mcp_exec/
config.rs

1//! Configuration primitives describing how the executor resolves, verifies, and
2//! runs Wasm components.
3
4use std::collections::HashMap;
5use std::time::Duration;
6
7use crate::store::ToolStore;
8
9/// Configuration for a single executor invocation.
10#[derive(Clone, Debug)]
11pub struct ExecConfig {
12    pub store: ToolStore,
13    pub security: VerifyPolicy,
14    pub runtime: RuntimePolicy,
15    pub http_enabled: bool,
16}
17
18/// Policy describing how artifacts must be verified prior to execution.
19#[derive(Clone, Debug, Default)]
20pub struct VerifyPolicy {
21    /// Whether artifacts without a matching digest/signature are still allowed.
22    pub allow_unverified: bool,
23    /// Expected digests (hex encoded) keyed by component identifier.
24    pub required_digests: HashMap<String, String>,
25    /// Signers that are trusted to vouch for artifacts.
26    pub trusted_signers: Vec<String>,
27}
28
29/// Runtime resource limits applied to the Wasm execution.
30#[derive(Clone, Debug)]
31pub struct RuntimePolicy {
32    pub fuel: Option<u64>,
33    pub max_memory: Option<u64>,
34    pub wallclock_timeout: Duration,
35}
36
37impl Default for RuntimePolicy {
38    fn default() -> Self {
39        Self {
40            fuel: None,
41            max_memory: None,
42            wallclock_timeout: Duration::from_secs(30),
43        }
44    }
45}