Skip to main content

Module fleet_bundle

Module fleet_bundle 

Source
Expand description

.fleet bundle manifest types + signing primitives (pure; no I/O).

The MANIFEST is the only signed object: it pins every bundled file by SHA-256, so the archive container need not be byte-deterministic — verifying each file’s hash against the manifest plus the manifest signature suffices.

Structs§

BundleEntry
One file in a bundle, pinned by content hash.
BundleManifest
The signed manifest at bundle.yaml.

Constants§

FLEET_BUNDLE_FORMAT
Bundle wire-format version. Bump on any breaking manifest change.

Functions§

content_hash
Lowercase hex SHA-256 of bytes.
manifest_sign_input
Canonical signing input: the manifest serialized with sig cleared. Struct field order is fixed, so this is deterministic without a custom canonicalizer.
signer_fingerprint
Short fingerprint of a multibase pubkey: first 8 hex chars of its SHA-256, hyphen-grouped (e.g. ab12-cd34) for human out-of-band comparison.
verify_manifest_sig
Verify the manifest signature against pubkey. Fail-closed: no sig → false.