Skip to main content

publish_kernel

Function publish_kernel 

Source
pub async fn publish_kernel(
    __arg0: State<Arc<AppState>>,
    __arg1: Extension<TenantId>,
    __arg2: Extension<AuthContext>,
    publish_tokens: Option<Extension<KernelPublishTokens>>,
    __arg4: Json<PublishKernelRequest>,
) -> Result<(StatusCode, Json<Value>), ApiError>
Expand description

POST /kernels — publish a signed manifest + PTX text.

The handler:

  1. Verifies the caller has the kernel-publish scope:
    • In dev mode (TokenId::DEV — empty TENSOR_WASM_API_TOKENS) the call is rejected with 403 kernel_publish_disabled_in_dev_mode. Closing the T1 finding: previously, dev mode silently admitted every anonymous caller.
    • Otherwise the caller’s TokenId must appear in KernelPublishTokens (parsed from TENSOR_WASM_API_KERNEL_PUBLISH_TOKENS). A token in the main API allowlist but missing from the publish allowlist gets 403 kernel_publish_scope_required.
  2. Pulls the registry out of AppState; returns 503 when unset.
  3. Hands the (manifest, ptx_text) pair to InMemoryRegistry::publish, which performs digest + HMAC verification before insertion.
  4. Maps each RegistryError variant to a stable (status, kind) pair on the wire.

On success, returns 201 Created with {name, version} echoed back so the CLI can confirm the canonical key.

The _tenant extension is required (the route sits under tenant_scope so it is always present). It is captured here for future use by audit/per-tenant key-scope tables without re-shaping the handler signature; today it is intentionally unused beyond proving its presence — the kernel registry is operator-scope.

The KernelPublishTokens extension is optional only because tests that drive the handler directly may not install one; production routers always layer it on. An absent extension is treated as the empty allowlist (deny by default), which is the same posture as TENSOR_WASM_API_KERNEL_PUBLISH_TOKENS being unset.