issue
Module: capability::issue
Section titled “Module: capability::issue”Contents
Section titled “Contents”Structs
IssueParams- Inputs for a single capability mint.
Functions
mint_and_write- Mint a capability and write the seed file. Returns the written path.
Constants
DEFAULT_REQUESTED_ACTIONS- Default action set requested when none is configured.DEFAULT_RESOURCE_SCOPE- Default resource scope.DEFAULT_TTL_SECONDS- Default capability TTL in seconds (15 minutes).
firma_run::capability::issue::DEFAULT_REQUESTED_ACTIONS
Section titled “firma_run::capability::issue::DEFAULT_REQUESTED_ACTIONS”Constant: &[&str]
Default action set requested when none is configured.
Covers provider egress plus the GitHub action classes the dev posture grants. Codex expects the workspace to be a Git repository and probes Git and the GitHub API on startup, so the dev capability must cover those calls or they fail closed to DENY:
code.review.readclassifies theCONNECT api.github.comtunnel in non-MITM proxy mode.code.readclassifies decryptedGET /repos/...reads under MITM.code.writeclassifies theCONNECT github.comGit HTTPS transport (clone/fetch/push).
firma_run::capability::issue::DEFAULT_RESOURCE_SCOPE
Section titled “firma_run::capability::issue::DEFAULT_RESOURCE_SCOPE”Constant: &str
Default resource scope.
firma_run::capability::issue::DEFAULT_TTL_SECONDS
Section titled “firma_run::capability::issue::DEFAULT_TTL_SECONDS”Constant: i32
Default capability TTL in seconds (15 minutes).
Chosen to be long enough to cover typical agent sessions while short enough to limit token exposure if a seed file is leaked.
firma_run::capability::issue::IssueParams
Section titled “firma_run::capability::issue::IssueParams”Struct
Inputs for a single capability mint.
Fields:
authority_url: String- Authority gRPC URL.authority_pub_key_path: std::path::PathBuf- Path to the Authority’s Ed25519 public key (for local verification).authority_ca_cert_path: Option<std::path::PathBuf>- Optional PEM CA cert path for anhttps://Authority.credentials: Option<firma_sidecar::authority_credentials::ResolvedSidecarCredentials>- Optional Sidecar credentials for the Authority request.agent_id: String- Agent identity to bind into the request.session_id: String- Session identity to bind into the request.requested_actions: Vec<String>- Action classes requested.resource_scope: String- Resource scope requested.ttl_seconds: i32- Requested TTL in seconds.
Trait Implementations:
- Clone
fn clone(self: &Self) -> IssueParams
- Debug
fn fmt(self: &Self, f: & mut $crate::fmt::Formatter) -> $crate::fmt::Result
firma_run::capability::issue::mint_and_write
Section titled “firma_run::capability::issue::mint_and_write”Function
Mint a capability and write the seed file. Returns the written path.
Runs the async RPC inside a scoped current-thread tokio runtime so the
synchronous firma run call path is unchanged.
Errors
Section titled “Errors”- [
RunError::AuthorityUnreachable] on channel/transport/connect failure. - [
RunError::CapabilityDenied] when the Authority returnsgranted=false. - [
RunError::Capability] on verification, encoding, or file-write failure.
fn mint_and_write(params: &IssueParams, out_path: &std::path::Path) -> Result<std::path::PathBuf, crate::error::RunError>