Expand description
Generation of provider runtime secrets declared via the
greentic.generated-secrets.v1 pack extension.
Setup is the single place that introduces secrets into the local dev
secrets store. Generated secrets (for example a provider JWT signing key)
are materialised here so that gtc start can simply move them into the
deployment target’s secrets manager without re-generating divergent values.
The parsing mirrors greentic-start’s contract: a secret is declared under
extensions["greentic.generated-secrets.v1"].inline.secrets[]. We prefer the
JSON manifest (pack.manifest.json) because it is free of the CBOR
symbol-interning used by manifest.cbor, and fall back to a best-effort CBOR
navigation when only the binary manifest is present.
Structs§
- Generated
Requirement - A pack-declared secret that setup must generate and introduce locally.
- Generated
Secret Spec - Generation policy for a declared secret.
Functions§
- generate_
secret_ value - Generate the value for a declared secret according to its policy.
- introduce_
into_ store - Generate and introduce a pack’s declared generated secrets into
store. - load_
generated_ requirements_ from_ pack - Load the generated-secret requirements declared by a
.gtpack. - scope_
team - Resolve the team segment for a generated secret’s canonical URI.