,
110    pub role: Option<String>,
111    pub state: AuthorityReconciliationStateV1,
112    pub action: AuthorityActionV1,
113    pub observed_controllers: Vec<String>,
114    pub desired_controllers: Vec<String>,
115}
116
117///
118/// RoleArtifactManifestV1
119///
120#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
121pub struct RoleArtifactManifestV1 {
122    pub schema_version: u32,
123    pub manifest_id: String,
124    pub network: String,
125    pub artifact_root: Option<String>,
126    pub role_artifacts: Vec<RoleArtifactV1>,
127    pub unresolved_artifacts: Vec<DeploymentObservationGapV1>,
128}
129
130///
131/// DeploymentDiffV1
132///
133#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
134pub struct DeploymentDiffV1 {
135    pub schema_version: u32,
136    pub plan_identity: DeploymentIdentityV1,
137    pub observed_identity: Option<DeploymentIdentityV1>,
138    pub artifact_diff: Vec<DiffItemV1>,
139    pub controller_diff: Vec<DiffItemV1>,
140    pub pool_diff: Vec<DiffItemV1>,
141    pub embedded_config_diff: Vec<DiffItemV1>,
142    pub module_hash_diff: Vec<DiffItemV1>,
143    pub verifier_readiness_diff: Vec<DiffItemV1>,
144    pub resume_safety: ResumeSafetyV1,
145    pub hard_failures: Vec<SafetyFindingV1>,
146    pub warnings: Vec<SafetyFindingV1>,
147    pub resumable_phases: Vec<String>,
148}
149
150///
151/// SafetyReportV1
152///
153#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
154pub struct SafetyReportV1 {
155    pub schema_version: u32,
156    pub report_id: String,
157    pub diff_id: Option<String>,
158    pub status: SafetyStatusV1,
159    pub summary: String,
160    pub hard_failures: Vec<SafetyFindingV1>,
161    pub warnings: Vec<SafetyFindingV1>,
162    pub next_actions: Vec<String>,
163}
164
165///
166/// DeploymentCheckV1
167///
168#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
169pub struct DeploymentCheckV1 {
170    pub schema_version: u32,
171    pub check_id: String,
172    pub plan: DeploymentPlanV1,
173    pub inventory: DeploymentInventoryV1,
174    pub diff: DeploymentDiffV1,
175    pub report: SafetyReportV1,
176}
177
178///
179/// AuthorityReconciliationPlanV1
180///
181#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
182pub struct AuthorityReconciliationPlanV1 {
183    pub schema_version: u32,
184    pub plan_id: String,
185    pub inventory_id: String,
186    pub authority_profile_hash: Option<String>,
187    pub canister_actions: Vec<CanisterAuthorityActionV1>,
188    pub automatic_actions: Vec<AuthorityAutomaticActionV1>,
189    pub hard_failures: Vec<SafetyFindingV1>,
190    pub external_actions_required: Vec<AuthorityExternalActionV1>,
191}
192
193///
194/// AuthorityAutomaticActionV1
195///
196#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
197pub struct AuthorityAutomaticActionV1 {
198    pub subject: String,
199    pub canister_id: String,
200    pub role: Option<String>,
201    pub action: AuthorityActionV1,
202    pub observed_controllers: Vec<String>,
203    pub desired_controllers: Vec<String>,
204    pub reason: String,
205}
206
207///
208/// AuthorityReportV1
209///
210#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
211pub struct AuthorityReportV1 {
212    pub schema_version: u32,
213    pub report_id: String,
214    pub reconciliation_plan_id: String,
215    pub status: SafetyStatusV1,
216    pub summary: String,
217    pub counts: AuthorityReportCountsV1,
218    pub action_counts: Vec<AuthorityActionCountV1>,
219    pub control_class_counts: Vec<AuthorityControlClassCountV1>,
220    pub observation_gaps: Vec<DeploymentObservationGapV1>,
221    pub automatic_actions: Vec<AuthorityAutomaticActionV1>,
222    pub hard_failures: Vec<SafetyFindingV1>,
223    pub external_actions_required: Vec<AuthorityExternalActionV1>,
224    pub next_actions: Vec<String>,
225}
226
227///
228/// AuthorityActionCountV1
229///
230#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
231pub struct AuthorityActionCountV1 {
232    pub action: AuthorityActionV1,
233    pub count: usize,
234}
235
236///
237/// AuthorityControlClassCountV1
238///
239#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
240pub struct AuthorityControlClassCountV1 {
241    pub control_class: CanisterControlClassV1,
242    pub count: usize,
243}
244
245///
246/// AuthorityReportCountsV1
247///
248#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
249pub struct AuthorityReportCountsV1 {
250    pub already_correct: usize,
251    pub can_apply_automatically: usize,
252    pub requires_external_action: usize,
253    pub unsafe_blocked: usize,
254    pub unknown: usize,
255}
256
257///
258/// CanisterAuthorityActionV1
259///
260#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
261pub struct CanisterAuthorityActionV1 {
262    pub canister_id: Option<String>,
263    pub role: Option<String>,
264    pub control_classification: CanisterControlClassV1,
265    pub observed_controllers: Vec<String>,
266    pub desired_controllers: Vec<String>,
267    pub action: AuthorityActionV1,
268    pub state: AuthorityReconciliationStateV1,
269    pub can_apply: bool,
270    pub reason: String,
271}
272
273///
274/// AuthorityExternalActionV1
275///
276#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
277pub struct AuthorityExternalActionV1 {
278    pub subject: String,
279    pub canister_id: Option<String>,
280    pub role: Option<String>,
281    pub control_classification: CanisterControlClassV1,
282    pub state: AuthorityReconciliationStateV1,
283    pub action: AuthorityActionV1,
284    pub observed_controllers: Vec<String>,
285    pub desired_controllers: Vec<String>,
286    pub reason: String,
287}
288
289///
290/// AuthorityActionV1
291///
292#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
293pub enum AuthorityActionV1 {
294    None,
295    AddControllers,
296    RemoveControllers,
297    ReplaceControllerSet,
298    RequiresExternalController,
299    RequiresDestructiveImportConfirmation,
300    ObserveOnly,
301    AdoptPlanAvailable,
302    BlockedByPolicy,
303    UnknownObservation,
304}
305
306///
307/// AuthorityReconciliationStateV1
308///
309#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
310pub enum AuthorityReconciliationStateV1 {
311    AlreadyCorrect,
312    CanApplyAutomatically,
313    RequiresExternalAction,
314    UnsafeBlocked,
315    Unknown,
316}
317
318///
319/// DeploymentIdentityV1
320///
321#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
322pub struct DeploymentIdentityV1 {
323    pub deployment_name: String,
324    pub network: String,
325    pub root_principal: Option<String>,
326    pub authority_profile_hash: Option<String>,
327    pub role_topology_hash: Option<String>,
328    pub deployment_manifest_digest: Option<String>,
329    pub canonical_runtime_config_digest: Option<String>,
330    pub role_embedded_config_set_digest: Option<String>,
331    pub artifact_set_digest: Option<String>,
332    pub pool_identity_set_digest: Option<String>,
333    pub canic_version: Option<String>,
334    pub ic_memory_version: Option<String>,
335}
336
337///
338/// TrustDomainV1
339///
340#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
341pub struct TrustDomainV1 {
342    pub root_trust_anchor: Option<String>,
343    pub migration_from: Option<String>,
344}
345
346///
347/// AuthorityProfileV1
348///
349#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
350pub struct AuthorityProfileV1 {
351    pub profile_id: String,
352    pub expected_controllers: Vec<String>,
353    pub staging_controllers: Vec<String>,
354    pub emergency_controllers: Vec<String>,
355}
356
357///
358/// RoleArtifactV1
359///
360#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
361pub struct RoleArtifactV1 {
362    pub role: String,
363    pub source: ArtifactSourceV1,
364    pub build_profile: String,
365    pub wasm_path: Option<String>,
366    pub wasm_gz_path: Option<String>,
367    pub wasm_gz_size_bytes: Option<u64>,
368    pub wasm_sha256: Option<String>,
369    pub wasm_gz_sha256: Option<String>,
370    pub wasm_gz_sha256_source: Option<ArtifactDigestSourceV1>,
371    pub observed_wasm_gz_file_sha256: Option<String>,
372    pub observed_wasm_gz_file_sha256_source: Option<ArtifactDigestSourceV1>,
373    pub installed_module_hash: Option<String>,
374    pub candid_path: Option<String>,
375    pub candid_sha256: Option<String>,
376    pub raw_config_sha256: Option<String>,
377    pub canonical_embedded_config_sha256: Option<String>,
378    pub embedded_topology_sha256: Option<String>,
379    pub builder_version: Option<String>,
380    pub rust_toolchain: Option<String>,
381    pub package_version: Option<String>,
382}
383
384///
385/// ArtifactDigestSourceV1
386///
387#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
388pub enum ArtifactDigestSourceV1 {
389    ReleaseSetManifest,
390    ObservedFileDigest,
391    InstalledModuleHash,
392}
393
394///
395/// ArtifactSourceV1
396///
397#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
398pub enum ArtifactSourceV1 {
399    LocalBuild,
400    ReleaseSet,
401    WasmStore,
402    External,
403    Unknown,
404}
405
406///
407/// ExpectedCanisterV1
408///
409#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
410pub struct ExpectedCanisterV1 {
411    pub role: String,
412    pub canister_id: Option<String>,
413    pub control_class: CanisterControlClassV1,
414}
415
416///
417/// ObservedCanisterV1
418///
419#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
420pub struct ObservedCanisterV1 {
421    pub canister_id: String,
422    pub role: Option<String>,
423    pub control_class: CanisterControlClassV1,
424    pub controllers: Vec<String>,
425    pub module_hash: Option<String>,
426    pub status: Option<String>,
427    pub root_trust_anchor: Option<String>,
428    pub canonical_embedded_config_digest: Option<String>,
429    pub role_assignment_source: Option<String>,
430}
431
432///
433/// CanisterControlClassV1
434///
435#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
436pub enum CanisterControlClassV1 {
437    DeploymentControlled,
438    CanicManagedPool,
439    ExternallyImported,
440    JointlyControlled,
441    UserControlled,
442    UnknownUnsafe,
443}
444
445///
446/// ExpectedPoolCanisterV1
447///
448#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
449pub struct ExpectedPoolCanisterV1 {
450    pub pool: String,
451    pub canister_id: Option<String>,
452    pub role: Option<String>,
453}
454
455///
456/// ObservedPoolCanisterV1
457///
458#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
459pub struct ObservedPoolCanisterV1 {
460    pub pool: String,
461    pub canister_id: String,
462    pub role: Option<String>,
463    pub control_class: CanisterControlClassV1,
464}
465
466///
467/// LocalDeploymentConfigV1
468///
469#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
470pub struct LocalDeploymentConfigV1 {
471    pub config_path: Option<String>,
472    pub raw_config_sha256: Option<String>,
473    pub canonical_embedded_config_sha256: Option<String>,
474}
475
476///
477/// ObservedArtifactV1
478///
479#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
480pub struct ObservedArtifactV1 {
481    pub role: String,
482    pub artifact_path: String,
483    pub file_sha256: Option<String>,
484    pub file_sha256_source: Option<ArtifactDigestSourceV1>,
485    pub payload_sha256: Option<String>,
486    pub payload_size_bytes: Option<u64>,
487    pub source: ArtifactSourceV1,
488}
489
490///
491/// VerifierReadinessExpectationV1
492///
493#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
494pub struct VerifierReadinessExpectationV1 {
495    pub required: bool,
496    pub expected_role_epochs: Vec<RoleEpochExpectationV1>,
497}
498
499///
500/// VerifierReadinessObservationV1
501///
502#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
503pub struct VerifierReadinessObservationV1 {
504    pub status: ObservationStatusV1,
505    pub role_epochs: Vec<RoleEpochObservationV1>,
506}
507
508///
509/// RoleEpochExpectationV1
510///
511#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
512pub struct RoleEpochExpectationV1 {
513    pub role: String,
514    pub minimum_epoch: u64,
515}
516
517///
518/// RoleEpochObservationV1
519///
520#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
521pub struct RoleEpochObservationV1 {
522    pub role: String,
523    pub observed_epoch: Option<u64>,
524    pub status: ObservationStatusV1,
525}
526
527///
528/// DeploymentAssumptionV1
529///
530#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
531pub struct DeploymentAssumptionV1 {
532    pub key: String,
533    pub description: String,
534}
535
536///
537/// DeploymentObservationGapV1
538///
539#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
540pub struct DeploymentObservationGapV1 {
541    pub key: String,
542    pub description: String,
543}
544
545///
546/// PhaseReceiptV1
547///
548#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
549pub struct PhaseReceiptV1 {
550    pub phase: String,
551    pub started_at: String,
552    pub finished_at: Option<String>,
553    pub attempted_action: String,
554    pub verified_postcondition: VerifiedPostconditionV1,
555}
556
557///
558/// VerifiedPostconditionV1
559///
560#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
561pub struct VerifiedPostconditionV1 {
562    pub status: ObservationStatusV1,
563    pub evidence: Vec<String>,
564}
565
566///
567/// DeploymentExecutionStatusV1
568///
569#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
570pub enum DeploymentExecutionStatusV1 {
571    NotStarted,
572    InProgress,
573    FailedBeforeMutation,
574    PartiallyApplied,
575    FailedAfterMutation,
576    Complete,
577}
578
579///
580/// DeploymentCommandResultV1
581///
582#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
583pub enum DeploymentCommandResultV1 {
584    NotFinished,
585    Succeeded,
586    Failed { code: String, message: String },
587}
588
589///
590/// RolePhaseReceiptV1
591///
592#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
593pub struct RolePhaseReceiptV1 {
594    pub role: String,
595    pub phase: String,
596    pub result: RolePhaseResultV1,
597    pub previous_module_hash: Option<String>,
598    pub target_module_hash: Option<String>,
599    pub observed_module_hash_after: Option<String>,
600    pub artifact_digest: Option<String>,
601    pub canonical_embedded_config_sha256: Option<String>,
602    pub error: Option<String>,
603}
604
605///
606/// RolePhaseResultV1
607///
608#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
609pub enum RolePhaseResultV1 {
610    Applied,
611    Failed,
612    Skipped,
613    NotAttempted,
614    VerifiedAlreadyApplied,
615}
616
617///
618/// DiffItemV1
619///
620#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
621pub struct DiffItemV1 {
622    pub category: String,
623    pub subject: String,
624    pub expected: Option<String>,
625    pub observed: Option<String>,
626    pub severity: SafetySeverityV1,
627}
628
629///
630/// ResumeSafetyV1
631///
632#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
633pub struct ResumeSafetyV1 {
634    pub status: SafetyStatusV1,
635    pub reasons: Vec<String>,
636}
637
638///
639/// SafetyFindingV1
640///
641#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
642pub struct SafetyFindingV1 {
643    pub code: String,
644    pub message: String,
645    pub severity: SafetySeverityV1,
646    pub subject: Option<String>,
647}
648
649///
650/// SafetyStatusV1
651///
652#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
653pub enum SafetyStatusV1 {
654    NotEvaluated,
655    Safe,
656    Warning,
657    Blocked,
658}
659
660///
661/// SafetySeverityV1
662///
663#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
664pub enum SafetySeverityV1 {
665    Info,
666    Warning,
667    HardFailure,
668}
669
670///
671/// ObservationStatusV1
672///
673#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
674pub enum ObservationStatusV1 {
675    NotObserved,
676    Observed,
677    Missing,
678    Inconclusive,
679}
canic_host/deployment_truth/model.rs

canic_host/deployment_truth/
model.rs
