@lucern/contracts 0.3.0-alpha.11 → 0.3.0-alpha.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/generated/convexSchemas.js +2 -2
- package/dist/generated/convexSchemas.js.map +1 -1
- package/dist/generated/infisicalRuntimeEnv.js +246 -0
- package/dist/generated/infisicalRuntimeEnv.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +439 -2
- package/dist/index.js.map +1 -1
- package/dist/infisical-runtime.contract.d.ts +26 -0
- package/dist/infisical-runtime.contract.js +31 -0
- package/dist/infisical-runtime.contract.js.map +1 -1
- package/dist/manifests/infisical-runtime-manifest.d.ts +26 -0
- package/dist/manifests/infisical-runtime-manifest.js +31 -0
- package/dist/manifests/infisical-runtime-manifest.js.map +1 -1
- package/dist/permit-principal-projection.contract.d.ts +74 -0
- package/dist/permit-principal-projection.contract.js +161 -0
- package/dist/permit-principal-projection.contract.js.map +1 -0
- package/dist/proof-attestation.json +1 -1
- package/dist/schemas/index.js +3 -1
- package/dist/schemas/index.js.map +1 -1
- package/dist/schemas/manifest.d.ts +10 -10
- package/dist/schemas/manifest.js +3 -1
- package/dist/schemas/manifest.js.map +1 -1
- package/dist/schemas/tables/controlPlane/accessControl.d.ts +2 -2
- package/dist/schemas/tables/controlPlane/accessControl.js +3 -1
- package/dist/schemas/tables/controlPlane/accessControl.js.map +1 -1
- package/package.json +1 -1
|
@@ -75,7 +75,7 @@ var CONTROL_PLANE_SCHEMA_TABLES = {
|
|
|
75
75
|
"permitPolicyDecisionReceipts": defineTable(v.object({ "action": v.string(), "audienceClass": v.optional(v.union(v.literal("internal"), v.literal("restricted_external"), v.literal("public"))), "audienceKey": v.optional(v.string()), "audienceMode": v.optional(v.string()), "createdAt": v.number(), "createdBy": v.optional(v.string()), "decision": v.union(v.literal("allow"), v.literal("deny")), "expiresAt": v.optional(v.number()), "metadata": v.optional(v.record(v.string(), v.any())), "policyBundleId": v.optional(v.string()), "policyVersion": v.string(), "principalId": v.string(), "reasonCode": v.string(), "requestId": v.optional(v.string()), "resourceId": v.string(), "resourceType": v.string(), "subjectId": v.optional(v.string()), "subjectType": v.optional(v.union(v.literal("principal"), v.literal("group"), v.literal("role_assignment"), v.literal("resource_instance"))), "tenantId": v.optional(v.string()), "traceId": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_principal_createdAt", ["principalId", "createdAt"]).index("by_tenant_createdAt", ["tenantId", "createdAt"]).index("by_resource", ["resourceType", "resourceId"]).index("by_decision_createdAt", ["decision", "createdAt"]).index("by_traceId", ["traceId"]).index("by_action", ["action"]),
|
|
76
76
|
"permitPrincipalAliases": defineTable(v.object({ "alias": v.string(), "aliasKind": v.string(), "createdAt": v.number(), "createdBy": v.string(), "metadata": v.optional(v.record(v.string(), v.any())), "principalId": v.string(), "provider": v.string(), "providerProjectId": v.optional(v.string()), "providerSubjectId": v.string(), "revokedAt": v.optional(v.number()), "revokedBy": v.optional(v.string()), "status": v.union(v.literal("active"), v.literal("invited"), v.literal("revoked"), v.literal("suspended"), v.literal("disabled")), "tenantId": v.string(), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_principalId", ["principalId"]).index("by_tenant_provider_subject", ["tenantId", "provider", "providerSubjectId"]).index("by_tenant_provider_alias", ["tenantId", "provider", "alias"]).index("by_tenant_alias", ["tenantId", "alias"]).index("by_tenant_provider_status", ["tenantId", "provider", "status"]),
|
|
77
77
|
"permitPrincipals": defineTable(v.object({ "createdAt": v.number(), "createdBy": v.string(), "displayName": v.optional(v.string()), "lastSeenAt": v.optional(v.number()), "metadata": v.optional(v.record(v.string(), v.any())), "principalId": v.string(), "principalType": v.union(v.literal("human"), v.literal("agent"), v.literal("service_principal"), v.literal("external_stakeholder"), v.literal("system")), "status": v.union(v.literal("active"), v.literal("invited"), v.literal("revoked"), v.literal("suspended"), v.literal("disabled")), "tenantId": v.string(), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_tenantId", ["tenantId"]).index("by_workspaceId", ["workspaceId"]).index("by_tenant_principalId", ["tenantId", "principalId"]).index("by_tenant_status", ["tenantId", "status"]).index("by_tenant_principalType_status", ["tenantId", "principalType", "status"]),
|
|
78
|
-
"permitProjectionOutbox": defineTable(v.object({ "attemptCount": v.number(), "createdAt": v.number(), "lastError": v.optional(v.string()), "lastHandledAt": v.optional(v.number()), "nextAttemptAt": v.optional(v.number()), "objectId": v.string(), "objectType": v.union(v.literal("resource"), v.literal("role"), v.literal("resource_role"), v.literal("resource_relation"), v.literal("tenant"), v.literal("workspace"), v.literal("principal"), v.literal("membership"), v.literal("group"), v.literal("resource_instance"), v.literal("relationship_tuple"), v.literal("role_assignment")), "operation": v.union(v.literal("upsert"), v.literal("delete"), v.literal("sync"), v.literal("resync"), v.literal("delete_sync"), v.literal("noop")), "payload": v.record(v.string(), v.any()), "permitResourceKey": v.optional(v.string()), "permitResourceType": v.optional(v.string()), "permitTenantKey": v.optional(v.string()), "principalId": v.optional(v.string()), "status": v.union(v.literal("queued"), v.literal("inflight"), v.literal("completed"), v.literal("failed"), v.literal("skipped"), v.literal("stale")), "syncKey": v.string(), "tenantId": v.optional(v.string()), "updatedAt": v.number(), "workspaceId": v.optional(v.string()) })).index("by_syncKey", ["syncKey"]).index("by_status", ["status"]).index("by_tenantId", ["tenantId"]).index("by_tenant_status", ["tenantId", "status"]).index("by_objectType", ["objectType", "status"]),
|
|
78
|
+
"permitProjectionOutbox": defineTable(v.object({ "attemptCount": v.number(), "createdAt": v.number(), "lastError": v.optional(v.string()), "lastHandledAt": v.optional(v.number()), "nextAttemptAt": v.optional(v.number()), "objectId": v.string(), "objectType": v.union(v.literal("resource"), v.literal("role"), v.literal("resource_role"), v.literal("resource_relation"), v.literal("tenant"), v.literal("workspace"), v.literal("principal"), v.literal("membership"), v.literal("group"), v.literal("resource_instance"), v.literal("relationship_tuple"), v.literal("role_assignment"), v.literal("attribute_binding"), v.literal("policy_bundle")), "operation": v.union(v.literal("upsert"), v.literal("delete"), v.literal("sync"), v.literal("resync"), v.literal("delete_sync"), v.literal("noop")), "payload": v.record(v.string(), v.any()), "permitResourceKey": v.optional(v.string()), "permitResourceType": v.optional(v.string()), "permitTenantKey": v.optional(v.string()), "principalId": v.optional(v.string()), "status": v.union(v.literal("queued"), v.literal("inflight"), v.literal("completed"), v.literal("failed"), v.literal("skipped"), v.literal("stale")), "syncKey": v.string(), "tenantId": v.optional(v.string()), "updatedAt": v.number(), "workspaceId": v.optional(v.string()) })).index("by_syncKey", ["syncKey"]).index("by_status", ["status"]).index("by_tenantId", ["tenantId"]).index("by_tenant_status", ["tenantId", "status"]).index("by_objectType", ["objectType", "status"]),
|
|
79
79
|
"permitRelationshipTuples": defineTable(v.object({ "attributes": v.optional(v.record(v.string(), v.any())), "createdAt": v.number(), "createdBy": v.string(), "lastSeenAt": v.optional(v.number()), "object": v.string(), "relation": v.string(), "resourceKey": v.optional(v.string()), "resourceType": v.optional(v.string()), "status": v.union(v.literal("queued"), v.literal("inflight"), v.literal("completed"), v.literal("failed"), v.literal("skipped"), v.literal("stale")), "subject": v.string(), "tenantId": v.string(), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_tenant_subject", ["tenantId", "subject"]).index("by_tenant_object", ["tenantId", "object"]).index("by_tenant_relation", ["tenantId", "relation"]).index("by_tenant_relation_subject", ["tenantId", "relation", "subject"]).index("by_tenant_status", ["tenantId", "status"]),
|
|
80
80
|
"permitResourceInstances": defineTable(v.object({ "attributes": v.optional(v.record(v.string(), v.any())), "createdAt": v.number(), "createdBy": v.string(), "metadata": v.optional(v.record(v.string(), v.any())), "ownerPrincipalId": v.optional(v.string()), "resourceId": v.string(), "resourceKey": v.string(), "resourceType": v.string(), "status": v.union(v.literal("active"), v.literal("deleted"), v.literal("archived")), "tenantId": v.string(), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_tenant_resource_type", ["tenantId", "resourceType"]).index("by_tenant_resource_key", ["tenantId", "resourceType", "resourceKey"]).index("by_workspaceId", ["workspaceId"]).index("by_status", ["status"]).index("by_tenant_status", ["tenantId", "status"]).index("by_ownerPrincipalId", ["ownerPrincipalId"]),
|
|
81
81
|
"permitRoleAssignments": defineTable(v.object({ "attributes": v.optional(v.record(v.string(), v.any())), "createdAt": v.number(), "expiresAt": v.optional(v.number()), "grantedBy": v.optional(v.string()), "resourceInstanceId": v.optional(v.string()), "resourceKey": v.string(), "resourceType": v.string(), "revokedBy": v.optional(v.string()), "role": v.string(), "status": v.union(v.literal("active"), v.literal("invited"), v.literal("revoked"), v.literal("suspended"), v.literal("disabled")), "targetId": v.string(), "targetType": v.union(v.literal("principal"), v.literal("group")), "tenantId": v.string(), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_tenant_target", ["tenantId", "targetType", "targetId"]).index("by_tenant_resource", ["tenantId", "resourceType", "resourceKey"]).index("by_tenant_role", ["tenantId", "role", "status"]).index("by_status", ["status"]).index("by_workspace_resource", ["workspaceId", "resourceType", "resourceKey"]),
|
|
@@ -88,7 +88,7 @@ var CONTROL_PLANE_SCHEMA_TABLES = {
|
|
|
88
88
|
"tenantConfig": defineTable(v.object({ "authPolicyMode": v.union(v.literal("open"), v.literal("invite_only"), v.literal("sso_required")), "defaultModelSlotOverrides": v.record(v.string(), v.string()), "defaultSessionTTL": v.number(), "defaultTopicVisibility": v.union(v.literal("private"), v.literal("tenant"), v.literal("public")), "featureFlags": v.record(v.string(), v.boolean()), "maxWorkspaceCount": v.number(), "tenantId": v.string(), "updatedAt": v.number(), "updatedBy": v.string() })).index("by_tenantId", ["tenantId"]),
|
|
89
89
|
"tenantIntegrations": defineTable(v.object({ "capabilities": v.array(v.union(v.literal("search"), v.literal("deep_research"), v.literal("scrape"), v.literal("summarize"), v.literal("generate"))), "category": v.union(v.literal("search"), v.literal("scraper"), v.literal("llm"), v.literal("analysis"), v.literal("custom")), "config": v.object({ "apiBaseUrl": v.string(), "authHeaderName": v.optional(v.string()), "authType": v.union(v.literal("api_key"), v.literal("bearer"), v.literal("basic"), v.literal("none")), "credentialSecretName": v.optional(v.string()), "customHeaders": v.optional(v.record(v.string(), v.any())), "defaultParams": v.optional(v.record(v.string(), v.any())), "timeout": v.optional(v.number()) }), "createdAt": v.number(), "createdBy": v.optional(v.string()), "description": v.optional(v.string()), "displayName": v.string(), "endpoints": v.optional(v.object({ "deepResearch": v.optional(v.object({ "async": v.optional(v.boolean()), "method": v.optional(v.string()), "path": v.string(), "pollIntervalMs": v.optional(v.number()), "pollPath": v.optional(v.string()), "resultPath": v.optional(v.string()) })), "scrape": v.optional(v.object({ "method": v.optional(v.string()), "path": v.string(), "resultPath": v.optional(v.string()) })), "search": v.optional(v.object({ "method": v.optional(v.string()), "path": v.string(), "queryParamName": v.optional(v.string()), "resultPath": v.optional(v.string()) })) })), "integrationKey": v.string(), "lastError": v.optional(v.string()), "lastUsedAt": v.optional(v.number()), "status": v.union(v.literal("active"), v.literal("disabled"), v.literal("error")), "tenantId": v.string(), "updatedAt": v.number(), "usageCount": v.optional(v.number()) })).index("by_tenant", ["tenantId"]).index("by_tenant_key", ["tenantId", "integrationKey"]).index("by_tenant_status", ["tenantId", "status"]),
|
|
90
90
|
"tenantModelSlotBindings": defineTable(v.object({ "bindingId": v.string(), "createdAt": v.number(), "createdBy": v.string(), "metadata": v.optional(v.record(v.string(), v.any())), "modelSlotId": v.string(), "passThroughOnly": v.boolean(), "providerId": v.string(), "revokedAt": v.optional(v.number()), "revokedBy": v.optional(v.string()), "secretRef": v.string(), "status": v.union(v.literal("active"), v.literal("revoked")), "tenantId": v.string(), "updatedAt": v.number() })).index("by_bindingId", ["bindingId"]).index("by_tenantId", ["tenantId"]).index("by_tenant_slot", ["tenantId", "modelSlotId"]).index("by_tenant_provider_slot", ["tenantId", "providerId", "modelSlotId"]).index("by_secretRef", ["secretRef"]).index("by_status", ["status"]),
|
|
91
|
-
"tenantPermitSyncStates": defineTable(v.object({ "attemptCount": v.number(), "createdAt": v.number(), "createdBy": v.string(), "desiredPayload": v.record(v.string(), v.any()), "lastAppliedPayloadHash": v.optional(v.string()), "lastError": v.optional(v.string()), "lastSyncedAt": v.optional(v.number()), "nextAttemptAt": v.optional(v.number()), "objectId": v.string(), "objectType": v.union(v.literal("resource"), v.literal("role"), v.literal("resource_role"), v.literal("resource_relation"), v.literal("tenant"), v.literal("workspace"), v.literal("principal"), v.literal("membership"), v.literal("group"), v.literal("resource_instance"), v.literal("relationship_tuple"), v.literal("role_assignment")), "permitResourceKey": v.optional(v.string()), "permitResourceType": v.optional(v.string()), "permitTenantKey": v.optional(v.string()), "principalId": v.optional(v.string()), "status": v.union(v.literal("pending"), v.literal("synced"), v.literal("error"), v.literal("skipped")), "syncKey": v.string(), "tenantId": v.optional(v.string()), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_syncKey", ["syncKey"]).index("by_status", ["status"]).index("by_tenant_status", ["tenantId", "status"]).index("by_workspace_status", ["workspaceId", "status"]).index("by_principal_status", ["principalId", "status"]),
|
|
91
|
+
"tenantPermitSyncStates": defineTable(v.object({ "attemptCount": v.number(), "createdAt": v.number(), "createdBy": v.string(), "desiredPayload": v.record(v.string(), v.any()), "lastAppliedPayloadHash": v.optional(v.string()), "lastError": v.optional(v.string()), "lastSyncedAt": v.optional(v.number()), "nextAttemptAt": v.optional(v.number()), "objectId": v.string(), "objectType": v.union(v.literal("resource"), v.literal("role"), v.literal("resource_role"), v.literal("resource_relation"), v.literal("tenant"), v.literal("workspace"), v.literal("principal"), v.literal("membership"), v.literal("group"), v.literal("resource_instance"), v.literal("relationship_tuple"), v.literal("role_assignment"), v.literal("attribute_binding"), v.literal("policy_bundle")), "permitResourceKey": v.optional(v.string()), "permitResourceType": v.optional(v.string()), "permitTenantKey": v.optional(v.string()), "principalId": v.optional(v.string()), "status": v.union(v.literal("pending"), v.literal("synced"), v.literal("error"), v.literal("skipped")), "syncKey": v.string(), "tenantId": v.optional(v.string()), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_syncKey", ["syncKey"]).index("by_status", ["status"]).index("by_tenant_status", ["tenantId", "status"]).index("by_workspace_status", ["workspaceId", "status"]).index("by_principal_status", ["principalId", "status"]),
|
|
92
92
|
"tenantPolicies": defineTable(v.object({ "createdAt": v.number(), "createdBy": v.string(), "description": v.optional(v.string()), "groupBindings": v.array(v.string()), "permissions": v.array(v.object({ "actions": v.array(v.string()), "resource": v.string() })), "roleName": v.string(), "tenantId": v.string(), "updatedAt": v.number(), "updatedBy": v.optional(v.string()), "workspaceId": v.optional(v.string()) })).index("by_tenantId", ["tenantId"]).index("by_workspaceId", ["workspaceId"]).index("by_tenant_roleName", ["tenantId", "roleName"]),
|
|
93
93
|
"tenantProviderSecrets": defineTable(v.object({ "createdAt": v.number(), "createdBy": v.string(), "encryptedSecret": v.string(), "encryptionVersion": v.string(), "keyHint": v.string(), "label": v.optional(v.string()), "lastUsedAt": v.optional(v.number()), "metadata": v.optional(v.record(v.string(), v.any())), "providerId": v.string(), "revokedAt": v.optional(v.number()), "revokedBy": v.optional(v.string()), "rotatedFromSecretRef": v.optional(v.string()), "secretFingerprint": v.string(), "secretRef": v.string(), "status": v.union(v.literal("active"), v.literal("rotated"), v.literal("revoked")), "tenantId": v.string(), "updatedAt": v.number() })).index("by_secretRef", ["secretRef"]).index("by_tenantId", ["tenantId"]).index("by_tenant_provider", ["tenantId", "providerId"]).index("by_tenant_provider_status", ["tenantId", "providerId", "status"]).index("by_status", ["status"]),
|
|
94
94
|
"tenantProxyGatewayUsage": defineTable(v.object({ "createdAt": v.number(), "estimatedCostUsd": v.optional(v.number()), "failureCode": v.optional(v.string()), "inputTokens": v.optional(v.number()), "latencyMs": v.number(), "metadata": v.optional(v.record(v.string(), v.any())), "modelId": v.optional(v.string()), "modelSlotId": v.string(), "outputTokens": v.optional(v.number()), "principalId": v.string(), "providerId": v.string(), "proxyTokenId": v.string(), "requestPath": v.string(), "responseStatus": v.optional(v.number()), "secretRef": v.string(), "sessionId": v.string(), "status": v.union(v.literal("success"), v.literal("error")), "tenantId": v.string(), "tokenCount": v.optional(v.number()), "updatedAt": v.number(), "usageId": v.string(), "workspaceId": v.optional(v.string()) })).index("by_usageId", ["usageId"]).index("by_tenantId", ["tenantId", "createdAt"]).index("by_tenant_provider", ["tenantId", "providerId", "createdAt"]).index("by_proxyTokenId", ["proxyTokenId", "createdAt"]),
|