1use serde::{Deserialize, Serialize};
2
3#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
7pub struct DeploymentPlanV1 {
8 pub schema_version: u32,
9 pub plan_id: String,
10 pub deployment_identity: DeploymentIdentityV1,
11 pub trust_domain: TrustDomainV1,
12 pub fleet_template: String,
13 pub runtime_variant: String,
14 pub authority_profile: AuthorityProfileV1,
15 pub role_artifacts: Vec<RoleArtifactV1>,
16 pub expected_canisters: Vec<ExpectedCanisterV1>,
17 pub expected_pool: Vec<ExpectedPoolCanisterV1>,
18 pub expected_verifier_readiness: VerifierReadinessExpectationV1,
19 pub unresolved_assumptions: Vec<DeploymentAssumptionV1>,
20}
21
22#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
26pub struct DeploymentInventoryV1 {
27 pub schema_version: u32,
28 pub inventory_id: String,
29 pub observed_at: String,
30 pub observed_identity: Option<DeploymentIdentityV1>,
31 pub local_config: LocalDeploymentConfigV1,
32 pub observed_canisters: Vec<ObservedCanisterV1>,
33 pub observed_pool: Vec<ObservedPoolCanisterV1>,
34 pub observed_artifacts: Vec<ObservedArtifactV1>,
35 pub observed_verifier_readiness: VerifierReadinessObservationV1,
36 pub unresolved_observations: Vec<DeploymentObservationGapV1>,
37}
38
39#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
43pub struct DeploymentReceiptV1 {
44 pub schema_version: u32,
45 pub operation_id: String,
46 pub plan_id: String,
47 pub execution_context: Option<DeploymentExecutionContextV1>,
48 pub operation_status: DeploymentExecutionStatusV1,
49 pub started_at: String,
50 pub finished_at: Option<String>,
51 pub operator_principal: Option<String>,
52 pub root_principal: Option<String>,
53 pub previous_observed_deployment_epoch: Option<u64>,
54 pub phase_receipts: Vec<PhaseReceiptV1>,
55 pub role_phase_receipts: Vec<RolePhaseReceiptV1>,
56 pub final_inventory_id: Option<String>,
57 pub command_result: DeploymentCommandResultV1,
58}
59
60#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
64pub struct DeploymentExecutionContextV1 {
65 pub workspace_root: Option<String>,
66 pub icp_root: Option<String>,
67 pub artifact_roots: Vec<String>,
68 pub backend: DeploymentExecutorBackendV1,
69 pub backend_capabilities: Vec<DeploymentExecutorCapabilityV1>,
70}
71
72#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
76pub struct DeploymentExecutionPreflightV1 {
77 pub schema_version: u32,
78 pub plan_id: String,
79 pub safety_report_id: String,
80 pub authority_plan_id: String,
81 pub backend: DeploymentExecutorBackendV1,
82 pub status: DeploymentExecutionPreflightStatusV1,
83 pub planned_phases: Vec<String>,
84 pub required_capabilities: Vec<DeploymentExecutorCapabilityV1>,
85 pub missing_capabilities: Vec<DeploymentExecutorCapabilityV1>,
86 pub blockers: Vec<SafetyFindingV1>,
87}
88
89#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
93pub enum DeploymentExecutionPreflightStatusV1 {
94 Ready,
95 Blocked,
96}
97
98#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
102pub enum DeploymentExecutorBackendV1 {
103 CurrentCli,
104 PocketIc,
105 DirectAgent,
106 Other { name: String },
107}
108
109#[derive(Clone, Copy, Debug, Deserialize, Eq, Ord, PartialEq, PartialOrd, Serialize)]
113pub enum DeploymentExecutorCapabilityV1 {
114 CreateCanister,
115 CanisterStatus,
116 UpdateSettings,
117 InstallCode,
118 Call,
119 Query,
120 StageArtifact,
121}
122
123#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
127pub enum ArtifactTransportV1 {
128 LocalCli,
129 WasmStore,
130 DirectAgent,
131}
132
133#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
137pub struct StagingReceiptV1 {
138 pub schema_version: u32,
139 pub role: String,
140 pub artifact_identity: String,
141 pub transport: ArtifactTransportV1,
142 pub wasm_store_locator: Option<String>,
143 pub prepared_chunk_hashes: Vec<String>,
144 pub published_chunk_count: usize,
145 pub verified_postcondition: VerifiedPostconditionV1,
146}
147
148#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
152pub struct RoleArtifactSourceV1 {
153 pub role: String,
154 pub kind: RoleArtifactSourceKindV1,
155 pub locator: Option<String>,
156 pub previous_receipt_kind: Option<PreviousArtifactReceiptKindV1>,
157 pub previous_receipt_lineage_digest: Option<String>,
158 pub expected_wasm_sha256: Option<String>,
159 pub expected_wasm_gz_sha256: Option<String>,
160 pub expected_candid_sha256: Option<String>,
161 pub expected_canonical_embedded_config_sha256: Option<String>,
162}
163
164#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
168pub struct RolePromotionInputV1 {
169 pub role: String,
170 pub promotion_level: PromotionArtifactLevelV1,
171 pub source: RoleArtifactSourceV1,
172 pub require_byte_identical_wasm: bool,
173 pub require_target_embedded_config: bool,
174 pub target_store_has_artifact: Option<bool>,
175}
176
177#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
181pub struct RolePromotionPolicyV1 {
182 pub role: String,
183 pub allowed_promotion_levels: Vec<PromotionArtifactLevelV1>,
184 pub requirements: Vec<PromotionPolicyRequirementV1>,
185}
186
187#[derive(Clone, Copy, Debug, Deserialize, Eq, Ord, PartialEq, PartialOrd, Serialize)]
191pub enum PromotionPolicyRequirementV1 {
192 SameSourceRevision,
193 SameCargoFeatures,
194 TargetConfigDigest,
195 ByteIdenticalWasm,
196 SealedBytes,
197}
198
199#[derive(Clone, Copy, Debug, Deserialize, Eq, Ord, PartialEq, PartialOrd, Serialize)]
203pub enum PromotionPolicyClaimV1 {
204 ByteIdenticalWasm,
205 TargetConfigDigest,
206}
207
208#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
212pub struct PromotionPolicyCheckV1 {
213 pub schema_version: u32,
214 pub check_id: String,
215 pub status: PromotionReadinessStatusV1,
216 pub roles: Vec<RolePromotionPolicyDecisionV1>,
217 pub blockers: Vec<SafetyFindingV1>,
218}
219
220#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
224pub struct RolePromotionPolicyDecisionV1 {
225 pub role: String,
226 pub requested_promotion_level: PromotionArtifactLevelV1,
227 pub allowed_promotion_levels: Vec<PromotionArtifactLevelV1>,
228 pub requirements: Vec<PromotionPolicyRequirementV1>,
229 pub claims: Vec<PromotionPolicyClaimV1>,
230 pub level_allowed: bool,
231 pub policy_satisfied: bool,
232}
233
234#[derive(Clone, Copy, Debug, Deserialize, Eq, Ord, PartialEq, PartialOrd, Serialize)]
238pub enum PromotionArtifactLevelV1 {
239 SealedWasm,
240 SourceBuild,
241}
242
243#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
247pub struct BuildRecipeIdentityV1 {
248 pub recipe_id: String,
249 pub source_kind: RoleArtifactSourceKindV1,
250 pub source_revision: String,
251 pub source_tree_clean: bool,
252 pub package_or_role_selector: String,
253 pub cargo_profile: String,
254 pub cargo_features_digest: String,
255 pub cargo_lock_digest: String,
256 pub rust_toolchain: String,
257 pub builder_version: String,
258 pub target_triple: String,
259 pub linker_identity: String,
260 pub deterministic_build_mode: String,
261 pub wasm_opt_version: String,
262 pub compression_identity: String,
263}
264
265#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
269pub struct BuildMaterializationInputV1 {
270 pub materialization_input_id: String,
271 pub build_recipe_id: String,
272 pub canonical_embedded_config_sha256: String,
273 pub network: String,
274 pub root_trust_anchor: String,
275 pub runtime_variant: String,
276}
277
278#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
282pub struct BuildMaterializationResultV1 {
283 pub materialization_result_id: String,
284 pub build_recipe_id: String,
285 pub materialization_input_digest: String,
286 pub wasm_sha256: String,
287 pub wasm_gz_sha256: String,
288 pub installed_module_hash: String,
289 pub candid_sha256: String,
290}
291
292#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
296pub struct BuildMaterializationEvidenceV1 {
297 pub schema_version: u32,
298 pub evidence_id: String,
299 pub recipe: BuildRecipeIdentityV1,
300 pub materialization_input: BuildMaterializationInputV1,
301 pub materialization_result: BuildMaterializationResultV1,
302 pub computed_materialization_input_digest: String,
303 pub recipe_id_matches_input: bool,
304 pub recipe_id_matches_result: bool,
305 pub materialization_input_digest_matches_result: bool,
306}
307
308#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
312pub struct PromotionMaterializationIdentityReportV1 {
313 pub schema_version: u32,
314 pub report_id: String,
315 pub status: PromotionReadinessStatusV1,
316 pub roles: Vec<RolePromotionMaterializationIdentityV1>,
317 pub output_groups: Vec<PromotionMaterializationOutputGroupV1>,
318 pub blockers: Vec<SafetyFindingV1>,
319}
320
321#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
325pub struct RolePromotionMaterializationIdentityV1 {
326 pub role: String,
327 pub evidence_id: String,
328 pub recipe_id: String,
329 pub materialization_input_id: String,
330 pub materialization_result_id: String,
331 pub materialization_input_digest: String,
332 pub canonical_embedded_config_sha256: String,
333 pub network: String,
334 pub root_trust_anchor: String,
335 pub runtime_variant: String,
336 pub wasm_sha256: String,
337 pub wasm_gz_sha256: String,
338 pub installed_module_hash: String,
339 pub candid_sha256: String,
340}
341
342#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
346pub struct PromotionMaterializationOutputGroupV1 {
347 pub output_identity_key: String,
348 pub roles: Vec<String>,
349 pub wasm_sha256: String,
350 pub wasm_gz_sha256: String,
351 pub installed_module_hash: String,
352 pub candid_sha256: String,
353}
354
355#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
359pub struct PromotionArtifactIdentityReportV1 {
360 pub schema_version: u32,
361 pub report_id: String,
362 pub status: PromotionReadinessStatusV1,
363 pub summary: PromotionArtifactIdentitySummaryV1,
364 pub roles: Vec<RolePromotionArtifactIdentityV1>,
365 pub identity_groups: Vec<PromotionArtifactIdentityGroupV1>,
366 pub blockers: Vec<SafetyFindingV1>,
367}
368
369#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
373pub struct PromotionArtifactIdentitySummaryV1 {
374 pub role_count: usize,
375 pub identity_group_count: usize,
376 pub shared_identity_group_count: usize,
377 pub digest_pinned_role_count: usize,
378 pub source_build_role_count: usize,
379 pub deferred_identity_role_count: usize,
380}
381
382#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
386pub struct PromotionWasmStoreIdentityReportV1 {
387 pub schema_version: u32,
388 pub report_id: String,
389 pub status: PromotionReadinessStatusV1,
390 pub roles: Vec<RolePromotionWasmStoreIdentityV1>,
391 pub blockers: Vec<SafetyFindingV1>,
392}
393
394#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
398pub struct RolePromotionWasmStoreIdentityV1 {
399 pub role: String,
400 pub artifact_identity: String,
401 pub transport: ArtifactTransportV1,
402 pub wasm_store_locator: Option<String>,
403 pub prepared_chunk_hashes: Vec<String>,
404 pub published_chunk_count: usize,
405 pub verified_postcondition: VerifiedPostconditionV1,
406}
407
408#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
412pub struct PromotionWasmStoreCatalogEntryV1 {
413 pub locator: String,
414 pub artifact_identity: String,
415 pub published_chunk_count: usize,
416}
417
418#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
422pub struct PromotionWasmStoreCatalogVerificationV1 {
423 pub schema_version: u32,
424 pub verification_id: String,
425 pub wasm_store_identity_report_id: String,
426 pub status: PromotionReadinessStatusV1,
427 pub roles: Vec<RolePromotionWasmStoreCatalogVerificationV1>,
428 pub blockers: Vec<SafetyFindingV1>,
429}
430
431#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
435pub struct RolePromotionWasmStoreCatalogVerificationV1 {
436 pub role: String,
437 pub wasm_store_locator: String,
438 pub expected_artifact_identity: String,
439 pub observed_artifact_identity: Option<String>,
440 pub expected_published_chunk_count: usize,
441 pub observed_published_chunk_count: Option<usize>,
442 pub catalog_entry_present: bool,
443 pub catalog_matches: bool,
444 pub catalog_observation_digest: String,
445}
446
447#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
451pub struct PromotionArtifactIdentityGroupV1 {
452 pub identity_key: String,
453 pub identity_kind: PromotionArtifactIdentityKindV1,
454 pub roles: Vec<String>,
455 pub source_kinds: Vec<RoleArtifactSourceKindV1>,
456 pub source_locators: Vec<String>,
457 pub digest_pinned: bool,
458 pub wasm_sha256: Option<String>,
459 pub wasm_gz_sha256: Option<String>,
460 pub candid_sha256: Option<String>,
461 pub canonical_embedded_config_sha256: Option<String>,
462}
463
464#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
468pub struct RolePromotionArtifactIdentityV1 {
469 pub role: String,
470 pub promotion_level: PromotionArtifactLevelV1,
471 pub source_kind: RoleArtifactSourceKindV1,
472 pub source_locator: Option<String>,
473 pub identity_kind: PromotionArtifactIdentityKindV1,
474 pub digest_pinned: bool,
475 pub wasm_sha256: Option<String>,
476 pub wasm_gz_sha256: Option<String>,
477 pub candid_sha256: Option<String>,
478 pub canonical_embedded_config_sha256: Option<String>,
479}
480
481#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
485pub enum PromotionArtifactIdentityKindV1 {
486 SealedWasm,
487 SealedCompressedWasm,
488 SealedWasmAndCompressedWasm,
489 SourceBuild,
490 Deferred,
491}
492
493#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
497pub struct PromotionReadinessV1 {
498 pub schema_version: u32,
499 pub readiness_id: String,
500 pub target_plan_id: String,
501 pub status: PromotionReadinessStatusV1,
502 pub roles: Vec<RolePromotionReadinessV1>,
503 pub blockers: Vec<SafetyFindingV1>,
504 pub warnings: Vec<SafetyFindingV1>,
505}
506
507#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
511pub struct PromotionPlanTransformV1 {
512 pub schema_version: u32,
513 pub transform_id: String,
514 pub target_plan_id: String,
515 pub promoted_plan_id: String,
516 pub promotion_plan_lineage_digest: String,
517 pub promoted_plan: DeploymentPlanV1,
518 pub roles: Vec<RolePromotionPlanTransformV1>,
519}
520
521#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
525pub struct ArtifactPromotionPlanV1 {
526 pub schema_version: u32,
527 pub plan_id: String,
528 pub generated_at: String,
529 pub status: PromotionReadinessStatusV1,
530 pub target_plan_id: String,
531 pub promoted_plan_id: String,
532 pub promotion_plan_lineage_digest: String,
533 pub readiness: PromotionReadinessV1,
534 pub artifact_identity_report: PromotionArtifactIdentityReportV1,
535 pub transform: PromotionPlanTransformV1,
536 pub target_execution_lineage: Option<PromotionTargetExecutionLineageV1>,
537 pub blockers: Vec<SafetyFindingV1>,
538}
539
540#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
544pub struct ArtifactPromotionProvenanceReportV1 {
545 pub schema_version: u32,
546 pub report_id: String,
547 pub status: PromotionReadinessStatusV1,
548 pub artifact_promotion_plan_id: String,
549 pub target_plan_id: String,
550 pub promoted_plan_id: String,
551 pub promotion_plan_lineage_digest: String,
552 pub provenance_report_digest: String,
553 pub readiness_id: String,
554 pub artifact_identity_report_id: String,
555 pub transform_id: String,
556 pub target_execution_lineage_id: Option<String>,
557 pub wasm_store_identity_report_id: Option<String>,
558 pub wasm_store_catalog_verification_id: Option<String>,
559 pub materialization_identity_report_id: Option<String>,
560 pub execution_attempted: bool,
561 pub roles: Vec<RolePromotionProvenanceV1>,
562 pub blockers: Vec<SafetyFindingV1>,
563}
564
565#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
569pub struct ArtifactPromotionExecutionReceiptV1 {
570 pub schema_version: u32,
571 pub receipt_id: String,
572 pub artifact_promotion_plan_id: String,
573 pub provenance_report_id: String,
574 pub provenance_status: PromotionReadinessStatusV1,
575 pub promoted_plan_id: String,
576 pub promotion_plan_lineage_digest: String,
577 pub operation_id: String,
578 pub operation_status: DeploymentExecutionStatusV1,
579 pub command_result: DeploymentCommandResultV1,
580 pub started_at: String,
581 pub finished_at: Option<String>,
582 pub deployment_receipt: DeploymentReceiptV1,
583 pub roles: Vec<RolePromotionExecutionReceiptV1>,
584}
585
586#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
590pub struct RolePromotionExecutionReceiptV1 {
591 pub role: String,
592 pub promotion_level: PromotionArtifactLevelV1,
593 pub materialization_evidence_id: Option<String>,
594 pub wasm_store_locator: Option<String>,
595 pub wasm_store_catalog_observation_digest: Option<String>,
596 pub role_phase_result: Option<RolePhaseResultV1>,
597 pub artifact_digest: Option<String>,
598 pub observed_module_hash_after: Option<String>,
599 pub canonical_embedded_config_sha256: Option<String>,
600}
601
602#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
606pub struct RolePromotionProvenanceV1 {
607 pub role: String,
608 pub promotion_level: PromotionArtifactLevelV1,
609 pub source_kind: RoleArtifactSourceKindV1,
610 pub artifact_identity_changed: bool,
611 pub embedded_config_changed: bool,
612 pub target_materialization_preserved: bool,
613 pub materialization_evidence_id: Option<String>,
614 pub wasm_store_locator: Option<String>,
615 pub wasm_store_catalog_observation_digest: Option<String>,
616}
617
618#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
622pub struct PromotionPlanTransformEvidenceV1 {
623 pub schema_version: u32,
624 pub evidence_id: String,
625 pub generated_at: String,
626 pub transform: PromotionPlanTransformV1,
627}
628
629#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
633pub struct PromotionTargetExecutionLineageV1 {
634 pub schema_version: u32,
635 pub lineage_id: String,
636 pub generated_at: String,
637 pub target_execution_lineage_digest: String,
638 pub transform: PromotionPlanTransformV1,
639 pub execution_preflight: DeploymentExecutionPreflightV1,
640 pub execution_attempted: bool,
641}
642
643#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
647pub struct RolePromotionPlanTransformV1 {
648 pub role: String,
649 pub promotion_level: PromotionArtifactLevelV1,
650 pub source_kind: RoleArtifactSourceKindV1,
651 pub source_locator: Option<String>,
652 pub artifact_source_before: ArtifactSourceV1,
653 pub artifact_source_after: ArtifactSourceV1,
654 pub wasm_sha256_before: Option<String>,
655 pub wasm_sha256_after: Option<String>,
656 pub wasm_gz_sha256_before: Option<String>,
657 pub wasm_gz_sha256_after: Option<String>,
658 pub candid_sha256_before: Option<String>,
659 pub candid_sha256_after: Option<String>,
660 pub canonical_embedded_config_sha256_before: Option<String>,
661 pub canonical_embedded_config_sha256_after: Option<String>,
662 pub artifact_identity_changed: bool,
663 pub embedded_config_changed: bool,
664 pub target_materialization_preserved: bool,
665 pub source_build_materialization: Option<RolePromotionMaterializationLinkV1>,
666}
667
668#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
672pub struct RolePromotionMaterializationLinkV1 {
673 pub role: String,
674 pub evidence_id: String,
675 pub recipe_id: String,
676 pub materialization_input_id: String,
677 pub materialization_result_id: String,
678 pub materialization_input_digest: String,
679 pub wasm_sha256: String,
680 pub wasm_gz_sha256: String,
681 pub installed_module_hash: String,
682 pub candid_sha256: String,
683}
684
685#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
689pub enum PromotionReadinessStatusV1 {
690 Ready,
691 Blocked,
692}
693
694#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
698pub struct RolePromotionReadinessV1 {
699 pub role: String,
700 pub promotion_level: PromotionArtifactLevelV1,
701 pub source_kind: RoleArtifactSourceKindV1,
702 pub source_locator: Option<String>,
703 pub source_wasm_sha256: Option<String>,
704 pub source_wasm_gz_sha256: Option<String>,
705 pub target_wasm_sha256: Option<String>,
706 pub target_wasm_gz_sha256: Option<String>,
707 pub source_canonical_embedded_config_sha256: Option<String>,
708 pub target_canonical_embedded_config_sha256: Option<String>,
709 pub byte_identical_wasm: Option<bool>,
710 pub embedded_config_identical: Option<bool>,
711 pub target_store_has_artifact: Option<bool>,
712 pub restage_required: bool,
713}
714
715#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
719pub enum RoleArtifactSourceKindV1 {
720 WorkspacePackage,
721 PublishedPackage,
722 LocalWasm,
723 LocalWasmGz,
724 PreviousReceiptArtifact,
725 CanonicalWasmStoreDefault,
726}
727
728#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
732pub enum PreviousArtifactReceiptKindV1 {
733 DeploymentReceipt,
734 StagingReceipt,
735}
736
737#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
741pub struct AuthorityReceiptV1 {
742 pub schema_version: u32,
743 pub operation_id: String,
744 pub check_id: Option<String>,
745 pub reconciliation_plan_id: String,
746 pub authority_report_id: String,
747 pub inventory_id: String,
748 pub authority_profile_hash: Option<String>,
749 pub operation_status: DeploymentExecutionStatusV1,
750 pub started_at: String,
751 pub finished_at: Option<String>,
752 pub attempted_actions: Vec<AuthorityAttemptedActionV1>,
753 pub verified_controller_observations: Vec<AuthorityControllerObservationV1>,
754 pub hard_failures: Vec<SafetyFindingV1>,
755 pub unresolved_observation_gaps: Vec<DeploymentObservationGapV1>,
756 pub unresolved_external_actions: Vec<AuthorityExternalActionV1>,
757 pub command_result: DeploymentCommandResultV1,
758}
759
760#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
764pub struct AuthorityDryRunEvidenceV1 {
765 pub schema_version: u32,
766 pub evidence_id: String,
767 pub check_id: String,
768 pub generated_at: String,
769 pub reconciliation_plan: AuthorityReconciliationPlanV1,
770 pub authority_report: AuthorityReportV1,
771 pub authority_receipt: AuthorityReceiptV1,
772}
773
774#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
778pub struct AuthorityAttemptedActionV1 {
779 pub subject: String,
780 pub canister_id: Option<String>,
781 pub role: Option<String>,
782 pub action: AuthorityActionV1,
783 pub result: RolePhaseResultV1,
784 pub error: Option<String>,
785}
786
787#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
791pub struct AuthorityControllerObservationV1 {
792 pub subject: String,
793 pub canister_id: Option<String>,
794 pub role: Option<String>,
795 pub state: AuthorityReconciliationStateV1,
796 pub action: AuthorityActionV1,
797 pub observed_controllers: Vec<String>,
798 pub desired_controllers: Vec<String>,
799 pub controller_delta: AuthorityControllerDeltaV1,
800}
801
802#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
806pub struct RoleArtifactManifestV1 {
807 pub schema_version: u32,
808 pub manifest_id: String,
809 pub network: String,
810 pub artifact_root: Option<String>,
811 pub role_artifacts: Vec<RoleArtifactV1>,
812 pub unresolved_artifacts: Vec<DeploymentObservationGapV1>,
813}
814
815#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
819pub struct DeploymentDiffV1 {
820 pub schema_version: u32,
821 pub plan_identity: DeploymentIdentityV1,
822 pub observed_identity: Option<DeploymentIdentityV1>,
823 pub artifact_diff: Vec<DiffItemV1>,
824 pub controller_diff: Vec<DiffItemV1>,
825 pub pool_diff: Vec<DiffItemV1>,
826 pub embedded_config_diff: Vec<DiffItemV1>,
827 pub module_hash_diff: Vec<DiffItemV1>,
828 pub verifier_readiness_diff: Vec<DiffItemV1>,
829 pub resume_safety: ResumeSafetyV1,
830 pub hard_failures: Vec<SafetyFindingV1>,
831 pub warnings: Vec<SafetyFindingV1>,
832 pub resumable_phases: Vec<String>,
833}
834
835#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
839pub struct SafetyReportV1 {
840 pub schema_version: u32,
841 pub report_id: String,
842 pub diff_id: Option<String>,
843 pub status: SafetyStatusV1,
844 pub summary: String,
845 pub hard_failures: Vec<SafetyFindingV1>,
846 pub warnings: Vec<SafetyFindingV1>,
847 pub next_actions: Vec<String>,
848}
849
850#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
854pub struct DeploymentCheckV1 {
855 pub schema_version: u32,
856 pub check_id: String,
857 pub plan: DeploymentPlanV1,
858 pub inventory: DeploymentInventoryV1,
859 pub diff: DeploymentDiffV1,
860 pub report: SafetyReportV1,
861}
862
863#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
867pub struct AuthorityReconciliationPlanV1 {
868 pub schema_version: u32,
869 pub plan_id: String,
870 pub inventory_id: String,
871 pub authority_profile_hash: Option<String>,
872 pub canister_actions: Vec<CanisterAuthorityActionV1>,
873 pub automatic_actions: Vec<AuthorityAutomaticActionV1>,
874 pub hard_failures: Vec<SafetyFindingV1>,
875 pub external_actions_required: Vec<AuthorityExternalActionV1>,
876}
877
878#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
882pub struct AuthorityAutomaticActionV1 {
883 pub subject: String,
884 pub canister_id: String,
885 pub role: Option<String>,
886 pub action: AuthorityActionV1,
887 pub observed_controllers: Vec<String>,
888 pub desired_controllers: Vec<String>,
889 pub controller_delta: AuthorityControllerDeltaV1,
890 pub reason: String,
891}
892
893#[derive(Clone, Debug, Default, Deserialize, Eq, PartialEq, Serialize)]
897pub struct AuthorityControllerDeltaV1 {
898 pub add_controllers: Vec<String>,
899 pub remove_controllers: Vec<String>,
900}
901
902#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
906pub struct AuthorityReportV1 {
907 pub schema_version: u32,
908 pub report_id: String,
909 pub check_id: Option<String>,
910 pub reconciliation_plan_id: String,
911 pub inventory_id: String,
912 pub authority_profile_hash: Option<String>,
913 pub status: SafetyStatusV1,
914 pub summary: String,
915 pub counts: AuthorityReportCountsV1,
916 pub apply_readiness: AuthorityApplyReadinessV1,
917 pub action_counts: Vec<AuthorityActionCountV1>,
918 pub control_class_counts: Vec<AuthorityControlClassCountV1>,
919 pub observation_gaps: Vec<DeploymentObservationGapV1>,
920 pub automatic_actions: Vec<AuthorityAutomaticActionV1>,
921 pub hard_failures: Vec<SafetyFindingV1>,
922 pub external_actions_required: Vec<AuthorityExternalActionV1>,
923 pub next_actions: Vec<String>,
924}
925
926#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
930pub struct AuthorityApplyReadinessV1 {
931 pub can_apply_automatically: bool,
932 pub automatic_action_count: usize,
933 pub blockers: Vec<AuthorityApplyBlockerV1>,
934}
935
936#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
940pub enum AuthorityApplyBlockerV1 {
941 UnsafeBlocked,
942 HardFailures,
943 ObservationGaps,
944 ExternalActions,
945}
946
947#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
951pub struct AuthorityActionCountV1 {
952 pub action: AuthorityActionV1,
953 pub count: usize,
954}
955
956#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
960pub struct AuthorityControlClassCountV1 {
961 pub control_class: CanisterControlClassV1,
962 pub count: usize,
963}
964
965#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
969pub struct AuthorityReportCountsV1 {
970 pub already_correct: usize,
971 pub can_apply_automatically: usize,
972 pub requires_external_action: usize,
973 pub unsafe_blocked: usize,
974 pub unknown: usize,
975 pub hard_failures: usize,
976}
977
978#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
982pub struct CanisterAuthorityActionV1 {
983 pub canister_id: Option<String>,
984 pub role: Option<String>,
985 pub control_classification: CanisterControlClassV1,
986 pub observed_controllers: Vec<String>,
987 pub desired_controllers: Vec<String>,
988 pub controller_delta: AuthorityControllerDeltaV1,
989 pub action: AuthorityActionV1,
990 pub state: AuthorityReconciliationStateV1,
991 pub can_apply: bool,
992 pub reason: String,
993}
994
995#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
999pub struct AuthorityExternalActionV1 {
1000 pub subject: String,
1001 pub canister_id: Option<String>,
1002 pub role: Option<String>,
1003 pub control_classification: CanisterControlClassV1,
1004 pub state: AuthorityReconciliationStateV1,
1005 pub action: AuthorityActionV1,
1006 pub observed_controllers: Vec<String>,
1007 pub desired_controllers: Vec<String>,
1008 pub controller_delta: AuthorityControllerDeltaV1,
1009 pub reason: String,
1010}
1011
1012#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1016pub enum AuthorityActionV1 {
1017 None,
1018 AddControllers,
1019 RemoveControllers,
1020 ReplaceControllerSet,
1021 RequiresExternalController,
1022 RequiresDestructiveImportConfirmation,
1023 ObserveOnly,
1024 AdoptPlanAvailable,
1025 BlockedByPolicy,
1026 UnknownObservation,
1027}
1028
1029#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1033pub enum AuthorityReconciliationStateV1 {
1034 AlreadyCorrect,
1035 CanApplyAutomatically,
1036 RequiresExternalAction,
1037 UnsafeBlocked,
1038 Unknown,
1039}
1040
1041#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1045pub struct DeploymentIdentityV1 {
1046 pub deployment_name: String,
1047 pub network: String,
1048 pub root_principal: Option<String>,
1049 pub authority_profile_hash: Option<String>,
1050 pub role_topology_hash: Option<String>,
1051 pub deployment_manifest_digest: Option<String>,
1052 pub canonical_runtime_config_digest: Option<String>,
1053 pub role_embedded_config_set_digest: Option<String>,
1054 pub artifact_set_digest: Option<String>,
1055 pub pool_identity_set_digest: Option<String>,
1056 pub canic_version: Option<String>,
1057 pub ic_memory_version: Option<String>,
1058}
1059
1060#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1064pub struct TrustDomainV1 {
1065 pub root_trust_anchor: Option<String>,
1066 pub migration_from: Option<String>,
1067}
1068
1069#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1073pub struct AuthorityProfileV1 {
1074 pub profile_id: String,
1075 pub expected_controllers: Vec<String>,
1076 pub staging_controllers: Vec<String>,
1077 pub emergency_controllers: Vec<String>,
1078}
1079
1080#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1084pub struct RoleArtifactV1 {
1085 pub role: String,
1086 pub source: ArtifactSourceV1,
1087 pub build_profile: String,
1088 pub wasm_path: Option<String>,
1089 pub wasm_gz_path: Option<String>,
1090 pub wasm_gz_size_bytes: Option<u64>,
1091 pub wasm_sha256: Option<String>,
1092 pub wasm_gz_sha256: Option<String>,
1093 pub wasm_gz_sha256_source: Option<ArtifactDigestSourceV1>,
1094 pub observed_wasm_gz_file_sha256: Option<String>,
1095 pub observed_wasm_gz_file_sha256_source: Option<ArtifactDigestSourceV1>,
1096 pub installed_module_hash: Option<String>,
1097 pub candid_path: Option<String>,
1098 pub candid_sha256: Option<String>,
1099 pub raw_config_sha256: Option<String>,
1100 pub canonical_embedded_config_sha256: Option<String>,
1101 pub embedded_topology_sha256: Option<String>,
1102 pub builder_version: Option<String>,
1103 pub rust_toolchain: Option<String>,
1104 pub package_version: Option<String>,
1105}
1106
1107#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1111pub enum ArtifactDigestSourceV1 {
1112 ReleaseSetManifest,
1113 ObservedFileDigest,
1114 InstalledModuleHash,
1115}
1116
1117#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1121pub enum ArtifactSourceV1 {
1122 LocalBuild,
1123 ReleaseSet,
1124 WasmStore,
1125 External,
1126 Unknown,
1127}
1128
1129#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1133pub struct ExpectedCanisterV1 {
1134 pub role: String,
1135 pub canister_id: Option<String>,
1136 pub control_class: CanisterControlClassV1,
1137}
1138
1139#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1143pub struct ObservedCanisterV1 {
1144 pub canister_id: String,
1145 pub role: Option<String>,
1146 pub control_class: CanisterControlClassV1,
1147 pub controllers: Vec<String>,
1148 pub module_hash: Option<String>,
1149 pub status: Option<String>,
1150 pub root_trust_anchor: Option<String>,
1151 pub canonical_embedded_config_digest: Option<String>,
1152 pub role_assignment_source: Option<String>,
1153}
1154
1155#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1159pub enum CanisterControlClassV1 {
1160 DeploymentControlled,
1161 CanicManagedPool,
1162 ExternallyImported,
1163 JointlyControlled,
1164 UserControlled,
1165 UnknownUnsafe,
1166}
1167
1168#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1172pub struct ExpectedPoolCanisterV1 {
1173 pub pool: String,
1174 pub canister_id: Option<String>,
1175 pub role: Option<String>,
1176}
1177
1178#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1182pub struct ObservedPoolCanisterV1 {
1183 pub pool: String,
1184 pub canister_id: String,
1185 pub role: Option<String>,
1186 pub control_class: CanisterControlClassV1,
1187}
1188
1189#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1193pub struct LocalDeploymentConfigV1 {
1194 pub config_path: Option<String>,
1195 pub raw_config_sha256: Option<String>,
1196 pub canonical_embedded_config_sha256: Option<String>,
1197}
1198
1199#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1203pub struct ObservedArtifactV1 {
1204 pub role: String,
1205 pub artifact_path: String,
1206 pub file_sha256: Option<String>,
1207 pub file_sha256_source: Option<ArtifactDigestSourceV1>,
1208 pub payload_sha256: Option<String>,
1209 pub payload_size_bytes: Option<u64>,
1210 pub source: ArtifactSourceV1,
1211}
1212
1213#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1217pub struct VerifierReadinessExpectationV1 {
1218 pub required: bool,
1219 pub expected_role_epochs: Vec<RoleEpochExpectationV1>,
1220}
1221
1222#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1226pub struct VerifierReadinessObservationV1 {
1227 pub status: ObservationStatusV1,
1228 pub role_epochs: Vec<RoleEpochObservationV1>,
1229}
1230
1231#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1235pub struct RoleEpochExpectationV1 {
1236 pub role: String,
1237 pub minimum_epoch: u64,
1238}
1239
1240#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1244pub struct RoleEpochObservationV1 {
1245 pub role: String,
1246 pub observed_epoch: Option<u64>,
1247 pub status: ObservationStatusV1,
1248}
1249
1250#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1254pub struct DeploymentAssumptionV1 {
1255 pub key: String,
1256 pub description: String,
1257}
1258
1259#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1263pub struct DeploymentObservationGapV1 {
1264 pub key: String,
1265 pub description: String,
1266}
1267
1268#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1272pub struct PhaseReceiptV1 {
1273 pub phase: String,
1274 pub started_at: String,
1275 pub finished_at: Option<String>,
1276 pub attempted_action: String,
1277 pub verified_postcondition: VerifiedPostconditionV1,
1278}
1279
1280#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1284pub struct VerifiedPostconditionV1 {
1285 pub status: ObservationStatusV1,
1286 pub evidence: Vec<String>,
1287}
1288
1289#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1293pub enum DeploymentExecutionStatusV1 {
1294 NotStarted,
1295 InProgress,
1296 FailedBeforeMutation,
1297 PartiallyApplied,
1298 FailedAfterMutation,
1299 Complete,
1300}
1301
1302#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1306pub enum DeploymentCommandResultV1 {
1307 NotFinished,
1308 Succeeded,
1309 Failed { code: String, message: String },
1310}
1311
1312#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1316pub struct RolePhaseReceiptV1 {
1317 pub role: String,
1318 pub phase: String,
1319 pub result: RolePhaseResultV1,
1320 pub previous_module_hash: Option<String>,
1321 pub target_module_hash: Option<String>,
1322 pub observed_module_hash_after: Option<String>,
1323 pub artifact_digest: Option<String>,
1324 pub canonical_embedded_config_sha256: Option<String>,
1325 pub error: Option<String>,
1326}
1327
1328#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1332pub enum RolePhaseResultV1 {
1333 Applied,
1334 Failed,
1335 Skipped,
1336 NotAttempted,
1337 VerifiedAlreadyApplied,
1338}
1339
1340#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1344pub struct DiffItemV1 {
1345 pub category: String,
1346 pub subject: String,
1347 pub expected: Option<String>,
1348 pub observed: Option<String>,
1349 pub severity: SafetySeverityV1,
1350}
1351
1352#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1356pub struct ResumeSafetyV1 {
1357 pub status: SafetyStatusV1,
1358 pub reasons: Vec<String>,
1359}
1360
1361#[derive(Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
1365pub struct SafetyFindingV1 {
1366 pub code: String,
1367 pub message: String,
1368 pub severity: SafetySeverityV1,
1369 pub subject: Option<String>,
1370}
1371
1372#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1376pub enum SafetyStatusV1 {
1377 NotEvaluated,
1378 Safe,
1379 Warning,
1380 Blocked,
1381}
1382
1383#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1387pub enum SafetySeverityV1 {
1388 Info,
1389 Warning,
1390 HardFailure,
1391}
1392
1393#[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
1397pub enum ObservationStatusV1 {
1398 NotObserved,
1399 Observed,
1400 Missing,
1401 Inconclusive,
1402}