@qlever-llc/trellis 0.6.1 → 0.7.0-rc.3

package/esm/auth/workload_activation.d.ts

@@ -1,192 +0,0 @@
-import type { StaticDecode } from "typebox";
-import { Type } from "typebox";
-import type { NatsAuthTokenV1 } from "./schemas.js";
-import { AuthActivateWorkloadResponseSchema, AuthActivateWorkloadSchema, AuthGetWorkloadActivationStatusResponseSchema, AuthGetWorkloadActivationStatusSchema, AuthGetWorkloadConnectInfoResponseSchema, AuthGetWorkloadConnectInfoSchema, AuthListWorkloadActivationsResponseSchema, AuthListWorkloadActivationsSchema, AuthRevokeWorkloadActivationResponseSchema, AuthRevokeWorkloadActivationSchema, WaitForWorkloadActivationResponseSchema } from "./protocol.js";
-export declare const WorkloadActivationPayloadSchema: Type.TObject<{
-    v: Type.TLiteral<1>;
-    publicIdentityKey: Type.TString;
-    nonce: Type.TString;
-    qrMac: Type.TString;
-}>;
-export declare const WorkloadActivationWaitRequestSchema: Type.TObject<{
-    publicIdentityKey: Type.TString;
-    nonce: Type.TString;
-    contractDigest: Type.TOptional<Type.TString>;
-    iat: Type.TNumber;
-    sig: Type.TString;
-}>;
-export type WorkloadActivationPayload = StaticDecode<typeof WorkloadActivationPayloadSchema>;
-export type WorkloadActivationWaitRequest = StaticDecode<typeof WorkloadActivationWaitRequestSchema>;
-export type WaitForWorkloadActivationResponse = StaticDecode<typeof WaitForWorkloadActivationResponseSchema>;
-export type AuthActivateWorkloadInput = StaticDecode<typeof AuthActivateWorkloadSchema>;
-export type AuthActivateWorkloadOutput = StaticDecode<typeof AuthActivateWorkloadResponseSchema>;
-export type AuthGetWorkloadActivationStatusInput = StaticDecode<typeof AuthGetWorkloadActivationStatusSchema>;
-export type AuthGetWorkloadActivationStatusOutput = StaticDecode<typeof AuthGetWorkloadActivationStatusResponseSchema>;
-export type AuthListWorkloadActivationsInput = StaticDecode<typeof AuthListWorkloadActivationsSchema>;
-export type AuthListWorkloadActivationsOutput = StaticDecode<typeof AuthListWorkloadActivationsResponseSchema>;
-export type AuthRevokeWorkloadActivationInput = StaticDecode<typeof AuthRevokeWorkloadActivationSchema>;
-export type AuthRevokeWorkloadActivationResponse = StaticDecode<typeof AuthRevokeWorkloadActivationResponseSchema>;
-export type GetWorkloadConnectInfoInput = StaticDecode<typeof AuthGetWorkloadConnectInfoSchema>;
-export type GetWorkloadConnectInfoOutput = StaticDecode<typeof AuthGetWorkloadConnectInfoResponseSchema>;
-export type WorkloadIdentity = {
-    identitySeed: Uint8Array;
-    identitySeedBase64url: string;
-    publicIdentityKey: string;
-    activationKey: Uint8Array;
-    activationKeyBase64url: string;
-};
-type WorkloadActivationRpcMethod = "Auth.ActivateWorkload" | "Auth.GetWorkloadActivationStatus" | "Auth.ListWorkloadActivations" | "Auth.RevokeWorkloadActivation" | "Auth.GetWorkloadConnectInfo";
-type WorkloadActivationRpcInputMap = {
-    "Auth.ActivateWorkload": AuthActivateWorkloadInput;
-    "Auth.GetWorkloadActivationStatus": AuthGetWorkloadActivationStatusInput;
-    "Auth.ListWorkloadActivations": AuthListWorkloadActivationsInput;
-    "Auth.RevokeWorkloadActivation": AuthRevokeWorkloadActivationInput;
-    "Auth.GetWorkloadConnectInfo": GetWorkloadConnectInfoInput;
-};
-type WorkloadActivationRpcOutputMap = {
-    "Auth.ActivateWorkload": AuthActivateWorkloadOutput;
-    "Auth.GetWorkloadActivationStatus": AuthGetWorkloadActivationStatusOutput;
-    "Auth.ListWorkloadActivations": AuthListWorkloadActivationsOutput;
-    "Auth.RevokeWorkloadActivation": AuthRevokeWorkloadActivationResponse;
-    "Auth.GetWorkloadConnectInfo": GetWorkloadConnectInfoOutput;
-};
-type RequestClient = {
-    requestOrThrow<M extends WorkloadActivationRpcMethod>(method: M, input: WorkloadActivationRpcInputMap[M], opts?: unknown): Promise<WorkloadActivationRpcOutputMap[M]>;
-};
-export type WorkloadActivationTransport = RequestClient;
-export declare function deriveWorkloadIdentity(workloadRootSecret: Uint8Array): Promise<WorkloadIdentity>;
-export declare function deriveWorkloadQrMac(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-}): Promise<string>;
-export declare function buildWorkloadActivationPayload(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-}): Promise<WorkloadActivationPayload>;
-export declare function encodeWorkloadActivationPayload(payload: WorkloadActivationPayload): string;
-export declare function parseWorkloadActivationPayload(value: string): WorkloadActivationPayload;
-export declare function buildWorkloadActivationUrl(args: {
-    trellisUrl: string;
-    payload: WorkloadActivationPayload | string;
-}): string;
-export declare function deriveWorkloadConfirmationCode(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-}): Promise<string>;
-export declare function verifyWorkloadConfirmationCode(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-    confirmationCode: string;
-}): Promise<boolean>;
-export declare function buildWorkloadWaitProofInput(publicIdentityKey: string, nonce: string, iat: number): Uint8Array;
-export declare function signWorkloadWaitRequest(args: {
-    publicIdentityKey: string;
-    nonce: string;
-    identitySeed: Uint8Array | string;
-    contractDigest?: string;
-    iat?: number;
-}): Promise<WorkloadActivationWaitRequest>;
-export declare function createWorkloadNatsAuthToken(args: {
-    publicIdentityKey: string;
-    identitySeed: Uint8Array | string;
-    contractDigest: string;
-    iat?: number;
-}): Promise<NatsAuthTokenV1 & {
-    contractDigest: string;
-}>;
-export declare function waitForWorkloadActivation(args: {
-    trellisUrl: string;
-    publicIdentityKey: string;
-    nonce: string;
-    identitySeed: Uint8Array | string;
-    contractDigest: string;
-    signal?: AbortSignal;
-    pollIntervalMs?: number;
-}): Promise<Extract<WaitForWorkloadActivationResponse, {
-    status: "activated";
-}>>;
-export declare function getWorkloadConnectInfo(args: {
-    trellisUrl: string;
-    publicIdentityKey: string;
-    identitySeed: Uint8Array | string;
-    contractDigest: string;
-    iat?: number;
-}): Promise<GetWorkloadConnectInfoOutput>;
-export declare function createWorkloadActivationClient(client: WorkloadActivationTransport): {
-    activateWorkload(input: AuthActivateWorkloadInput): Promise<{
-        confirmationCode?: string | undefined;
-        status: "activated";
-        profileId: string;
-        instanceId: string;
-        activatedAt: string;
-    } | {
-        status: "pending_review";
-        profileId: string;
-        instanceId: string;
-        reviewId: string;
-        requestedAt: string;
-    } | {
-        reason?: string | undefined;
-        status: "rejected";
-    }>;
-    getWorkloadActivationStatus(input: AuthGetWorkloadActivationStatusInput): Promise<{
-        confirmationCode?: string | undefined;
-        status: "activated";
-        profileId: string;
-        instanceId: string;
-        activatedAt: string;
-    } | {
-        status: "pending_review";
-        profileId: string;
-        instanceId: string;
-        reviewId: string;
-        requestedAt: string;
-    } | {
-        reason?: string | undefined;
-        status: "rejected";
-    }>;
-    listWorkloadActivations(input?: AuthListWorkloadActivationsInput): Promise<{
-        activations: {
-            activatedBy?: {
-                id: string;
-                origin: string;
-            } | undefined;
-            profileId: string;
-            instanceId: string;
-            publicIdentityKey: string;
-            state: "activated" | "revoked";
-            activatedAt: string;
-            revokedAt: string | null;
-        }[];
-    }>;
-    revokeWorkloadActivation(input: AuthRevokeWorkloadActivationInput): Promise<{
-        success: boolean;
-    }>;
-    getWorkloadConnectInfo(input: GetWorkloadConnectInfoInput): Promise<{
-        status: "ready";
-        connectInfo: {
-            contractDigest: string;
-            contractId: string;
-            profileId: string;
-            instanceId: string;
-            transport: {
-                sentinel: {
-                    jwt: string;
-                    seed: string;
-                };
-                natsServers: string[];
-            };
-            auth: {
-                mode: "workload_identity";
-                iatSkewSeconds: number;
-            };
-        };
-    }>;
-};
-export declare function verifyWorkloadWaitSignature(input: WorkloadActivationWaitRequest): Promise<boolean>;
-export {};
-//# sourceMappingURL=workload_activation.d.ts.map

package/esm/auth/workload_activation.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"workload_activation.d.ts","sourceRoot":"","sources":["../../src/auth/workload_activation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAQ/B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EACL,kCAAkC,EAClC,0BAA0B,EAC1B,6CAA6C,EAC7C,qCAAqC,EACrC,wCAAwC,EACxC,gCAAgC,EAChC,yCAAyC,EACzC,iCAAiC,EACjC,0CAA0C,EAC1C,kCAAkC,EAClC,uCAAuC,EACxC,MAAM,eAAe,CAAC;AAUvB,eAAO,MAAM,+BAA+B;;;;;EAKT,CAAC;AAEpC,eAAO,MAAM,mCAAmC;;;;;;EAMb,CAAC;AAEpC,MAAM,MAAM,yBAAyB,GAAG,YAAY,CAAC,OAAO,+BAA+B,CAAC,CAAC;AAC7F,MAAM,MAAM,6BAA6B,GAAG,YAAY,CAAC,OAAO,mCAAmC,CAAC,CAAC;AACrG,MAAM,MAAM,iCAAiC,GAAG,YAAY,CAAC,OAAO,uCAAuC,CAAC,CAAC;AAC7G,MAAM,MAAM,yBAAyB,GAAG,YAAY,CAAC,OAAO,0BAA0B,CAAC,CAAC;AACxF,MAAM,MAAM,0BAA0B,GAAG,YAAY,CAAC,OAAO,kCAAkC,CAAC,CAAC;AACjG,MAAM,MAAM,oCAAoC,GAAG,YAAY,CAAC,OAAO,qCAAqC,CAAC,CAAC;AAC9G,MAAM,MAAM,qCAAqC,GAAG,YAAY,CAAC,OAAO,6CAA6C,CAAC,CAAC;AACvH,MAAM,MAAM,gCAAgC,GAAG,YAAY,CAAC,OAAO,iCAAiC,CAAC,CAAC;AACtG,MAAM,MAAM,iCAAiC,GAAG,YAAY,CAAC,OAAO,yCAAyC,CAAC,CAAC;AAC/G,MAAM,MAAM,iCAAiC,GAAG,YAAY,CAAC,OAAO,kCAAkC,CAAC,CAAC;AACxG,MAAM,MAAM,oCAAoC,GAAG,YAAY,CAAC,OAAO,0CAA0C,CAAC,CAAC;AACnH,MAAM,MAAM,2BAA2B,GAAG,YAAY,CAAC,OAAO,gCAAgC,CAAC,CAAC;AAChG,MAAM,MAAM,4BAA4B,GAAG,YAAY,CAAC,OAAO,wCAAwC,CAAC,CAAC;AAEzG,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,EAAE,UAAU,CAAC;IACzB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,UAAU,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,KAAK,2BAA2B,GAC5B,uBAAuB,GACvB,kCAAkC,GAClC,8BAA8B,GAC9B,+BAA+B,GAC/B,6BAA6B,CAAC;AAElC,KAAK,6BAA6B,GAAG;IACnC,uBAAuB,EAAE,yBAAyB,CAAC;IACnD,kCAAkC,EAAE,oCAAoC,CAAC;IACzE,8BAA8B,EAAE,gCAAgC,CAAC;IACjE,+BAA+B,EAAE,iCAAiC,CAAC;IACnE,6BAA6B,EAAE,2BAA2B,CAAC;CAC5D,CAAC;AAEF,KAAK,8BAA8B,GAAG;IACpC,uBAAuB,EAAE,0BAA0B,CAAC;IACpD,kCAAkC,EAAE,qCAAqC,CAAC;IAC1E,8BAA8B,EAAE,iCAAiC,CAAC;IAClE,+BAA+B,EAAE,oCAAoC,CAAC;IACtE,6BAA6B,EAAE,4BAA4B,CAAC;CAC7D,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,cAAc,CAAC,CAAC,SAAS,2BAA2B,EAClD,MAAM,EAAE,CAAC,EACT,KAAK,EAAE,6BAA6B,CAAC,CAAC,CAAC,EACvC,IAAI,CAAC,EAAE,OAAO,GACb,OAAO,CAAC,8BAA8B,CAAC,CAAC,CAAC,CAAC,CAAC;CAC/C,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG,aAAa,CAAC;AA4FxD,wBAAsB,sBAAsB,CAAC,kBAAkB,EAAE,UAAU,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAgBtG;AAED,wBAAsB,mBAAmB,CAAC,KAAK,EAAE;IAC/C,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAWlB;AAED,wBAAsB,8BAA8B,CAAC,KAAK,EAAE;IAC1D,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAQrC;AAED,wBAAgB,+BAA+B,CAAC,OAAO,EAAE,yBAAyB,GAAG,MAAM,CAE1F;AAED,wBAAgB,8BAA8B,CAAC,KAAK,EAAE,MAAM,GAAG,yBAAyB,CAOvF;AAED,wBAAgB,0BAA0B,CAAC,IAAI,EAAE;IAC/C,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,yBAAyB,GAAG,MAAM,CAAC;CAC7C,GAAG,MAAM,CAQT;AAED,wBAAsB,8BAA8B,CAAC,KAAK,EAAE;IAC1D,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAWlB;AAED,wBAAsB,8BAA8B,CAAC,KAAK,EAAE;IAC1D,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB,EAAE,MAAM,CAAC;CAC1B,GAAG,OAAO,CAAC,OAAO,CAAC,CAGnB;AAED,wBAAgB,2BAA2B,CACzC,iBAAiB,EAAE,MAAM,EACzB,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,MAAM,GACV,UAAU,CAwBZ;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE;IAClD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,6BAA6B,CAAC,CAczC;AAED,wBAAsB,2BAA2B,CAAC,IAAI,EAAE;IACtD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,eAAe,GAAG;IAAE,cAAc,EAAE,MAAM,CAAA;CAAE,CAAC,CAaxD;AAED,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,OAAO,CAAC,OAAO,CAAC,iCAAiC,EAAE;IAAE,MAAM,EAAE,WAAW,CAAA;CAAE,CAAC,CAAC,CA0B/E;AAED,wBAAsB,sBAAsB,CAAC,IAAI,EAAE;IACjD,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,4BAA4B,CAAC,CA2BxC;AAED,wBAAgB,8BAA8B,CAAC,MAAM,EAAE,2BAA2B;4BAEtD,yBAAyB;;;;;;;;;;;;;;;;uCAGd,oCAAoC;;;;;;;;;;;;;;;;oCAGxC,gCAAgC;;;;;;;;;;;;;;oCAG/B,iCAAiC;;;kCAGnC,2BAA2B;;;;;;;;;;;;;;;;;;;;EAI5D;AAED,wBAAsB,2BAA2B,CAAC,KAAK,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC,CASxG"}

package/esm/trellis/workload.d.ts

@@ -1,45 +0,0 @@
-import { type NatsConnection } from "@nats-io/nats-core";
-import type { ClientOpts } from "./client.js";
-import type { TrellisAPI } from "./contracts.js";
-import type { TrellisAuth, Trellis } from "./trellis.js";
-type WorkloadContract<TApi extends TrellisAPI = TrellisAPI> = {
-    CONTRACT_ID: string;
-    CONTRACT_DIGEST: string;
-    API: {
-        trellis: TApi;
-    };
-    createClient(nats: NatsConnection, auth: TrellisAuth, opts?: ClientOpts): Trellis<TApi>;
-};
-type WorkloadConnectTransport = {
-    connect(options: {
-        servers: string | string[];
-        token?: string;
-        authenticator?: unknown;
-        inboxPrefix?: string;
-    }): Promise<NatsConnection>;
-};
-type WorkloadConnectDeps = {
-    loadTransport(): Promise<WorkloadConnectTransport>;
-    now(): number;
-};
-export type WorkloadActivationController = {
-    url: string;
-    waitForOnlineApproval(opts?: {
-        signal?: AbortSignal;
-    }): Promise<void>;
-    acceptConfirmationCode(code: string): Promise<void>;
-};
-export type TrellisWorkloadConnectArgs<TApi extends TrellisAPI = TrellisAPI> = {
-    authUrl: string;
-    contract: WorkloadContract<TApi>;
-    rootSecret: Uint8Array | string;
-    onActivationRequired?(activation: WorkloadActivationController): Promise<void>;
-};
-declare function runtimeImport<TModule>(specifier: string): Promise<TModule>;
-export declare function loadDefaultTransport(importModule?: typeof runtimeImport): Promise<WorkloadConnectTransport>;
-export declare function connectWorkloadWithDeps<TApi extends TrellisAPI>(args: TrellisWorkloadConnectArgs<TApi>, deps: WorkloadConnectDeps): Promise<Trellis<TApi>>;
-export declare class TrellisWorkload {
-    static connect<TApi extends TrellisAPI>(args: TrellisWorkloadConnectArgs<TApi>): Promise<Trellis<TApi>>;
-}
-export {};
-//# sourceMappingURL=workload.d.ts.map

package/esm/trellis/workload.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"workload.d.ts","sourceRoot":"","sources":["../../src/trellis/workload.ts"],"names":[],"mappings":"AACA,OAAO,EAAoB,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAY3E,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEzD,KAAK,gBAAgB,CAAC,IAAI,SAAS,UAAU,GAAG,UAAU,IAAI;IAC5D,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,GAAG,EAAE;QACH,OAAO,EAAE,IAAI,CAAC;KACf,CAAC;IACF,YAAY,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACzF,CAAC;AAEF,KAAK,wBAAwB,GAAG;IAC9B,OAAO,CAAC,OAAO,EAAE;QACf,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;CAC7B,CAAC;AAEF,KAAK,mBAAmB,GAAG;IACzB,aAAa,IAAI,OAAO,CAAC,wBAAwB,CAAC,CAAC;IACnD,GAAG,IAAI,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IACzC,GAAG,EAAE,MAAM,CAAC;IACZ,qBAAqB,CAAC,IAAI,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,WAAW,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACtE,sBAAsB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACrD,CAAC;AAEF,MAAM,MAAM,0BAA0B,CAAC,IAAI,SAAS,UAAU,GAAG,UAAU,IAAI;IAC7E,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACjC,UAAU,EAAE,UAAU,GAAG,MAAM,CAAC;IAChC,oBAAoB,CAAC,CAAC,UAAU,EAAE,4BAA4B,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAChF,CAAC;AAqBF,iBAAe,aAAa,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAKzE;AAED,wBAAsB,oBAAoB,CACxC,YAAY,GAAE,OAAO,aAA6B,GACjD,OAAO,CAAC,wBAAwB,CAAC,CAenC;AAgBD,wBAAsB,uBAAuB,CAAC,IAAI,SAAS,UAAU,EACnE,IAAI,EAAE,0BAA0B,CAAC,IAAI,CAAC,EACtC,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAmGxB;AAED,qBAAa,eAAe;IAC1B,MAAM,CAAC,OAAO,CAAC,IAAI,SAAS,UAAU,EACpC,IAAI,EAAE,0BAA0B,CAAC,IAAI,CAAC,GACrC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;CAG1B"}

package/esm/trellis/workload.js

@@ -1,144 +0,0 @@
-import * as dntShim from "../_dnt.shims.js";
-import { jwtAuthenticator } from "@nats-io/nats-core";
-import { base64urlDecode, buildWorkloadActivationPayload, buildWorkloadActivationUrl, createWorkloadNatsAuthToken, deriveWorkloadIdentity, getWorkloadConnectInfo, verifyWorkloadConfirmationCode, waitForWorkloadActivation, } from "./auth.js";
-function normalizeRootSecret(rootSecret) {
-    if (typeof rootSecret === "string") {
-        const decoded = base64urlDecode(rootSecret.trim());
-        if (decoded.length === 0)
-            throw new Error("rootSecret must not be empty");
-        return decoded;
-    }
-    if (rootSecret.length === 0)
-        throw new Error("rootSecret must not be empty");
-    return rootSecret;
-}
-async function signIdentityBytes(identitySeed, data) {
-    const { importEd25519PrivateKeyFromSeedBase64url } = await import("../auth/keys.js");
-    const { base64urlEncode, toArrayBuffer } = await import("../auth/utils.js");
-    const privateKey = await importEd25519PrivateKeyFromSeedBase64url(base64urlEncode(identitySeed));
-    return new Uint8Array(await crypto.subtle.sign("Ed25519", privateKey, toArrayBuffer(data)));
-}
-async function runtimeImport(specifier) {
-    const load = new Function("specifier", "return import(specifier);");
-    return await load(specifier);
-}
-export async function loadDefaultTransport(importModule = runtimeImport) {
-    if ("Deno" in dntShim.dntGlobalThis) {
-        const mod = await importModule("@nats-io/nats-core");
-        return {
-            connect: mod.wsconnect,
-        };
-    }
-    const mod = await runtimeImport("@nats-io/transport-node");
-    return {
-        connect: mod.connect,
-    };
-}
-const defaultDeps = {
-    loadTransport: loadDefaultTransport,
-    now: () => Date.now(),
-};
-function activationRequiredError() {
-    return new Error("Workload activation required but no activation handler was provided");
-}
-function isConnectInfoUnavailable(error) {
-    const message = error instanceof Error ? error.message : String(error);
-    return message.includes("404") || message.includes("unknown_workload");
-}
-export async function connectWorkloadWithDeps(args, deps) {
-    const rootSecret = normalizeRootSecret(args.rootSecret);
-    const identity = await deriveWorkloadIdentity(rootSecret);
-    const contractDigest = args.contract.CONTRACT_DIGEST;
-    let connectInfo = null;
-    try {
-        connectInfo = (await getWorkloadConnectInfo({
-            trellisUrl: args.authUrl,
-            publicIdentityKey: identity.publicIdentityKey,
-            identitySeed: identity.identitySeed,
-            contractDigest,
-        })).connectInfo;
-    }
-    catch (error) {
-        if (!isConnectInfoUnavailable(error))
-            throw error;
-    }
-    if (!connectInfo) {
-        if (!args.onActivationRequired)
-            throw activationRequiredError();
-        const nonce = crypto.randomUUID();
-        const payload = await buildWorkloadActivationPayload({
-            activationKey: identity.activationKey,
-            publicIdentityKey: identity.publicIdentityKey,
-            nonce,
-        });
-        const activationUrl = buildWorkloadActivationUrl({
-            trellisUrl: args.authUrl,
-            payload,
-        });
-        let activationCompleted = false;
-        let onlineConnectInfo = null;
-        await args.onActivationRequired({
-            url: activationUrl,
-            waitForOnlineApproval: async (opts) => {
-                if (activationCompleted)
-                    return;
-                const activation = await waitForWorkloadActivation({
-                    trellisUrl: args.authUrl,
-                    publicIdentityKey: identity.publicIdentityKey,
-                    nonce,
-                    identitySeed: identity.identitySeed,
-                    contractDigest,
-                    signal: opts?.signal,
-                });
-                onlineConnectInfo = activation.connectInfo;
-                activationCompleted = true;
-            },
-            acceptConfirmationCode: async (code) => {
-                if (activationCompleted)
-                    return;
-                const ok = await verifyWorkloadConfirmationCode({
-                    activationKey: identity.activationKey,
-                    publicIdentityKey: identity.publicIdentityKey,
-                    nonce,
-                    confirmationCode: code,
-                });
-                if (!ok) {
-                    throw new Error("Invalid workload confirmation code");
-                }
-                activationCompleted = true;
-            },
-        });
-        if (!activationCompleted) {
-            throw new Error("Workload activation did not complete");
-        }
-        connectInfo = onlineConnectInfo ?? (await getWorkloadConnectInfo({
-            trellisUrl: args.authUrl,
-            publicIdentityKey: identity.publicIdentityKey,
-            identitySeed: identity.identitySeed,
-            contractDigest,
-        })).connectInfo;
-    }
-    const transport = await deps.loadTransport();
-    const iat = Math.floor(deps.now() / 1_000);
-    const authToken = await createWorkloadNatsAuthToken({
-        publicIdentityKey: identity.publicIdentityKey,
-        identitySeed: identity.identitySeed,
-        contractDigest,
-        iat,
-    });
-    const nc = await transport.connect({
-        servers: connectInfo.transport.natsServers,
-        token: JSON.stringify(authToken),
-        inboxPrefix: `_INBOX.${identity.publicIdentityKey.slice(0, 16)}`,
-        authenticator: jwtAuthenticator(connectInfo.transport.sentinel.jwt, new TextEncoder().encode(connectInfo.transport.sentinel.seed)),
-    });
-    return args.contract.createClient(nc, {
-        sessionKey: identity.publicIdentityKey,
-        sign: (data) => signIdentityBytes(identity.identitySeed, data),
-    });
-}
-export class TrellisWorkload {
-    static connect(args) {
-        return connectWorkloadWithDeps(args, defaultDeps);
-    }
-}

package/script/auth/workload_activation.d.ts

@@ -1,192 +0,0 @@
-import type { StaticDecode } from "typebox";
-import { Type } from "typebox";
-import type { NatsAuthTokenV1 } from "./schemas.ts";
-import { AuthActivateWorkloadResponseSchema, AuthActivateWorkloadSchema, AuthGetWorkloadActivationStatusResponseSchema, AuthGetWorkloadActivationStatusSchema, AuthGetWorkloadConnectInfoResponseSchema, AuthGetWorkloadConnectInfoSchema, AuthListWorkloadActivationsResponseSchema, AuthListWorkloadActivationsSchema, AuthRevokeWorkloadActivationResponseSchema, AuthRevokeWorkloadActivationSchema, WaitForWorkloadActivationResponseSchema } from "./protocol.ts";
-export declare const WorkloadActivationPayloadSchema: Type.TObject<{
-    v: Type.TLiteral<1>;
-    publicIdentityKey: Type.TString;
-    nonce: Type.TString;
-    qrMac: Type.TString;
-}>;
-export declare const WorkloadActivationWaitRequestSchema: Type.TObject<{
-    publicIdentityKey: Type.TString;
-    nonce: Type.TString;
-    contractDigest: Type.TOptional<Type.TString>;
-    iat: Type.TNumber;
-    sig: Type.TString;
-}>;
-export type WorkloadActivationPayload = StaticDecode<typeof WorkloadActivationPayloadSchema>;
-export type WorkloadActivationWaitRequest = StaticDecode<typeof WorkloadActivationWaitRequestSchema>;
-export type WaitForWorkloadActivationResponse = StaticDecode<typeof WaitForWorkloadActivationResponseSchema>;
-export type AuthActivateWorkloadInput = StaticDecode<typeof AuthActivateWorkloadSchema>;
-export type AuthActivateWorkloadOutput = StaticDecode<typeof AuthActivateWorkloadResponseSchema>;
-export type AuthGetWorkloadActivationStatusInput = StaticDecode<typeof AuthGetWorkloadActivationStatusSchema>;
-export type AuthGetWorkloadActivationStatusOutput = StaticDecode<typeof AuthGetWorkloadActivationStatusResponseSchema>;
-export type AuthListWorkloadActivationsInput = StaticDecode<typeof AuthListWorkloadActivationsSchema>;
-export type AuthListWorkloadActivationsOutput = StaticDecode<typeof AuthListWorkloadActivationsResponseSchema>;
-export type AuthRevokeWorkloadActivationInput = StaticDecode<typeof AuthRevokeWorkloadActivationSchema>;
-export type AuthRevokeWorkloadActivationResponse = StaticDecode<typeof AuthRevokeWorkloadActivationResponseSchema>;
-export type GetWorkloadConnectInfoInput = StaticDecode<typeof AuthGetWorkloadConnectInfoSchema>;
-export type GetWorkloadConnectInfoOutput = StaticDecode<typeof AuthGetWorkloadConnectInfoResponseSchema>;
-export type WorkloadIdentity = {
-    identitySeed: Uint8Array;
-    identitySeedBase64url: string;
-    publicIdentityKey: string;
-    activationKey: Uint8Array;
-    activationKeyBase64url: string;
-};
-type WorkloadActivationRpcMethod = "Auth.ActivateWorkload" | "Auth.GetWorkloadActivationStatus" | "Auth.ListWorkloadActivations" | "Auth.RevokeWorkloadActivation" | "Auth.GetWorkloadConnectInfo";
-type WorkloadActivationRpcInputMap = {
-    "Auth.ActivateWorkload": AuthActivateWorkloadInput;
-    "Auth.GetWorkloadActivationStatus": AuthGetWorkloadActivationStatusInput;
-    "Auth.ListWorkloadActivations": AuthListWorkloadActivationsInput;
-    "Auth.RevokeWorkloadActivation": AuthRevokeWorkloadActivationInput;
-    "Auth.GetWorkloadConnectInfo": GetWorkloadConnectInfoInput;
-};
-type WorkloadActivationRpcOutputMap = {
-    "Auth.ActivateWorkload": AuthActivateWorkloadOutput;
-    "Auth.GetWorkloadActivationStatus": AuthGetWorkloadActivationStatusOutput;
-    "Auth.ListWorkloadActivations": AuthListWorkloadActivationsOutput;
-    "Auth.RevokeWorkloadActivation": AuthRevokeWorkloadActivationResponse;
-    "Auth.GetWorkloadConnectInfo": GetWorkloadConnectInfoOutput;
-};
-type RequestClient = {
-    requestOrThrow<M extends WorkloadActivationRpcMethod>(method: M, input: WorkloadActivationRpcInputMap[M], opts?: unknown): Promise<WorkloadActivationRpcOutputMap[M]>;
-};
-export type WorkloadActivationTransport = RequestClient;
-export declare function deriveWorkloadIdentity(workloadRootSecret: Uint8Array): Promise<WorkloadIdentity>;
-export declare function deriveWorkloadQrMac(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-}): Promise<string>;
-export declare function buildWorkloadActivationPayload(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-}): Promise<WorkloadActivationPayload>;
-export declare function encodeWorkloadActivationPayload(payload: WorkloadActivationPayload): string;
-export declare function parseWorkloadActivationPayload(value: string): WorkloadActivationPayload;
-export declare function buildWorkloadActivationUrl(args: {
-    trellisUrl: string;
-    payload: WorkloadActivationPayload | string;
-}): string;
-export declare function deriveWorkloadConfirmationCode(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-}): Promise<string>;
-export declare function verifyWorkloadConfirmationCode(input: {
-    activationKey: Uint8Array | string;
-    publicIdentityKey: string;
-    nonce: string;
-    confirmationCode: string;
-}): Promise<boolean>;
-export declare function buildWorkloadWaitProofInput(publicIdentityKey: string, nonce: string, iat: number): Uint8Array;
-export declare function signWorkloadWaitRequest(args: {
-    publicIdentityKey: string;
-    nonce: string;
-    identitySeed: Uint8Array | string;
-    contractDigest?: string;
-    iat?: number;
-}): Promise<WorkloadActivationWaitRequest>;
-export declare function createWorkloadNatsAuthToken(args: {
-    publicIdentityKey: string;
-    identitySeed: Uint8Array | string;
-    contractDigest: string;
-    iat?: number;
-}): Promise<NatsAuthTokenV1 & {
-    contractDigest: string;
-}>;
-export declare function waitForWorkloadActivation(args: {
-    trellisUrl: string;
-    publicIdentityKey: string;
-    nonce: string;
-    identitySeed: Uint8Array | string;
-    contractDigest: string;
-    signal?: AbortSignal;
-    pollIntervalMs?: number;
-}): Promise<Extract<WaitForWorkloadActivationResponse, {
-    status: "activated";
-}>>;
-export declare function getWorkloadConnectInfo(args: {
-    trellisUrl: string;
-    publicIdentityKey: string;
-    identitySeed: Uint8Array | string;
-    contractDigest: string;
-    iat?: number;
-}): Promise<GetWorkloadConnectInfoOutput>;
-export declare function createWorkloadActivationClient(client: WorkloadActivationTransport): {
-    activateWorkload(input: AuthActivateWorkloadInput): Promise<{
-        confirmationCode?: string | undefined;
-        status: "activated";
-        profileId: string;
-        instanceId: string;
-        activatedAt: string;
-    } | {
-        status: "pending_review";
-        profileId: string;
-        instanceId: string;
-        reviewId: string;
-        requestedAt: string;
-    } | {
-        reason?: string | undefined;
-        status: "rejected";
-    }>;
-    getWorkloadActivationStatus(input: AuthGetWorkloadActivationStatusInput): Promise<{
-        confirmationCode?: string | undefined;
-        status: "activated";
-        profileId: string;
-        instanceId: string;
-        activatedAt: string;
-    } | {
-        status: "pending_review";
-        profileId: string;
-        instanceId: string;
-        reviewId: string;
-        requestedAt: string;
-    } | {
-        reason?: string | undefined;
-        status: "rejected";
-    }>;
-    listWorkloadActivations(input?: AuthListWorkloadActivationsInput): Promise<{
-        activations: {
-            activatedBy?: {
-                id: string;
-                origin: string;
-            } | undefined;
-            profileId: string;
-            instanceId: string;
-            publicIdentityKey: string;
-            state: "activated" | "revoked";
-            activatedAt: string;
-            revokedAt: string | null;
-        }[];
-    }>;
-    revokeWorkloadActivation(input: AuthRevokeWorkloadActivationInput): Promise<{
-        success: boolean;
-    }>;
-    getWorkloadConnectInfo(input: GetWorkloadConnectInfoInput): Promise<{
-        status: "ready";
-        connectInfo: {
-            contractDigest: string;
-            contractId: string;
-            profileId: string;
-            instanceId: string;
-            transport: {
-                sentinel: {
-                    jwt: string;
-                    seed: string;
-                };
-                natsServers: string[];
-            };
-            auth: {
-                mode: "workload_identity";
-                iatSkewSeconds: number;
-            };
-        };
-    }>;
-};
-export declare function verifyWorkloadWaitSignature(input: WorkloadActivationWaitRequest): Promise<boolean>;
-export {};
-//# sourceMappingURL=workload_activation.d.ts.map

package/script/auth/workload_activation.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"workload_activation.d.ts","sourceRoot":"","sources":["../../../../auth/workload_activation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAQ/B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EACL,kCAAkC,EAClC,0BAA0B,EAC1B,6CAA6C,EAC7C,qCAAqC,EACrC,wCAAwC,EACxC,gCAAgC,EAChC,yCAAyC,EACzC,iCAAiC,EACjC,0CAA0C,EAC1C,kCAAkC,EAClC,uCAAuC,EACxC,MAAM,eAAe,CAAC;AAUvB,eAAO,MAAM,+BAA+B;;;;;EAKT,CAAC;AAEpC,eAAO,MAAM,mCAAmC;;;;;;EAMb,CAAC;AAEpC,MAAM,MAAM,yBAAyB,GAAG,YAAY,CAAC,OAAO,+BAA+B,CAAC,CAAC;AAC7F,MAAM,MAAM,6BAA6B,GAAG,YAAY,CAAC,OAAO,mCAAmC,CAAC,CAAC;AACrG,MAAM,MAAM,iCAAiC,GAAG,YAAY,CAAC,OAAO,uCAAuC,CAAC,CAAC;AAC7G,MAAM,MAAM,yBAAyB,GAAG,YAAY,CAAC,OAAO,0BAA0B,CAAC,CAAC;AACxF,MAAM,MAAM,0BAA0B,GAAG,YAAY,CAAC,OAAO,kCAAkC,CAAC,CAAC;AACjG,MAAM,MAAM,oCAAoC,GAAG,YAAY,CAAC,OAAO,qCAAqC,CAAC,CAAC;AAC9G,MAAM,MAAM,qCAAqC,GAAG,YAAY,CAAC,OAAO,6CAA6C,CAAC,CAAC;AACvH,MAAM,MAAM,gCAAgC,GAAG,YAAY,CAAC,OAAO,iCAAiC,CAAC,CAAC;AACtG,MAAM,MAAM,iCAAiC,GAAG,YAAY,CAAC,OAAO,yCAAyC,CAAC,CAAC;AAC/G,MAAM,MAAM,iCAAiC,GAAG,YAAY,CAAC,OAAO,kCAAkC,CAAC,CAAC;AACxG,MAAM,MAAM,oCAAoC,GAAG,YAAY,CAAC,OAAO,0CAA0C,CAAC,CAAC;AACnH,MAAM,MAAM,2BAA2B,GAAG,YAAY,CAAC,OAAO,gCAAgC,CAAC,CAAC;AAChG,MAAM,MAAM,4BAA4B,GAAG,YAAY,CAAC,OAAO,wCAAwC,CAAC,CAAC;AAEzG,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,EAAE,UAAU,CAAC;IACzB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,EAAE,UAAU,CAAC;IAC1B,sBAAsB,EAAE,MAAM,CAAC;CAChC,CAAC;AAEF,KAAK,2BAA2B,GAC5B,uBAAuB,GACvB,kCAAkC,GAClC,8BAA8B,GAC9B,+BAA+B,GAC/B,6BAA6B,CAAC;AAElC,KAAK,6BAA6B,GAAG;IACnC,uBAAuB,EAAE,yBAAyB,CAAC;IACnD,kCAAkC,EAAE,oCAAoC,CAAC;IACzE,8BAA8B,EAAE,gCAAgC,CAAC;IACjE,+BAA+B,EAAE,iCAAiC,CAAC;IACnE,6BAA6B,EAAE,2BAA2B,CAAC;CAC5D,CAAC;AAEF,KAAK,8BAA8B,GAAG;IACpC,uBAAuB,EAAE,0BAA0B,CAAC;IACpD,kCAAkC,EAAE,qCAAqC,CAAC;IAC1E,8BAA8B,EAAE,iCAAiC,CAAC;IAClE,+BAA+B,EAAE,oCAAoC,CAAC;IACtE,6BAA6B,EAAE,4BAA4B,CAAC;CAC7D,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,cAAc,CAAC,CAAC,SAAS,2BAA2B,EAClD,MAAM,EAAE,CAAC,EACT,KAAK,EAAE,6BAA6B,CAAC,CAAC,CAAC,EACvC,IAAI,CAAC,EAAE,OAAO,GACb,OAAO,CAAC,8BAA8B,CAAC,CAAC,CAAC,CAAC,CAAC;CAC/C,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG,aAAa,CAAC;AA4FxD,wBAAsB,sBAAsB,CAAC,kBAAkB,EAAE,UAAU,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAgBtG;AAED,wBAAsB,mBAAmB,CAAC,KAAK,EAAE;IAC/C,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAWlB;AAED,wBAAsB,8BAA8B,CAAC,KAAK,EAAE;IAC1D,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAQrC;AAED,wBAAgB,+BAA+B,CAAC,OAAO,EAAE,yBAAyB,GAAG,MAAM,CAE1F;AAED,wBAAgB,8BAA8B,CAAC,KAAK,EAAE,MAAM,GAAG,yBAAyB,CAOvF;AAED,wBAAgB,0BAA0B,CAAC,IAAI,EAAE;IAC/C,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,yBAAyB,GAAG,MAAM,CAAC;CAC7C,GAAG,MAAM,CAQT;AAED,wBAAsB,8BAA8B,CAAC,KAAK,EAAE;IAC1D,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC,MAAM,CAAC,CAWlB;AAED,wBAAsB,8BAA8B,CAAC,KAAK,EAAE;IAC1D,aAAa,EAAE,UAAU,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB,EAAE,MAAM,CAAC;CAC1B,GAAG,OAAO,CAAC,OAAO,CAAC,CAGnB;AAED,wBAAgB,2BAA2B,CACzC,iBAAiB,EAAE,MAAM,EACzB,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,MAAM,GACV,UAAU,CAwBZ;AAED,wBAAsB,uBAAuB,CAAC,IAAI,EAAE;IAClD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,6BAA6B,CAAC,CAczC;AAED,wBAAsB,2BAA2B,CAAC,IAAI,EAAE;IACtD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,eAAe,GAAG;IAAE,cAAc,EAAE,MAAM,CAAA;CAAE,CAAC,CAaxD;AAED,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GAAG,OAAO,CAAC,OAAO,CAAC,iCAAiC,EAAE;IAAE,MAAM,EAAE,WAAW,CAAA;CAAE,CAAC,CAAC,CA0B/E;AAED,wBAAsB,sBAAsB,CAAC,IAAI,EAAE;IACjD,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,UAAU,GAAG,MAAM,CAAC;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,GAAG,OAAO,CAAC,4BAA4B,CAAC,CA2BxC;AAED,wBAAgB,8BAA8B,CAAC,MAAM,EAAE,2BAA2B;4BAEtD,yBAAyB;;;;;;;;;;;;;;;;uCAGd,oCAAoC;;;;;;;;;;;;;;;;oCAGxC,gCAAgC;;;;;;;;;;;;;;oCAG/B,iCAAiC;;;kCAGnC,2BAA2B;;;;;;;;;;;;;;;;;;;;EAI5D;AAED,wBAAsB,2BAA2B,CAAC,KAAK,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC,CASxG"}

package/script/trellis/workload.d.ts

@@ -1,45 +0,0 @@
-import { type NatsConnection } from "@nats-io/nats-core";
-import type { ClientOpts } from "./client.ts";
-import type { TrellisAPI } from "./contracts.ts";
-import type { TrellisAuth, Trellis } from "./trellis.ts";
-type WorkloadContract<TApi extends TrellisAPI = TrellisAPI> = {
-    CONTRACT_ID: string;
-    CONTRACT_DIGEST: string;
-    API: {
-        trellis: TApi;
-    };
-    createClient(nats: NatsConnection, auth: TrellisAuth, opts?: ClientOpts): Trellis<TApi>;
-};
-type WorkloadConnectTransport = {
-    connect(options: {
-        servers: string | string[];
-        token?: string;
-        authenticator?: unknown;
-        inboxPrefix?: string;
-    }): Promise<NatsConnection>;
-};
-type WorkloadConnectDeps = {
-    loadTransport(): Promise<WorkloadConnectTransport>;
-    now(): number;
-};
-export type WorkloadActivationController = {
-    url: string;
-    waitForOnlineApproval(opts?: {
-        signal?: AbortSignal;
-    }): Promise<void>;
-    acceptConfirmationCode(code: string): Promise<void>;
-};
-export type TrellisWorkloadConnectArgs<TApi extends TrellisAPI = TrellisAPI> = {
-    authUrl: string;
-    contract: WorkloadContract<TApi>;
-    rootSecret: Uint8Array | string;
-    onActivationRequired?(activation: WorkloadActivationController): Promise<void>;
-};
-declare function runtimeImport<TModule>(specifier: string): Promise<TModule>;
-export declare function loadDefaultTransport(importModule?: typeof runtimeImport): Promise<WorkloadConnectTransport>;
-export declare function connectWorkloadWithDeps<TApi extends TrellisAPI>(args: TrellisWorkloadConnectArgs<TApi>, deps: WorkloadConnectDeps): Promise<Trellis<TApi>>;
-export declare class TrellisWorkload {
-    static connect<TApi extends TrellisAPI>(args: TrellisWorkloadConnectArgs<TApi>): Promise<Trellis<TApi>>;
-}
-export {};
-//# sourceMappingURL=workload.d.ts.map

package/script/trellis/workload.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"workload.d.ts","sourceRoot":"","sources":["../../../workload.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoB,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAY3E,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEzD,KAAK,gBAAgB,CAAC,IAAI,SAAS,UAAU,GAAG,UAAU,IAAI;IAC5D,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,GAAG,EAAE;QACH,OAAO,EAAE,IAAI,CAAC;KACf,CAAC;IACF,YAAY,CAAC,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACzF,CAAC;AAEF,KAAK,wBAAwB,GAAG;IAC9B,OAAO,CAAC,OAAO,EAAE;QACf,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;QAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;CAC7B,CAAC;AAEF,KAAK,mBAAmB,GAAG;IACzB,aAAa,IAAI,OAAO,CAAC,wBAAwB,CAAC,CAAC;IACnD,GAAG,IAAI,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IACzC,GAAG,EAAE,MAAM,CAAC;IACZ,qBAAqB,CAAC,IAAI,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,WAAW,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACtE,sBAAsB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACrD,CAAC;AAEF,MAAM,MAAM,0BAA0B,CAAC,IAAI,SAAS,UAAU,GAAG,UAAU,IAAI;IAC7E,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACjC,UAAU,EAAE,UAAU,GAAG,MAAM,CAAC;IAChC,oBAAoB,CAAC,CAAC,UAAU,EAAE,4BAA4B,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAChF,CAAC;AAqBF,iBAAe,aAAa,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAKzE;AAED,wBAAsB,oBAAoB,CACxC,YAAY,GAAE,OAAO,aAA6B,GACjD,OAAO,CAAC,wBAAwB,CAAC,CAenC;AAgBD,wBAAsB,uBAAuB,CAAC,IAAI,SAAS,UAAU,EACnE,IAAI,EAAE,0BAA0B,CAAC,IAAI,CAAC,EACtC,IAAI,EAAE,mBAAmB,GACxB,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAmGxB;AAED,qBAAa,eAAe;IAC1B,MAAM,CAAC,OAAO,CAAC,IAAI,SAAS,UAAU,EACpC,IAAI,EAAE,0BAA0B,CAAC,IAAI,CAAC,GACrC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;CAG1B"}