tracevault_core/
policy.rs1use serde::{Deserialize, Serialize};
2use uuid::Uuid;
3
4#[derive(Debug, Clone, Serialize, Deserialize)]
5pub struct PolicyRule {
6 pub id: Uuid,
7 pub org_id: Option<String>,
8 pub name: String,
9 pub description: String,
10 pub condition: PolicyCondition,
11 pub action: PolicyAction,
12 pub severity: PolicySeverity,
13 pub enabled: bool,
14}
15
16#[derive(Debug, Clone, Serialize, Deserialize)]
17#[serde(tag = "type")]
18pub enum PolicyCondition {
19 TraceCompleteness,
20 AiPercentageThreshold {
21 threshold: f32,
22 },
23 ModelAllowlist {
24 allowed_models: Vec<String>,
25 },
26 SensitivePathPattern {
27 patterns: Vec<String>,
28 },
29 RequiredToolCall {
30 tool_names: Vec<String>,
31 },
32 TokenBudget {
33 max_tokens: Option<u64>,
34 max_cost_usd: Option<f64>,
35 },
36 ConditionalToolCall {
37 tool_name: String,
38 min_count: Option<u32>,
39 when_files_match: Option<Vec<String>>,
40 },
41}
42
43#[derive(Debug, Clone, Serialize, Deserialize)]
44#[serde(rename_all = "snake_case")]
45pub enum PolicyAction {
46 BlockMerge,
47 BlockPush,
48 Warn,
49 RequireReview,
50 Notify,
51}
52
53#[derive(Debug, Clone, Serialize, Deserialize)]
54#[serde(rename_all = "lowercase")]
55pub enum PolicySeverity {
56 Critical,
57 High,
58 Medium,
59 Low,
60}
61
62#[derive(Debug, Clone, Serialize, Deserialize)]
63pub struct PolicyEvaluation {
64 pub policy: PolicyRule,
65 pub result: EvalResult,
66 pub details: String,
67}
68
69#[derive(Debug, Clone, Serialize, Deserialize, PartialEq)]
70#[serde(rename_all = "lowercase")]
71pub enum EvalResult {
72 Pass,
73 Fail,
74 Warn,
75}