tracevault_core/
policy.rs1use serde::{Deserialize, Serialize};
2use uuid::Uuid;
3
4#[derive(Debug, Clone, Serialize, Deserialize)]
5pub struct PolicyRule {
6 pub id: Uuid,
7 pub org_id: Option<String>,
8 pub name: String,
9 pub description: String,
10 pub condition: PolicyCondition,
11 pub action: PolicyAction,
12 pub severity: PolicySeverity,
13 pub enabled: bool,
14}
15
16#[derive(Debug, Clone, Serialize, Deserialize)]
17#[serde(tag = "type")]
18pub enum PolicyCondition {
19 TraceCompleteness,
20 AiPercentageThreshold { threshold: f32 },
21 ModelAllowlist { allowed_models: Vec<String> },
22 SensitivePathPattern { patterns: Vec<String> },
23 RequiredToolCall { tool_names: Vec<String> },
24 TokenBudget { max_tokens: Option<u64>, max_cost_usd: Option<f64> },
25 ConditionalToolCall {
26 tool_name: String,
27 min_count: Option<u32>,
28 when_files_match: Option<Vec<String>>,
29 },
30}
31
32#[derive(Debug, Clone, Serialize, Deserialize)]
33#[serde(rename_all = "snake_case")]
34pub enum PolicyAction {
35 BlockMerge,
36 BlockPush,
37 Warn,
38 RequireReview,
39 Notify,
40}
41
42#[derive(Debug, Clone, Serialize, Deserialize)]
43#[serde(rename_all = "lowercase")]
44pub enum PolicySeverity {
45 Critical,
46 High,
47 Medium,
48 Low,
49}
50
51#[derive(Debug, Clone, Serialize, Deserialize)]
52pub struct PolicyEvaluation {
53 pub policy: PolicyRule,
54 pub result: EvalResult,
55 pub details: String,
56}
57
58#[derive(Debug, Clone, Serialize, Deserialize, PartialEq)]
59#[serde(rename_all = "lowercase")]
60pub enum EvalResult {
61 Pass,
62 Fail,
63 Warn,
64}