run_audit
Module: run_audit
Section titled “Module: run_audit”Contents
Section titled “Contents”Functions
socket_path_in- Resolves the per-run audit socket path from the directory the Sidecar sharesspawn_listener- Binds the audit control socket and serves messages untilexit.
Constants
NETWORK_LOOPBACK_ACTION_CLASS- Canonical action class for a blocked loopback connection attempt.
firma_sidecar::run_audit::NETWORK_LOOPBACK_ACTION_CLASS
Section titled “firma_sidecar::run_audit::NETWORK_LOOPBACK_ACTION_CLASS”Constant: &str
Canonical action class for a blocked loopback connection attempt.
Registered in docs/markdown/firma_action_class_registry.md as an
out-of-band, audit-only class. Owned by the Sidecar because the Sidecar
signs the event and therefore owns its meaning.
firma_sidecar::run_audit::socket_path_in
Section titled “firma_sidecar::run_audit::socket_path_in”Function
Resolves the per-run audit socket path from the directory the Sidecar shares
with firma run. Kept here so the producer and consumer agree on the
filename.
fn socket_path_in(dir: &std::path::Path) -> std::path::PathBuffirma_sidecar::run_audit::spawn_listener
Section titled “firma_sidecar::run_audit::spawn_listener”Function
Binds the audit control socket and serves messages until exit.
Each accepted connection streams newline-delimited JSON [RunAuditMessage]s.
Every well-formed message is converted into an [AuditPayload] and forwarded
to audit_tx; malformed lines are logged and skipped (the enforcement that
the message describes already happened in firma run, so a parse failure
must not stall the audit pipeline).
A stale socket file at socket_path is removed before binding so a crashed
previous run does not block startup.
Errors
Section titled “Errors”Returns an error when the socket directory cannot be created or the socket cannot be bound.
fn spawn_listener(socket_path: std::path::PathBuf, audit_tx: mpsc::Sender<crate::audit::AuditPayload>, exit: tokio_util::sync::CancellationToken) -> anyhow::Result<tokio::task::JoinHandle<()>>