pub async fn publish_kernel(
__arg0: State<Arc<AppState>>,
__arg1: Extension<TenantId>,
__arg2: Extension<AuthContext>,
publish_tokens: Option<Extension<KernelPublishTokens>>,
__arg4: Json<PublishKernelRequest>,
) -> Result<(StatusCode, Json<Value>), ApiError>Expand description
POST /kernels — publish a signed manifest + PTX text.
The handler:
- Verifies the caller has the kernel-publish scope:
- In dev mode (
TokenId::DEV— emptyTENSOR_WASM_API_TOKENS) the call is rejected with403 kernel_publish_disabled_in_dev_mode. Closing the T1 finding: previously, dev mode silently admitted every anonymous caller. - Otherwise the caller’s
TokenIdmust appear inKernelPublishTokens(parsed fromTENSOR_WASM_API_KERNEL_PUBLISH_TOKENS). A token in the main API allowlist but missing from the publish allowlist gets403 kernel_publish_scope_required.
- In dev mode (
- Pulls the registry out of
AppState; returns503when unset. - Hands the (manifest, ptx_text) pair to
InMemoryRegistry::publish, which performs digest + HMAC verification before insertion. - Maps each
RegistryErrorvariant to a stable(status, kind)pair on the wire.
On success, returns 201 Created with {name, version} echoed back
so the CLI can confirm the canonical key.
The _tenant extension is required (the route sits under
tenant_scope so it is always present). It is captured here for
future use by audit/per-tenant key-scope tables without re-shaping
the handler signature; today it is intentionally unused beyond
proving its presence — the kernel registry is operator-scope.
The KernelPublishTokens extension is optional only because tests
that drive the handler directly may not install one; production
routers always layer it on. An absent extension is treated as the
empty allowlist (deny by default), which is the same posture as
TENSOR_WASM_API_KERNEL_PUBLISH_TOKENS being unset.