pub struct Profile {
pub id: ProfileId,
pub name: String,
pub description: String,
pub policy_overlays: Vec<Policy>,
pub runtime_constraints: Vec<RuntimeConstraint>,
pub trust_requirements: TrustTier,
pub receipt_requirements: ReceiptSpec,
pub metadata: BTreeMap<String, String>,
}Expand description
Enterprise profile for policy enforcement.
Fields§
§id: ProfileIdUnique profile identifier.
name: StringHuman-readable profile name.
description: StringProfile description.
policy_overlays: Vec<Policy>Policy overlays to enforce.
runtime_constraints: Vec<RuntimeConstraint>Runtime constraints.
trust_requirements: TrustTierMinimum trust tier required.
receipt_requirements: ReceiptSpecReceipt requirements.
metadata: BTreeMap<String, String>Additional metadata — BTreeMap for deterministic JSON serialization.
Implementations§
Source§impl Profile
impl Profile
Sourcepub fn new(
id: ProfileId,
name: String,
description: String,
policy_overlays: Vec<Policy>,
trust_requirements: TrustTier,
receipt_requirements: ReceiptSpec,
) -> Profile
pub fn new( id: ProfileId, name: String, description: String, policy_overlays: Vec<Policy>, trust_requirements: TrustTier, receipt_requirements: ReceiptSpec, ) -> Profile
Create a new profile.
Sourcepub fn with_runtime_constraint(self, constraint: RuntimeConstraint) -> Profile
pub fn with_runtime_constraint(self, constraint: RuntimeConstraint) -> Profile
Add runtime constraint to profile.
Sourcepub fn with_metadata(self, key: String, value: String) -> Profile
pub fn with_metadata(self, key: String, value: String) -> Profile
Add metadata to profile.
Sourcepub fn enforce(&self, packs: &[PackContext]) -> Result<PolicyReport, Error>
pub fn enforce(&self, packs: &[PackContext]) -> Result<PolicyReport, Error>
Sourcepub fn allows_runtime(&self, runtime: &str) -> bool
pub fn allows_runtime(&self, runtime: &str) -> bool
Check if a runtime is allowed by this profile.
Sourcepub fn meets_trust_requirement(&self, tier: TrustTier) -> bool
pub fn meets_trust_requirement(&self, tier: TrustTier) -> bool
Check if a trust tier meets requirements.
Sourcepub fn forbid_public_registry(&self) -> bool
pub fn forbid_public_registry(&self) -> bool
Check if this profile forbids public registry packs.
Trait Implementations§
Source§impl<'de> Deserialize<'de> for Profile
impl<'de> Deserialize<'de> for Profile
Source§fn deserialize<__D>(
__deserializer: __D,
) -> Result<Profile, <__D as Deserializer<'de>>::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(
__deserializer: __D,
) -> Result<Profile, <__D as Deserializer<'de>>::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
impl Eq for Profile
Source§impl Serialize for Profile
impl Serialize for Profile
Source§fn serialize<__S>(
&self,
__serializer: __S,
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>where
__S: Serializer,
fn serialize<__S>(
&self,
__serializer: __S,
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>where
__S: Serializer,
Serialize this value into the given Serde serializer. Read more
impl StructuralPartialEq for Profile
Auto Trait Implementations§
impl Freeze for Profile
impl RefUnwindSafe for Profile
impl Send for Profile
impl Sync for Profile
impl Unpin for Profile
impl UnsafeUnpin for Profile
impl UnwindSafe for Profile
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> DeserializeOwned for Twhere
T: for<'de> Deserialize<'de>,
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
Compare self to
key and return true if they are equal.Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<T> EvidenceKind for T
impl<T> EvidenceKind for T
default fn kind_label(&self) -> &'static str
Source§impl<T> FutureExt for T
impl<T> FutureExt for T
Source§fn with_context(self, otel_cx: Context) -> WithContext<Self>
fn with_context(self, otel_cx: Context) -> WithContext<Self>
Source§fn with_current_context(self) -> WithContext<Self>
fn with_current_context(self) -> WithContext<Self>
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
Converts
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
Converts
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§impl<T> IntoRequest<T> for T
impl<T> IntoRequest<T> for T
Source§fn into_request(self) -> Request<T>
fn into_request(self) -> Request<T>
Wrap the input message
T in a tonic::Request