runkon_flow/traits/script_env_provider.rs
1use std::collections::HashMap;
2
3use crate::traits::run_context::RunContext;
4
5/// Builds the per-script-step environment.
6///
7/// `as_identity`, when `Some`, names the identity this step should act as.
8/// Providers resolve the identity into harness-defined auth material —
9/// typically by injecting credentials as env vars. Examples:
10///
11/// - GitHub App installation name → `GH_TOKEN` (conductor's default impl)
12/// - AWS service account ID → `AWS_ACCESS_KEY_ID` / related vars
13/// - Slack bot user ID → `SLACK_BOT_TOKEN`
14/// - Agent persona key → API key scoped to that persona
15///
16/// Providers that don't model named identities ignore the parameter.
17pub trait ScriptEnvProvider: Send + Sync {
18 fn env(&self, ctx: &dyn RunContext, as_identity: Option<&str>) -> HashMap<String, String>;
19}
20
21/// No-op default — returns empty env when no provider is configured.
22pub struct NoOpScriptEnvProvider;
23
24impl ScriptEnvProvider for NoOpScriptEnvProvider {
25 fn env(&self, _ctx: &dyn RunContext, _as_identity: Option<&str>) -> HashMap<String, String> {
26 HashMap::new()
27 }
28}