cellos-core 0.7.3

CellOS domain types and ports — typed authority, formation DAG, CloudEvent envelopes, RBAC primitives. No I/O.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

//! CellOS core: execution cell model and **ports** (traits). No network, filesystem, or host syscalls here.
//!
//! **cellos-lite:** keep this crate free of local LLM / on-device inference dependencies; see `deny.toml` and [CONTRIBUTING.md](../../../CONTRIBUTING.md).
//!
//! See [EXTENSIBILITY.md](../../../EXTENSIBILITY.md) in the repo root.

pub mod authority;
pub mod cgroup_id;
pub mod error;
pub mod events;
pub mod hostname_allowlist;
pub mod noop_broker;
pub mod observability;
pub mod policy;
pub mod ports;
pub mod principal;
pub mod redaction;
pub mod spec_validation;
pub mod state_projection;
pub mod trust_keys;
pub mod types;

pub use cgroup_id::sanitize_cgroup_leaf_segment;
pub use error::CellosError;
pub use events::{
    authz_rejected_data_v1, cell_subject_urn, cloud_event_v1_cortex_dispatched,
    cloud_event_v1_dns_authority_dnssec_failed, cloud_event_v1_dns_authority_drift,
    cloud_event_v1_dns_authority_rebind_rejected, cloud_event_v1_dns_authority_rebind_threshold,
    cloud_event_v1_dns_query, cloud_event_v1_dns_query_permitted, cloud_event_v1_dns_query_refused,
    cloud_event_v1_firecracker_pool_checkout, cloud_event_v1_keyset_verification_failed,
    cloud_event_v1_keyset_verified, cloud_event_v1_network_flow_decision,
    command_completed_data_v1, compliance_summary_data_v1, cortex_dispatched_data_v1,
    dns_authority_dnssec_failed_data_v1, dns_authority_drift_data_v1,
    dns_authority_rebind_rejected_data_v1, dns_authority_rebind_threshold_data_v1,
    dns_query_data_v1, dns_query_permitted_data_v1, dns_query_refused_data_v1,
    evidence_bundle_emitted_data_v1, export_completed_data_v1, export_completed_data_v2,
    export_failed_data_v2, firecracker_pool_event_data_v1, homeostasis_signal_data_v1,
    homeostasis_violation_data_v1, identity_failed_data_v1, identity_materialized_data_v1,
    identity_revoked_data_v1, keyset_verification_failed_data_v1, keyset_verified_data_v1,
    lifecycle_destroyed_data_v1, lifecycle_destroyed_data_v1_typed, lifecycle_started_data_v1,
    manifest_failed_data_v1, network_flow_decision_data_v1,
    observability_container_security_data_v1, observability_dns_resolution_data_v1,
    observability_dns_target_set_data_v1, observability_fs_touch_export_data_v1,
    observability_l7_egress_decision_data_v1, observability_network_enforcement_data_v1,
    observability_network_policy_data_v1, observability_network_scope_data_v1,
    observability_process_spawned_data_v1, policy_rejected_data_v1, EvidenceBundleRefs,
    IdentityFailureOperation, LifecycleDestroyOutcome, LifecycleReason, LifecycleResidueClass,
    LifecycleTerminalState, Provenance, ResidueClass, SubjectUrn, SubjectUrnError,
    LIFECYCLE_MANIFEST_FAILED_TYPE, TRUST_PLANE_AGGREGATE_EGRESS_FQDN,
    TRUST_PLANE_BUILTIN_KEYSET_ID, TRUST_PLANE_BUILTIN_L7_KID, TRUST_PLANE_BUILTIN_RESOLVER_KID,
};
pub use noop_broker::NoopSecretBroker;
pub use policy::{
    check_policy_pack_version_compatibility, spec_matches_placement_scope,
    validate_authorization_policy, validate_policy_pack_document, validate_spec_against_policy,
    AuthorizationPolicy, AuthorizationPolicyDocument, PolicyPackDocument, PolicyPackSpec,
    PolicyRules, PolicyViolation, MIN_SUPPORTED_POLICY_PACK_VERSION, POLICY_ALLOW_DOWNGRADE_ENV,
};
pub use ports::{NoopExportSink, NoopInferenceBroker, RuntimeSecretLeaseRequest};
pub use principal::{
    AuthorityScope, AuthorityScopeViolation, Capability, DelegateId, ExternalId, OperatorId,
    PlatformId, Principal, PrincipalParseError, TrustRoot,
};
pub use redaction::{redact_url_credentials_for_logs, redact_url_if_echoed_in_text};
pub use spec_validation::{
    enforce_derivation_scope_policy, validate_execution_cell_document,
    validate_tenant_id_for_subject_token, verify_authority_derivation,
    verify_signed_trust_keyset_chain, verify_signed_trust_keyset_envelope,
};
pub use state_projection::{
    CellStateProjection, CellStateSnapshot, ExportProjectionRecord, ProjectionCurrentState,
    ProjectionExportStage, ProjectionIdentityStage, ProjectionLifecycleStage,
};
pub use trust_keys::{
    canonical_event_signing_payload, load_trust_verify_keys_file, parse_trust_verify_keys,
    sign_event_ed25519, sign_event_hmac_sha256, verify_signed_event_envelope,
    SignedEventEnvelopeV1,
};
pub use types::{
    canonical_spec_hash, qtype_to_dns_query_type, AuthorityBundle, AuthorityCapability,
    AuthorityComponent, AuthorityDerivationToken, AuthorityNarrowing, AuthoritySignature,
    CdnAuthority, CdnProvider, CloudEventV1, Correlation, DnsAuthority, DnsAuthorityDnssecFailed,
    DnsAuthorityDnssecFailureReason, DnsAuthorityDrift, DnsAuthorityRebindRejected,
    DnsAuthorityRebindThreshold, DnsQueryDecision, DnsQueryEvent, DnsQueryReasonCode, DnsQueryType,
    DnsRebindingPolicy, DnsRefreshPolicy, DnsRefreshStrategy, DnsResolver, DnsResolverDnssecPolicy,
    DnsResolverProtocol, EgressRule, EnvironmentSpec, ExecutionCellDocument, ExecutionCellSpec,
    ExportArtifact, ExportArtifactMetadata, ExportChannels, ExportReceipt, ExportReceiptTargetKind,
    ExportTarget, GitIngress, HomeostasisSignal, HttpExportTarget, InferenceMessage,
    InferenceRequest, InferenceResponse, InferenceRole, Ingress, Lifetime, NetworkFlowDecision,
    NetworkFlowDecisionOutcome, NetworkFlowDirection, OciImageIngress, PlacementSpec, PolicyRef,
    RoleId, RunCpuMax, RunLimits, RunSpec, S3ExportTarget, SecretDeliveryMode, SecretView,
    SignedTrustKeysetEnvelope, TelemetryChannel, TelemetrySpec, TrustKeysetSignature,
    WorkloadIdentity, WorkloadIdentityKind,
};