meerkat_runtime/
traits.rs

1//! §23 Runtime traits — RuntimeDriver and RuntimeControlPlane.
2//!
3//! These define the interface between surfaces and the runtime control-plane.
4
5use meerkat_core::lifecycle::{InputId, RunId};
6use serde::{Deserialize, Serialize};
7
8use crate::accept::AcceptOutcome;
9use crate::identifiers::LogicalRuntimeId;
10use crate::input::Input;
11use crate::input_state::{InputLifecycleState, InputState, StoredInputState};
12use crate::runtime_event::RuntimeEventEnvelope;
13use crate::runtime_state::RuntimeState;
14
15/// Errors from RuntimeDriver operations.
16#[derive(Debug, Clone, thiserror::Error)]
17#[non_exhaustive]
18pub enum RuntimeDriverError {
19    /// The runtime is not in a state that can accept this operation.
20    #[error("Runtime not ready: {state}")]
21    NotReady { state: RuntimeState },
22
23    /// The runtime was never registered / does not exist.
24    ///
25    /// Distinct from [`RuntimeDriverError::Destroyed`] and
26    /// [`RuntimeDriverError::NotReady`] with a `Destroyed` state: absence means
27    /// the runtime id was never admitted, not that it once existed and was torn
28    /// down.
29    #[error("Runtime not found: {runtime_id}")]
30    NotFound { runtime_id: LogicalRuntimeId },
31
32    /// Input validation failed.
33    #[error("Input validation failed: {reason}")]
34    ValidationFailed { reason: String },
35
36    /// The runtime has been destroyed.
37    #[error("Runtime destroyed")]
38    Destroyed,
39
40    /// Durable recovery state could not be replayed through canonical runtime authority.
41    #[error("Recovery corruption: {reason}")]
42    RecoveryCorruption { reason: String },
43
44    /// Internal error.
45    #[error("Internal error: {0}")]
46    Internal(String),
47}
48
49/// Errors from RuntimeControlPlane operations.
50#[derive(Debug, Clone, thiserror::Error)]
51#[non_exhaustive]
52pub enum RuntimeControlPlaneError {
53    /// Runtime not found.
54    #[error("Runtime not found: {0}")]
55    NotFound(LogicalRuntimeId),
56
57    /// Invalid state for this operation.
58    #[error("Invalid state for operation: {state}")]
59    InvalidState { state: RuntimeState },
60
61    /// Store error.
62    #[error("Store error: {0}")]
63    StoreError(String),
64
65    /// Internal error.
66    #[error("Internal error: {0}")]
67    Internal(String),
68}
69
70/// Report from a recovery operation.
71#[derive(Debug, Clone, Serialize, Deserialize)]
72pub struct RecoveryReport {
73    /// How many inputs were recovered.
74    pub inputs_recovered: usize,
75    /// How many inputs were abandoned during recovery.
76    pub inputs_abandoned: usize,
77    /// How many inputs were re-queued.
78    pub inputs_requeued: usize,
79    /// Details of recovery actions.
80    #[serde(default, skip_serializing_if = "Vec::is_empty")]
81    pub details: Vec<String>,
82}
83
84/// Report from a retire operation.
85#[derive(Debug, Clone, Serialize, Deserialize)]
86pub struct RetireReport {
87    /// How many non-terminal inputs were abandoned.
88    pub inputs_abandoned: usize,
89    /// How many inputs are pending drain (will be processed before stopping).
90    #[serde(default)]
91    pub inputs_pending_drain: usize,
92}
93
94/// Report from a reset operation.
95#[derive(Debug, Clone, Serialize, Deserialize)]
96pub struct ResetReport {
97    /// How many non-terminal inputs were abandoned.
98    pub inputs_abandoned: usize,
99}
100
101/// Report from a recycle operation (reset driver and recover state).
102#[derive(Debug, Clone, Serialize, Deserialize)]
103pub struct RecycleReport {
104    /// How many inputs were transferred to the new instance.
105    pub inputs_transferred: usize,
106}
107
108/// Report from a destroy operation.
109#[derive(Debug, Clone, Serialize, Deserialize)]
110pub struct DestroyReport {
111    /// How many non-terminal inputs were abandoned.
112    pub inputs_abandoned: usize,
113}
114
115/// The runtime driver — per-session interface for input acceptance and lifecycle.
116///
117/// Each session gets its own RuntimeDriver instance. The driver manages the
118/// InputState ledger, policy resolution, and input queue for that session.
119#[cfg_attr(not(target_arch = "wasm32"), async_trait::async_trait)]
120#[cfg_attr(target_arch = "wasm32", async_trait::async_trait(?Send))]
121pub trait RuntimeDriver: Send + Sync {
122    /// Accept an input into the runtime.
123    async fn accept_input(&mut self, input: Input) -> Result<AcceptOutcome, RuntimeDriverError>;
124
125    /// Handle a runtime event (from the event bus).
126    async fn on_runtime_event(
127        &mut self,
128        event: RuntimeEventEnvelope,
129    ) -> Result<(), RuntimeDriverError>;
130
131    /// Recover from a crash/restart.
132    async fn recover(&mut self) -> Result<RecoveryReport, RuntimeDriverError>;
133
134    /// Get the current runtime state.
135    fn runtime_state(&self) -> RuntimeState;
136
137    /// Get the state of a specific input.
138    fn input_state(&self, input_id: &InputId) -> Option<&InputState>;
139
140    /// Get the current DSL-owned lifecycle phase of a specific input.
141    fn input_phase(&self, input_id: &InputId) -> Option<InputLifecycleState>;
142
143    /// Get the current DSL-owned last run association for a specific input.
144    fn input_last_run_id(&self, input_id: &InputId) -> Option<RunId>;
145
146    /// Get the current DSL-owned last boundary sequence for a specific input.
147    fn input_last_boundary_sequence(&self, input_id: &InputId) -> Option<u64>;
148
149    /// Get the persisted shell+seed bundle for a specific input.
150    fn stored_input_state(&self, input_id: &InputId) -> Option<StoredInputState>;
151
152    /// List all non-terminal input IDs.
153    fn active_input_ids(&self) -> Vec<InputId>;
154}
155
156/// The runtime control plane — manages multiple runtime instances.
157#[cfg_attr(not(target_arch = "wasm32"), async_trait::async_trait)]
158#[cfg_attr(target_arch = "wasm32", async_trait::async_trait(?Send))]
159pub trait RuntimeControlPlane: Send + Sync {
160    /// Ingest an input into a specific runtime.
161    async fn ingest(
162        &self,
163        runtime_id: &LogicalRuntimeId,
164        input: Input,
165    ) -> Result<AcceptOutcome, RuntimeControlPlaneError>;
166
167    /// Publish a runtime event.
168    async fn publish_event(
169        &self,
170        event: RuntimeEventEnvelope,
171    ) -> Result<(), RuntimeControlPlaneError>;
172
173    /// Retire a runtime (no new input, drain existing).
174    async fn retire(
175        &self,
176        runtime_id: &LogicalRuntimeId,
177    ) -> Result<RetireReport, RuntimeControlPlaneError>;
178
179    /// Recycle a runtime (reset driver and recover state).
180    async fn recycle(
181        &self,
182        runtime_id: &LogicalRuntimeId,
183    ) -> Result<RecycleReport, RuntimeControlPlaneError>;
184
185    /// Reset a runtime (abandon all pending input).
186    async fn reset(
187        &self,
188        runtime_id: &LogicalRuntimeId,
189    ) -> Result<ResetReport, RuntimeControlPlaneError>;
190
191    /// Recover a runtime from crash.
192    async fn recover(
193        &self,
194        runtime_id: &LogicalRuntimeId,
195    ) -> Result<RecoveryReport, RuntimeControlPlaneError>;
196
197    /// Get the state of a runtime.
198    async fn runtime_state(
199        &self,
200        runtime_id: &LogicalRuntimeId,
201    ) -> Result<RuntimeState, RuntimeControlPlaneError>;
202
203    /// Destroy a runtime (terminal state, no recovery possible).
204    async fn destroy(
205        &self,
206        runtime_id: &LogicalRuntimeId,
207    ) -> Result<DestroyReport, RuntimeControlPlaneError>;
208
209    /// Load a boundary receipt for verification.
210    async fn load_boundary_receipt(
211        &self,
212        runtime_id: &LogicalRuntimeId,
213        run_id: &RunId,
214        sequence: u64,
215    ) -> Result<Option<meerkat_core::lifecycle::RunBoundaryReceipt>, RuntimeControlPlaneError>;
216}
217
218#[cfg(test)]
219#[allow(clippy::unwrap_used)]
220mod tests {
221    use super::*;
222
223    // Verify traits are object-safe
224    fn _assert_driver_object_safe(_: &dyn RuntimeDriver) {}
225    fn _assert_control_plane_object_safe(_: &dyn RuntimeControlPlane) {}
226
227    #[test]
228    fn runtime_driver_error_display() {
229        let err = RuntimeDriverError::NotReady {
230            state: RuntimeState::Initializing,
231        };
232        assert!(err.to_string().contains("initializing"));
233
234        let err = RuntimeDriverError::ValidationFailed {
235            reason: "bad input".into(),
236        };
237        assert!(err.to_string().contains("bad input"));
238    }
239
240    #[test]
241    fn runtime_control_plane_error_display() {
242        let err = RuntimeControlPlaneError::NotFound(LogicalRuntimeId::new("missing"));
243        assert!(err.to_string().contains("missing"));
244    }
245
246    #[test]
247    fn recovery_report_serde() {
248        let report = RecoveryReport {
249            inputs_recovered: 5,
250            inputs_abandoned: 1,
251            inputs_requeued: 3,
252            details: vec!["requeued 3 staged inputs".into()],
253        };
254        let json = serde_json::to_value(&report).unwrap();
255        let parsed: RecoveryReport = serde_json::from_value(json).unwrap();
256        assert_eq!(parsed.inputs_recovered, 5);
257    }
258}
meerkat_runtime/traits.rs

meerkat_runtime/
traits.rs
