capability_seed

Module: config::capability_seed

Contents

Structs

• CapabilitySeedConfig - [capability_seed] TOML section.
• SeedFile - On-disk shape of a seed file. Mirrors the writer in

---

firma_sidecar::config::capability_seed::CapabilitySeedConfig

Struct

[capability_seed] TOML section.

Lists pre-issued capability seed files that the sidecar loads at startup to pre-populate its CapabilityMap. Empty by default.

Fields:

• paths: Vec<std::path::PathBuf> - Paths to seed TOML files produced by firma-authority issue.

Methods:

• fn validate(self: &Self) -> Result<(), String> - Validate the section.

Trait Implementations:

• Default
  • fn default() -> CapabilitySeedConfig
• Debug
  • fn fmt(self: &Self, f: & mut $crate::fmt::Formatter) -> $crate::fmt::Result
• Deserialize
  • fn deserialize<__D>(__deserializer: __D) -> _serde::__private228::Result<Self, <__D as >::Error>
• Clone
  • fn clone(self: &Self) -> CapabilitySeedConfig

firma_sidecar::config::capability_seed::SeedFile

Struct

On-disk shape of a seed file. Mirrors the writer in crates/firma-authority/src/cli.rs (SeedFile).

Fields:

• raw_token: String - Raw PASETO v4.public token string.
• token_id: String - Token id (ULID/UUID) as written by the authority.
• agent_id: String - Agent identity bound into the token.
• session_id: String - Session identity bound into the token.
• action_set: Vec<String> - Action class set the token covers.
• resource_scope: String - Resource scope pattern.
• issued_at: chrono::DateTime<chrono::Utc> - Issuance timestamp (RFC3339).
• expiry: chrono::DateTime<chrono::Utc> - Expiry timestamp (RFC3339).
• context_hash: String - Hex-encoded context hash bound into the claims.
• budget_ceiling: Option<f64> - Optional budget ceiling.

Trait Implementations:

• Clone
  • fn clone(self: &Self) -> SeedFile
• Deserialize
  • fn deserialize<__D>(__deserializer: __D) -> _serde::__private228::Result<Self, <__D as >::Error>
• Debug
  • fn fmt(self: &Self, f: & mut $crate::fmt::Formatter) -> $crate::fmt::Result