@vorionsys/atsf-core 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +3 -3
- package/README.md +77 -11
- package/dist/api/index.d.ts +1 -1
- package/dist/api/index.js +1 -1
- package/dist/api/server.d.ts +5 -2
- package/dist/api/server.d.ts.map +1 -1
- package/dist/api/server.js +186 -149
- package/dist/api/server.js.map +1 -1
- package/dist/arbitration/index.d.ts +4 -4
- package/dist/arbitration/index.d.ts.map +1 -1
- package/dist/arbitration/index.js +46 -41
- package/dist/arbitration/index.js.map +1 -1
- package/dist/arbitration/types.d.ts +10 -10
- package/dist/arbitration/types.d.ts.map +1 -1
- package/dist/basis/evaluator.d.ts +1 -1
- package/dist/basis/evaluator.d.ts.map +1 -1
- package/dist/basis/evaluator.js +56 -54
- package/dist/basis/evaluator.js.map +1 -1
- package/dist/basis/index.d.ts +3 -3
- package/dist/basis/index.js +3 -3
- package/dist/basis/parser.d.ts +16 -16
- package/dist/basis/parser.d.ts.map +1 -1
- package/dist/basis/parser.js +32 -25
- package/dist/basis/parser.js.map +1 -1
- package/dist/basis/types.d.ts +2 -2
- package/dist/chain/index.d.ts.map +1 -1
- package/dist/chain/index.js +16 -16
- package/dist/chain/index.js.map +1 -1
- package/dist/cognigate/index.d.ts +1 -1
- package/dist/cognigate/index.d.ts.map +1 -1
- package/dist/cognigate/index.js +44 -33
- package/dist/cognigate/index.js.map +1 -1
- package/dist/common/adapters.d.ts +18 -11
- package/dist/common/adapters.d.ts.map +1 -1
- package/dist/common/adapters.js +100 -79
- package/dist/common/adapters.js.map +1 -1
- package/dist/common/config.d.ts +67 -67
- package/dist/common/config.js +49 -49
- package/dist/common/config.js.map +1 -1
- package/dist/common/index.d.ts +4 -4
- package/dist/common/index.js +4 -4
- package/dist/common/logger.d.ts +1 -1
- package/dist/common/logger.js +8 -8
- package/dist/common/types.d.ts +8 -8
- package/dist/common/types.js +5 -5
- package/dist/containment/index.d.ts +3 -3
- package/dist/containment/index.d.ts.map +1 -1
- package/dist/containment/index.js +119 -105
- package/dist/containment/index.js.map +1 -1
- package/dist/containment/types.d.ts +11 -11
- package/dist/containment/types.d.ts.map +1 -1
- package/dist/contracts/index.d.ts +9 -9
- package/dist/contracts/index.d.ts.map +1 -1
- package/dist/contracts/index.js +59 -54
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/types.d.ts +12 -12
- package/dist/contracts/types.d.ts.map +1 -1
- package/dist/crewai/callback.d.ts +91 -0
- package/dist/crewai/callback.d.ts.map +1 -0
- package/dist/crewai/callback.js +271 -0
- package/dist/crewai/callback.js.map +1 -0
- package/dist/crewai/executor.d.ts +135 -0
- package/dist/crewai/executor.d.ts.map +1 -0
- package/dist/crewai/executor.js +381 -0
- package/dist/crewai/executor.js.map +1 -0
- package/dist/crewai/index.d.ts +12 -0
- package/dist/crewai/index.d.ts.map +1 -0
- package/dist/crewai/index.js +12 -0
- package/dist/crewai/index.js.map +1 -0
- package/dist/crewai/tools.d.ts +21 -0
- package/dist/crewai/tools.d.ts.map +1 -0
- package/dist/crewai/tools.js +164 -0
- package/dist/crewai/tools.js.map +1 -0
- package/dist/crewai/types.d.ts +139 -0
- package/dist/crewai/types.d.ts.map +1 -0
- package/dist/crewai/types.js +9 -0
- package/dist/crewai/types.js.map +1 -0
- package/dist/enforce/index.d.ts +48 -222
- package/dist/enforce/index.d.ts.map +1 -1
- package/dist/enforce/index.js +144 -47
- package/dist/enforce/index.js.map +1 -1
- package/dist/enforce/trust-aware-enforcement-service.d.ts +121 -0
- package/dist/enforce/trust-aware-enforcement-service.d.ts.map +1 -0
- package/dist/enforce/trust-aware-enforcement-service.js +601 -0
- package/dist/enforce/trust-aware-enforcement-service.js.map +1 -0
- package/dist/enforce/types.d.ts +234 -0
- package/dist/enforce/types.d.ts.map +1 -0
- package/dist/enforce/types.js +10 -0
- package/dist/enforce/types.js.map +1 -0
- package/dist/governance/fluid-workflow.d.ts +8 -8
- package/dist/governance/fluid-workflow.d.ts.map +1 -1
- package/dist/governance/fluid-workflow.js +114 -86
- package/dist/governance/fluid-workflow.js.map +1 -1
- package/dist/governance/index.d.ts +7 -7
- package/dist/governance/index.d.ts.map +1 -1
- package/dist/governance/index.js +81 -74
- package/dist/governance/index.js.map +1 -1
- package/dist/governance/proof-bridge.d.ts +6 -6
- package/dist/governance/proof-bridge.d.ts.map +1 -1
- package/dist/governance/proof-bridge.js +5 -5
- package/dist/governance/proof-bridge.js.map +1 -1
- package/dist/governance/types.d.ts +16 -9
- package/dist/governance/types.d.ts.map +1 -1
- package/dist/governance/types.js.map +1 -1
- package/dist/index.d.ts +29 -25
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +33 -23
- package/dist/index.js.map +1 -1
- package/dist/intent/index.d.ts +21 -56
- package/dist/intent/index.d.ts.map +1 -1
- package/dist/intent/index.js +58 -24
- package/dist/intent/index.js.map +1 -1
- package/dist/intent/persistent-intent-service.d.ts +68 -0
- package/dist/intent/persistent-intent-service.d.ts.map +1 -0
- package/dist/intent/persistent-intent-service.js +277 -0
- package/dist/intent/persistent-intent-service.js.map +1 -0
- package/dist/intent/types.d.ts +69 -0
- package/dist/intent/types.d.ts.map +1 -0
- package/dist/intent/types.js +10 -0
- package/dist/intent/types.js.map +1 -0
- package/dist/intent-gateway/index.d.ts +522 -0
- package/dist/intent-gateway/index.d.ts.map +1 -0
- package/dist/intent-gateway/index.js +1499 -0
- package/dist/intent-gateway/index.js.map +1 -0
- package/dist/langchain/callback.d.ts +2 -2
- package/dist/langchain/callback.d.ts.map +1 -1
- package/dist/langchain/callback.js +30 -30
- package/dist/langchain/callback.js.map +1 -1
- package/dist/langchain/executor.d.ts +4 -4
- package/dist/langchain/executor.d.ts.map +1 -1
- package/dist/langchain/executor.js +82 -80
- package/dist/langchain/executor.js.map +1 -1
- package/dist/langchain/index.d.ts +5 -5
- package/dist/langchain/index.js +5 -5
- package/dist/langchain/tools.d.ts +1 -1
- package/dist/langchain/tools.d.ts.map +1 -1
- package/dist/langchain/tools.js +33 -33
- package/dist/langchain/tools.js.map +1 -1
- package/dist/langchain/types.d.ts +3 -3
- package/dist/langchain/types.d.ts.map +1 -1
- package/dist/layers/implementations/L0-request-format.d.ts +37 -0
- package/dist/layers/implementations/L0-request-format.d.ts.map +1 -0
- package/dist/layers/implementations/L0-request-format.js +218 -0
- package/dist/layers/implementations/L0-request-format.js.map +1 -0
- package/dist/layers/implementations/L1-input-size.d.ts +36 -0
- package/dist/layers/implementations/L1-input-size.d.ts.map +1 -0
- package/dist/layers/implementations/L1-input-size.js +160 -0
- package/dist/layers/implementations/L1-input-size.js.map +1 -0
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts +28 -0
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts.map +1 -0
- package/dist/layers/implementations/L2-charset-sanitizer.js +230 -0
- package/dist/layers/implementations/L2-charset-sanitizer.js.map +1 -0
- package/dist/layers/implementations/L3-schema-conformance.d.ts +47 -0
- package/dist/layers/implementations/L3-schema-conformance.d.ts.map +1 -0
- package/dist/layers/implementations/L3-schema-conformance.js +267 -0
- package/dist/layers/implementations/L3-schema-conformance.js.map +1 -0
- package/dist/layers/implementations/L4-injection-detector.d.ts +47 -0
- package/dist/layers/implementations/L4-injection-detector.d.ts.map +1 -0
- package/dist/layers/implementations/L4-injection-detector.js +260 -0
- package/dist/layers/implementations/L4-injection-detector.js.map +1 -0
- package/dist/layers/implementations/L5-rate-limiter.d.ts +51 -0
- package/dist/layers/implementations/L5-rate-limiter.d.ts.map +1 -0
- package/dist/layers/implementations/L5-rate-limiter.js +183 -0
- package/dist/layers/implementations/L5-rate-limiter.js.map +1 -0
- package/dist/layers/implementations/index.d.ts +16 -0
- package/dist/layers/implementations/index.d.ts.map +1 -0
- package/dist/layers/implementations/index.js +16 -0
- package/dist/layers/implementations/index.js.map +1 -0
- package/dist/layers/index.d.ts +3 -3
- package/dist/layers/index.d.ts.map +1 -1
- package/dist/layers/index.js +99 -71
- package/dist/layers/index.js.map +1 -1
- package/dist/layers/types.d.ts +16 -16
- package/dist/layers/types.d.ts.map +1 -1
- package/dist/persistence/file.d.ts +3 -3
- package/dist/persistence/file.d.ts.map +1 -1
- package/dist/persistence/file.js +32 -28
- package/dist/persistence/file.js.map +1 -1
- package/dist/persistence/index.d.ts +7 -7
- package/dist/persistence/index.d.ts.map +1 -1
- package/dist/persistence/index.js +18 -18
- package/dist/persistence/index.js.map +1 -1
- package/dist/persistence/memory.d.ts +3 -3
- package/dist/persistence/memory.d.ts.map +1 -1
- package/dist/persistence/memory.js +10 -8
- package/dist/persistence/memory.js.map +1 -1
- package/dist/persistence/sqlite.d.ts +3 -3
- package/dist/persistence/sqlite.d.ts.map +1 -1
- package/dist/persistence/sqlite.js +36 -36
- package/dist/persistence/sqlite.js.map +1 -1
- package/dist/persistence/supabase.d.ts +3 -3
- package/dist/persistence/supabase.d.ts.map +1 -1
- package/dist/persistence/supabase.js +41 -43
- package/dist/persistence/supabase.js.map +1 -1
- package/dist/persistence/types.d.ts +5 -5
- package/dist/phase6/ceiling.d.ts +5 -5
- package/dist/phase6/ceiling.d.ts.map +1 -1
- package/dist/phase6/ceiling.js +67 -34
- package/dist/phase6/ceiling.js.map +1 -1
- package/dist/phase6/context.d.ts +3 -3
- package/dist/phase6/context.d.ts.map +1 -1
- package/dist/phase6/context.js +91 -45
- package/dist/phase6/context.js.map +1 -1
- package/dist/phase6/index.d.ts +13 -13
- package/dist/phase6/index.d.ts.map +1 -1
- package/dist/phase6/index.js +16 -16
- package/dist/phase6/index.js.map +1 -1
- package/dist/phase6/presets.d.ts +2 -2
- package/dist/phase6/presets.d.ts.map +1 -1
- package/dist/phase6/presets.js +39 -33
- package/dist/phase6/presets.js.map +1 -1
- package/dist/phase6/provenance.d.ts +4 -4
- package/dist/phase6/provenance.d.ts.map +1 -1
- package/dist/phase6/provenance.js +42 -35
- package/dist/phase6/provenance.js.map +1 -1
- package/dist/phase6/role-gates/index.d.ts +2 -2
- package/dist/phase6/role-gates/index.js +2 -2
- package/dist/phase6/role-gates/kernel.d.ts.map +1 -1
- package/dist/phase6/role-gates/kernel.js +16 -16
- package/dist/phase6/role-gates/kernel.js.map +1 -1
- package/dist/phase6/role-gates/policy.d.ts +2 -2
- package/dist/phase6/role-gates/policy.js +6 -6
- package/dist/phase6/role-gates.d.ts +4 -4
- package/dist/phase6/role-gates.d.ts.map +1 -1
- package/dist/phase6/role-gates.js +80 -58
- package/dist/phase6/role-gates.js.map +1 -1
- package/dist/phase6/types.d.ts +35 -35
- package/dist/phase6/types.d.ts.map +1 -1
- package/dist/phase6/types.js +166 -66
- package/dist/phase6/types.js.map +1 -1
- package/dist/phase6/weight-presets/canonical.d.ts +2 -2
- package/dist/phase6/weight-presets/canonical.d.ts.map +1 -1
- package/dist/phase6/weight-presets/canonical.js +12 -12
- package/dist/phase6/weight-presets/canonical.js.map +1 -1
- package/dist/phase6/weight-presets/deltas.d.ts +2 -2
- package/dist/phase6/weight-presets/deltas.d.ts.map +1 -1
- package/dist/phase6/weight-presets/deltas.js +27 -27
- package/dist/phase6/weight-presets/deltas.js.map +1 -1
- package/dist/phase6/weight-presets/index.d.ts +4 -4
- package/dist/phase6/weight-presets/index.js +4 -4
- package/dist/phase6/weight-presets/merger.d.ts +3 -3
- package/dist/phase6/weight-presets/merger.d.ts.map +1 -1
- package/dist/phase6/weight-presets/merger.js +40 -44
- package/dist/phase6/weight-presets/merger.js.map +1 -1
- package/dist/proof/index.d.ts +3 -3
- package/dist/proof/index.d.ts.map +1 -1
- package/dist/proof/index.js +44 -38
- package/dist/proof/index.js.map +1 -1
- package/dist/proof/merkle.d.ts +3 -3
- package/dist/proof/merkle.d.ts.map +1 -1
- package/dist/proof/merkle.js +26 -25
- package/dist/proof/merkle.js.map +1 -1
- package/dist/proof/zk-proofs.d.ts +6 -6
- package/dist/proof/zk-proofs.d.ts.map +1 -1
- package/dist/proof/zk-proofs.js +42 -43
- package/dist/proof/zk-proofs.js.map +1 -1
- package/dist/provenance/index.d.ts +3 -3
- package/dist/provenance/index.d.ts.map +1 -1
- package/dist/provenance/index.js +19 -17
- package/dist/provenance/index.js.map +1 -1
- package/dist/provenance/types.d.ts +4 -4
- package/dist/provenance/types.d.ts.map +1 -1
- package/dist/sandbox-training/challenges.d.ts +1 -1
- package/dist/sandbox-training/challenges.d.ts.map +1 -1
- package/dist/sandbox-training/challenges.js +228 -228
- package/dist/sandbox-training/challenges.js.map +1 -1
- package/dist/sandbox-training/graduation.d.ts +1 -1
- package/dist/sandbox-training/graduation.d.ts.map +1 -1
- package/dist/sandbox-training/graduation.js +14 -15
- package/dist/sandbox-training/graduation.js.map +1 -1
- package/dist/sandbox-training/index.d.ts +9 -9
- package/dist/sandbox-training/index.d.ts.map +1 -1
- package/dist/sandbox-training/index.js +6 -6
- package/dist/sandbox-training/index.js.map +1 -1
- package/dist/sandbox-training/promotion-service.d.ts +4 -4
- package/dist/sandbox-training/promotion-service.d.ts.map +1 -1
- package/dist/sandbox-training/promotion-service.js +5 -5
- package/dist/sandbox-training/promotion-service.js.map +1 -1
- package/dist/sandbox-training/runner.d.ts +1 -1
- package/dist/sandbox-training/runner.d.ts.map +1 -1
- package/dist/sandbox-training/runner.js +74 -73
- package/dist/sandbox-training/runner.js.map +1 -1
- package/dist/sandbox-training/scorer.d.ts +4 -4
- package/dist/sandbox-training/scorer.js +5 -5
- package/dist/sandbox-training/types.d.ts +4 -4
- package/dist/sandbox-training/types.d.ts.map +1 -1
- package/dist/sandbox-training/types.js +11 -7
- package/dist/sandbox-training/types.js.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.d.ts +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.d.ts.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.js +3 -4
- package/dist/trust-engine/ceiling-enforcement/audit.js.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/index.d.ts +2 -2
- package/dist/trust-engine/ceiling-enforcement/index.js +2 -2
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts +1 -1
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/kernel.js +1 -1
- package/dist/trust-engine/context-policy/enforcement.d.ts.map +1 -1
- package/dist/trust-engine/context-policy/factory.d.ts +1 -1
- package/dist/trust-engine/context-policy/factory.d.ts.map +1 -1
- package/dist/trust-engine/context-policy/factory.js +1 -1
- package/dist/trust-engine/context-policy/factory.js.map +1 -1
- package/dist/trust-engine/context-policy/index.d.ts +2 -2
- package/dist/trust-engine/context-policy/index.js +2 -2
- package/dist/trust-engine/creation-modifiers/index.d.ts +1 -1
- package/dist/trust-engine/creation-modifiers/index.js +1 -1
- package/dist/trust-engine/creation-modifiers/types.d.ts.map +1 -1
- package/dist/trust-engine/creation-modifiers/types.js +2 -3
- package/dist/trust-engine/creation-modifiers/types.js.map +1 -1
- package/dist/trust-engine/decay-profiles.d.ts +1 -1
- package/dist/trust-engine/decay-profiles.d.ts.map +1 -1
- package/dist/trust-engine/decay-profiles.js +4 -4
- package/dist/trust-engine/decay-profiles.js.map +1 -1
- package/dist/trust-engine/index.d.ts +111 -45
- package/dist/trust-engine/index.d.ts.map +1 -1
- package/dist/trust-engine/index.js +418 -61
- package/dist/trust-engine/index.js.map +1 -1
- package/dist/trust-engine/phase6-types.d.ts +10 -10
- package/dist/trust-engine/phase6-types.d.ts.map +1 -1
- package/dist/trust-engine/phase6-types.js +25 -23
- package/dist/trust-engine/phase6-types.js.map +1 -1
- package/dist/trust-engine/types.d.ts +77 -0
- package/dist/trust-engine/types.d.ts.map +1 -0
- package/dist/trust-engine/types.js +20 -0
- package/dist/trust-engine/types.js.map +1 -0
- package/package.json +5 -4
package/dist/api/server.js
CHANGED
|
@@ -5,19 +5,19 @@
|
|
|
5
5
|
*
|
|
6
6
|
* @packageDocumentation
|
|
7
7
|
*/
|
|
8
|
-
import Fastify from
|
|
9
|
-
import cors from
|
|
10
|
-
import helmet from
|
|
11
|
-
import rateLimit from
|
|
12
|
-
import { createLogger } from
|
|
13
|
-
import { getConfig } from
|
|
14
|
-
import {
|
|
15
|
-
import { createProofService } from
|
|
16
|
-
import { createTrustEngine } from
|
|
17
|
-
import { createEvaluator } from
|
|
18
|
-
import { createGovernanceEngine } from
|
|
19
|
-
import { GovernanceProofBridge } from
|
|
20
|
-
const apiLogger = createLogger({ component:
|
|
8
|
+
import Fastify from "fastify";
|
|
9
|
+
import cors from "@fastify/cors";
|
|
10
|
+
import helmet from "@fastify/helmet";
|
|
11
|
+
import rateLimit from "@fastify/rate-limit";
|
|
12
|
+
import { createLogger } from "../common/logger.js";
|
|
13
|
+
import { getConfig } from "../common/config.js";
|
|
14
|
+
import { PersistentIntentService } from "../intent/persistent-intent-service.js";
|
|
15
|
+
import { createProofService } from "../proof/index.js";
|
|
16
|
+
import { createTrustEngine } from "../trust-engine/index.js";
|
|
17
|
+
import { createEvaluator } from "../basis/evaluator.js";
|
|
18
|
+
import { createGovernanceEngine } from "../governance/index.js";
|
|
19
|
+
import { GovernanceProofBridge } from "../governance/proof-bridge.js";
|
|
20
|
+
const apiLogger = createLogger({ component: "api" });
|
|
21
21
|
// ============================================================
|
|
22
22
|
// Health Check Implementation
|
|
23
23
|
// ============================================================
|
|
@@ -43,15 +43,15 @@ function checkSystemHealth(startTime) {
|
|
|
43
43
|
const metrics = getSystemMetrics(startTime);
|
|
44
44
|
// Warning threshold: 80% memory usage
|
|
45
45
|
// Error threshold: 95% memory usage
|
|
46
|
-
let status =
|
|
47
|
-
let message =
|
|
46
|
+
let status = "ok";
|
|
47
|
+
let message = "System healthy";
|
|
48
48
|
if (metrics.memoryUsagePercent > 95) {
|
|
49
|
-
status =
|
|
50
|
-
message =
|
|
49
|
+
status = "error";
|
|
50
|
+
message = "Critical memory pressure";
|
|
51
51
|
}
|
|
52
52
|
else if (metrics.memoryUsagePercent > 80) {
|
|
53
|
-
status =
|
|
54
|
-
message =
|
|
53
|
+
status = "degraded";
|
|
54
|
+
message = "High memory usage";
|
|
55
55
|
}
|
|
56
56
|
return {
|
|
57
57
|
status,
|
|
@@ -71,27 +71,27 @@ async function checkService(name, checkFn) {
|
|
|
71
71
|
try {
|
|
72
72
|
await checkFn();
|
|
73
73
|
return {
|
|
74
|
-
status:
|
|
74
|
+
status: "ok",
|
|
75
75
|
latencyMs: Date.now() - start,
|
|
76
76
|
message: `${name} operational`,
|
|
77
77
|
};
|
|
78
78
|
}
|
|
79
79
|
catch (error) {
|
|
80
80
|
return {
|
|
81
|
-
status:
|
|
81
|
+
status: "error",
|
|
82
82
|
latencyMs: Date.now() - start,
|
|
83
|
-
message: `${name} error: ${error instanceof Error ? error.message :
|
|
83
|
+
message: `${name} error: ${error instanceof Error ? error.message : "Unknown error"}`,
|
|
84
84
|
};
|
|
85
85
|
}
|
|
86
86
|
}
|
|
87
87
|
/**
|
|
88
88
|
* Create and configure the API server
|
|
89
89
|
*/
|
|
90
|
-
export async function createServer() {
|
|
90
|
+
export async function createServer(deps) {
|
|
91
91
|
const config = getConfig();
|
|
92
92
|
const startTime = new Date();
|
|
93
93
|
// Initialize services
|
|
94
|
-
const intentService =
|
|
94
|
+
const intentService = deps?.intentService ?? new PersistentIntentService();
|
|
95
95
|
const proofService = createProofService();
|
|
96
96
|
const trustEngine = createTrustEngine();
|
|
97
97
|
const evaluator = createEvaluator();
|
|
@@ -101,41 +101,45 @@ export async function createServer() {
|
|
|
101
101
|
const proof = await proofService.create(req);
|
|
102
102
|
return { id: proof.id };
|
|
103
103
|
},
|
|
104
|
-
tenantId:
|
|
104
|
+
tenantId: "__system__",
|
|
105
105
|
});
|
|
106
106
|
// Use pino logger config for Fastify 5
|
|
107
|
-
const isTest = process.env[
|
|
107
|
+
const isTest = process.env["NODE_ENV"] === "test" || process.env["VITEST"];
|
|
108
108
|
const server = Fastify({
|
|
109
|
-
logger: isTest
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
109
|
+
logger: isTest
|
|
110
|
+
? false
|
|
111
|
+
: {
|
|
112
|
+
level: config.env === "production" ? "info" : "debug",
|
|
113
|
+
transport: config.env !== "production"
|
|
114
|
+
? {
|
|
115
|
+
target: "pino-pretty",
|
|
116
|
+
options: { colorize: true },
|
|
117
|
+
}
|
|
118
|
+
: undefined,
|
|
119
|
+
},
|
|
120
|
+
requestIdHeader: "x-request-id",
|
|
121
|
+
requestIdLogLabel: "requestId",
|
|
118
122
|
});
|
|
119
123
|
// Register plugins
|
|
120
124
|
await server.register(cors, {
|
|
121
|
-
origin: config.env ===
|
|
125
|
+
origin: config.env === "production" ? false : true,
|
|
122
126
|
credentials: true,
|
|
123
127
|
});
|
|
124
128
|
await server.register(helmet, {
|
|
125
|
-
contentSecurityPolicy: config.env ===
|
|
129
|
+
contentSecurityPolicy: config.env === "production",
|
|
126
130
|
});
|
|
127
131
|
await server.register(rateLimit, {
|
|
128
132
|
max: config.api.rateLimit,
|
|
129
|
-
timeWindow:
|
|
133
|
+
timeWindow: "1 minute",
|
|
130
134
|
});
|
|
131
135
|
// API Key authentication for protected routes
|
|
132
|
-
const API_KEY = process.env[
|
|
136
|
+
const API_KEY = process.env["VORION_API_KEY"] || config.api.apiKey;
|
|
133
137
|
const requiresAuth = (url) => {
|
|
134
138
|
// Public endpoints that don't require auth
|
|
135
|
-
const publicPaths = [
|
|
136
|
-
return !publicPaths.some(path => url === path || url.startsWith(path +
|
|
139
|
+
const publicPaths = ["/health", "/ready", "/live", "/api/v1/health"];
|
|
140
|
+
return !publicPaths.some((path) => url === path || url.startsWith(path + "?"));
|
|
137
141
|
};
|
|
138
|
-
server.addHook(
|
|
142
|
+
server.addHook("onRequest", async (request, reply) => {
|
|
139
143
|
// Skip auth in test mode or for public endpoints
|
|
140
144
|
if (isTest || !requiresAuth(request.url)) {
|
|
141
145
|
return;
|
|
@@ -144,107 +148,113 @@ export async function createServer() {
|
|
|
144
148
|
if (!API_KEY) {
|
|
145
149
|
return;
|
|
146
150
|
}
|
|
147
|
-
const authHeader = request.headers[
|
|
151
|
+
const authHeader = request.headers["authorization"];
|
|
148
152
|
if (!authHeader) {
|
|
149
153
|
return reply.status(401).send({
|
|
150
|
-
error: {
|
|
154
|
+
error: {
|
|
155
|
+
code: "UNAUTHORIZED",
|
|
156
|
+
message: "Missing Authorization header",
|
|
157
|
+
},
|
|
151
158
|
});
|
|
152
159
|
}
|
|
153
|
-
const [scheme, token] = authHeader.split(
|
|
154
|
-
if (scheme?.toLowerCase() !==
|
|
160
|
+
const [scheme, token] = authHeader.split(" ");
|
|
161
|
+
if (scheme?.toLowerCase() !== "bearer" || token !== API_KEY) {
|
|
155
162
|
return reply.status(401).send({
|
|
156
|
-
error: { code:
|
|
163
|
+
error: { code: "UNAUTHORIZED", message: "Invalid API key" },
|
|
157
164
|
});
|
|
158
165
|
}
|
|
159
166
|
});
|
|
160
167
|
// Health check endpoint - performs actual checks on all services
|
|
161
|
-
server.get(
|
|
168
|
+
server.get("/health", async () => {
|
|
162
169
|
const checks = {};
|
|
163
170
|
// Check trust engine
|
|
164
|
-
checks.trustEngine = await checkService(
|
|
165
|
-
await trustEngine.getScore(
|
|
171
|
+
checks.trustEngine = await checkService("Trust engine", async () => {
|
|
172
|
+
await trustEngine.getScore("__health_check__");
|
|
166
173
|
});
|
|
167
174
|
// Check proof service
|
|
168
|
-
checks.proofService = await checkService(
|
|
169
|
-
await proofService.get(
|
|
175
|
+
checks.proofService = await checkService("Proof service", async () => {
|
|
176
|
+
await proofService.get("__health_check_proof__");
|
|
170
177
|
});
|
|
171
178
|
// Check intent service
|
|
172
|
-
checks.intentService = await checkService(
|
|
173
|
-
await intentService.get(
|
|
179
|
+
checks.intentService = await checkService("Intent service", async () => {
|
|
180
|
+
await intentService.get("__health_check_intent__", "__system__");
|
|
174
181
|
});
|
|
175
182
|
// Check system health
|
|
176
183
|
checks.system = checkSystemHealth(startTime);
|
|
177
184
|
// Determine overall status
|
|
178
185
|
const statuses = Object.values(checks).map((c) => c.status);
|
|
179
186
|
let status;
|
|
180
|
-
if (statuses.every((s) => s ===
|
|
181
|
-
status =
|
|
187
|
+
if (statuses.every((s) => s === "ok")) {
|
|
188
|
+
status = "healthy";
|
|
182
189
|
}
|
|
183
|
-
else if (statuses.some((s) => s ===
|
|
184
|
-
status =
|
|
190
|
+
else if (statuses.some((s) => s === "error")) {
|
|
191
|
+
status = "unhealthy";
|
|
185
192
|
}
|
|
186
193
|
else {
|
|
187
|
-
status =
|
|
194
|
+
status = "degraded";
|
|
188
195
|
}
|
|
189
196
|
return {
|
|
190
197
|
status,
|
|
191
198
|
timestamp: new Date().toISOString(),
|
|
192
|
-
version: process.env[
|
|
199
|
+
version: process.env["npm_package_version"],
|
|
193
200
|
environment: config.env,
|
|
194
201
|
checks,
|
|
195
202
|
metrics: getSystemMetrics(startTime),
|
|
196
203
|
};
|
|
197
204
|
});
|
|
198
205
|
// Ready check endpoint - verifies all critical services are ready
|
|
199
|
-
server.get(
|
|
206
|
+
server.get("/ready", async (_request, reply) => {
|
|
200
207
|
const checks = {};
|
|
201
208
|
// Check trust engine (critical)
|
|
202
|
-
checks.trustEngine = await checkService(
|
|
203
|
-
await trustEngine.getScore(
|
|
209
|
+
checks.trustEngine = await checkService("Trust engine", async () => {
|
|
210
|
+
await trustEngine.getScore("__health_check__");
|
|
204
211
|
});
|
|
205
212
|
// Check proof service (critical)
|
|
206
|
-
checks.proofService = await checkService(
|
|
207
|
-
await proofService.get(
|
|
213
|
+
checks.proofService = await checkService("Proof service", async () => {
|
|
214
|
+
await proofService.get("__health_check_proof__");
|
|
208
215
|
});
|
|
209
216
|
// Check intent service (critical)
|
|
210
|
-
checks.intentService = await checkService(
|
|
211
|
-
await intentService.get(
|
|
217
|
+
checks.intentService = await checkService("Intent service", async () => {
|
|
218
|
+
await intentService.get("__health_check_intent__", "__system__");
|
|
212
219
|
});
|
|
213
|
-
const allPassed = Object.values(checks).every((c) => c.status ===
|
|
220
|
+
const allPassed = Object.values(checks).every((c) => c.status === "ok" || c.status === "degraded");
|
|
214
221
|
// Return 503 if not ready (for Kubernetes probes)
|
|
215
222
|
if (!allPassed) {
|
|
216
223
|
reply.status(503);
|
|
217
224
|
}
|
|
218
225
|
return {
|
|
219
|
-
status: allPassed ?
|
|
226
|
+
status: allPassed ? "ready" : "not_ready",
|
|
220
227
|
timestamp: new Date().toISOString(),
|
|
221
228
|
checks,
|
|
222
229
|
allPassed,
|
|
223
230
|
};
|
|
224
231
|
});
|
|
225
232
|
// Liveness probe endpoint - simple alive check (no deep checks)
|
|
226
|
-
server.get(
|
|
227
|
-
status:
|
|
233
|
+
server.get("/live", async () => ({
|
|
234
|
+
status: "alive",
|
|
228
235
|
timestamp: new Date().toISOString(),
|
|
229
236
|
}));
|
|
230
237
|
// API routes
|
|
231
238
|
server.register(async (api) => {
|
|
232
239
|
// SDK: Health check endpoint
|
|
233
|
-
api.get(
|
|
234
|
-
status:
|
|
235
|
-
version: process.env[
|
|
240
|
+
api.get("/health", async () => ({
|
|
241
|
+
status: "healthy",
|
|
242
|
+
version: process.env["npm_package_version"] ?? "0.1.0",
|
|
236
243
|
}));
|
|
237
244
|
// Intent routes - unified handler for both legacy and SDK formats
|
|
238
|
-
api.post(
|
|
245
|
+
api.post("/intents", async (request, reply) => {
|
|
239
246
|
const body = request.body;
|
|
240
247
|
// Detect format: SDK format has 'agentId' and 'action', legacy has 'entityId' and 'goal'
|
|
241
|
-
if (
|
|
248
|
+
if ("agentId" in body && "action" in body) {
|
|
242
249
|
// SDK format
|
|
243
250
|
const startTime = Date.now();
|
|
244
|
-
const { agentId, capabilities = [], action } = body;
|
|
251
|
+
const { agentId, capabilities = [], action, } = body;
|
|
245
252
|
if (!agentId || !action?.type || !action?.resource) {
|
|
246
253
|
return reply.status(400).send({
|
|
247
|
-
error: {
|
|
254
|
+
error: {
|
|
255
|
+
code: "INVALID_REQUEST",
|
|
256
|
+
message: "Missing required fields: agentId, action.type, action.resource",
|
|
257
|
+
},
|
|
248
258
|
});
|
|
249
259
|
}
|
|
250
260
|
// Get or create agent trust record
|
|
@@ -254,10 +264,10 @@ export async function createServer() {
|
|
|
254
264
|
trustRecord = await trustEngine.getScore(agentId);
|
|
255
265
|
}
|
|
256
266
|
// Check capability
|
|
257
|
-
const hasCapability = capabilities.some(cap => cap ===
|
|
267
|
+
const hasCapability = capabilities.some((cap) => cap === "*" ||
|
|
258
268
|
cap === action.type ||
|
|
259
269
|
cap === `${action.type}:*` ||
|
|
260
|
-
cap === `${action.type}:${action.resource.split(
|
|
270
|
+
cap === `${action.type}:${action.resource.split("/")[0]}`);
|
|
261
271
|
// Determine decision
|
|
262
272
|
const trustLevel = trustRecord?.level ?? 3;
|
|
263
273
|
const trustScore = trustRecord?.score ?? 500;
|
|
@@ -265,13 +275,13 @@ export async function createServer() {
|
|
|
265
275
|
// Decision tier based on trust level
|
|
266
276
|
let tier;
|
|
267
277
|
if (!allowed) {
|
|
268
|
-
tier =
|
|
278
|
+
tier = "RED";
|
|
269
279
|
}
|
|
270
280
|
else if (trustLevel >= 5) {
|
|
271
|
-
tier =
|
|
281
|
+
tier = "GREEN";
|
|
272
282
|
}
|
|
273
283
|
else {
|
|
274
|
-
tier =
|
|
284
|
+
tier = "YELLOW";
|
|
275
285
|
}
|
|
276
286
|
// Create proof record
|
|
277
287
|
const proofId = `proof-${Date.now()}-${Math.random().toString(36).slice(2, 9)}`;
|
|
@@ -279,20 +289,20 @@ export async function createServer() {
|
|
|
279
289
|
// Determine constraints based on tier
|
|
280
290
|
const constraints = [];
|
|
281
291
|
if (trustLevel <= 1) {
|
|
282
|
-
constraints.push(
|
|
292
|
+
constraints.push("rate_limit:10/min", "audit:full", "sandbox:true");
|
|
283
293
|
}
|
|
284
294
|
else if (trustLevel <= 3) {
|
|
285
|
-
constraints.push(
|
|
295
|
+
constraints.push("rate_limit:100/min", "audit:standard");
|
|
286
296
|
}
|
|
287
297
|
else if (trustLevel <= 5) {
|
|
288
|
-
constraints.push(
|
|
298
|
+
constraints.push("rate_limit:1000/min", "audit:light");
|
|
289
299
|
}
|
|
290
300
|
const reason = allowed
|
|
291
|
-
?
|
|
301
|
+
? "Action permitted based on capabilities and trust level"
|
|
292
302
|
: hasCapability
|
|
293
303
|
? `Trust score ${trustScore} below minimum threshold (200)`
|
|
294
|
-
: `Missing capability for ${action.type}:${action.resource.split(
|
|
295
|
-
apiLogger.info({ intentId, agentId, action: action.type, allowed, tier },
|
|
304
|
+
: `Missing capability for ${action.type}:${action.resource.split("/")[0]}`;
|
|
305
|
+
apiLogger.info({ intentId, agentId, action: action.type, allowed, tier }, "Intent processed");
|
|
296
306
|
return {
|
|
297
307
|
intentId,
|
|
298
308
|
allowed,
|
|
@@ -308,7 +318,10 @@ export async function createServer() {
|
|
|
308
318
|
const { entityId, goal, context, metadata } = body;
|
|
309
319
|
if (!entityId || !goal) {
|
|
310
320
|
return reply.status(400).send({
|
|
311
|
-
error: {
|
|
321
|
+
error: {
|
|
322
|
+
code: "INVALID_REQUEST",
|
|
323
|
+
message: "Missing required fields: entityId, goal",
|
|
324
|
+
},
|
|
312
325
|
});
|
|
313
326
|
}
|
|
314
327
|
const intent = await intentService.submit({
|
|
@@ -316,26 +329,29 @@ export async function createServer() {
|
|
|
316
329
|
goal,
|
|
317
330
|
context: context ?? {},
|
|
318
331
|
metadata,
|
|
319
|
-
}, { tenantId:
|
|
320
|
-
apiLogger.info({ intentId: intent.id, entityId },
|
|
332
|
+
}, { tenantId: "__system__" });
|
|
333
|
+
apiLogger.info({ intentId: intent.id, entityId }, "Intent submitted");
|
|
321
334
|
return reply.status(201).send({ intent });
|
|
322
335
|
}
|
|
323
336
|
});
|
|
324
|
-
api.get(
|
|
325
|
-
const intent = await intentService.get(request.params.id,
|
|
337
|
+
api.get("/intents/:id", async (request, reply) => {
|
|
338
|
+
const intent = await intentService.get(request.params.id, "__system__");
|
|
326
339
|
if (!intent) {
|
|
327
340
|
return reply.status(404).send({
|
|
328
|
-
error: { code:
|
|
341
|
+
error: { code: "NOT_FOUND", message: "Intent not found" },
|
|
329
342
|
});
|
|
330
343
|
}
|
|
331
344
|
return { intent };
|
|
332
345
|
});
|
|
333
346
|
// SDK: Check intent (pre-flight, no side effects)
|
|
334
|
-
api.post(
|
|
347
|
+
api.post("/intents/check", async (request, reply) => {
|
|
335
348
|
const { agentId, capabilities = [], action } = request.body;
|
|
336
349
|
if (!agentId || !action?.type || !action?.resource) {
|
|
337
350
|
return reply.status(400).send({
|
|
338
|
-
error: {
|
|
351
|
+
error: {
|
|
352
|
+
code: "INVALID_REQUEST",
|
|
353
|
+
message: "Missing required fields",
|
|
354
|
+
},
|
|
339
355
|
});
|
|
340
356
|
}
|
|
341
357
|
// Get agent trust record
|
|
@@ -343,49 +359,49 @@ export async function createServer() {
|
|
|
343
359
|
const trustScore = trustRecord?.score ?? 0;
|
|
344
360
|
const trustLevel = trustRecord?.level ?? 0;
|
|
345
361
|
// Check capability
|
|
346
|
-
const hasCapability = capabilities.some(cap => cap ===
|
|
362
|
+
const hasCapability = capabilities.some((cap) => cap === "*" ||
|
|
347
363
|
cap === action.type ||
|
|
348
364
|
cap === `${action.type}:*` ||
|
|
349
|
-
cap === `${action.type}:${action.resource.split(
|
|
365
|
+
cap === `${action.type}:${action.resource.split("/")[0]}`);
|
|
350
366
|
const wouldAllow = hasCapability && trustScore >= 200;
|
|
351
367
|
let tier;
|
|
352
368
|
if (!wouldAllow) {
|
|
353
|
-
tier =
|
|
369
|
+
tier = "RED";
|
|
354
370
|
}
|
|
355
371
|
else if (trustLevel >= 5) {
|
|
356
|
-
tier =
|
|
372
|
+
tier = "GREEN";
|
|
357
373
|
}
|
|
358
374
|
else {
|
|
359
|
-
tier =
|
|
375
|
+
tier = "YELLOW";
|
|
360
376
|
}
|
|
361
377
|
const reason = wouldAllow
|
|
362
|
-
?
|
|
378
|
+
? "Action would be permitted"
|
|
363
379
|
: hasCapability
|
|
364
380
|
? `Trust score ${trustScore} below minimum threshold`
|
|
365
381
|
: `Missing capability for ${action.type}`;
|
|
366
382
|
return { wouldAllow, tier, reason };
|
|
367
383
|
});
|
|
368
384
|
// Proof routes
|
|
369
|
-
api.get(
|
|
385
|
+
api.get("/proofs/:id", async (request, reply) => {
|
|
370
386
|
const proof = await proofService.get(request.params.id);
|
|
371
387
|
if (!proof) {
|
|
372
388
|
return reply.status(404).send({
|
|
373
|
-
error: { code:
|
|
389
|
+
error: { code: "NOT_FOUND", message: "Proof not found" },
|
|
374
390
|
});
|
|
375
391
|
}
|
|
376
392
|
return { proof };
|
|
377
393
|
});
|
|
378
|
-
api.post(
|
|
394
|
+
api.post("/proofs/:id/verify", async (request, reply) => {
|
|
379
395
|
const result = await proofService.verify(request.params.id);
|
|
380
396
|
if (result.chainPosition === -1) {
|
|
381
397
|
return reply.status(404).send({
|
|
382
|
-
error: { code:
|
|
398
|
+
error: { code: "NOT_FOUND", message: "Proof not found" },
|
|
383
399
|
});
|
|
384
400
|
}
|
|
385
401
|
return { verification: result };
|
|
386
402
|
});
|
|
387
403
|
// Trust routes
|
|
388
|
-
api.get(
|
|
404
|
+
api.get("/trust/:entityId", async (request) => {
|
|
389
405
|
const record = await trustEngine.getScore(request.params.entityId);
|
|
390
406
|
if (!record) {
|
|
391
407
|
// Return null values for non-existent agents (SDK compatible)
|
|
@@ -394,7 +410,7 @@ export async function createServer() {
|
|
|
394
410
|
score: null,
|
|
395
411
|
tier: null,
|
|
396
412
|
tierName: null,
|
|
397
|
-
message:
|
|
413
|
+
message: "Agent not found",
|
|
398
414
|
};
|
|
399
415
|
}
|
|
400
416
|
return {
|
|
@@ -406,11 +422,14 @@ export async function createServer() {
|
|
|
406
422
|
};
|
|
407
423
|
});
|
|
408
424
|
// SDK: Admit agent endpoint
|
|
409
|
-
api.post(
|
|
425
|
+
api.post("/trust/admit", async (request, reply) => {
|
|
410
426
|
const { agentId, name, capabilities, observationTier } = request.body;
|
|
411
427
|
if (!agentId || !name) {
|
|
412
428
|
return reply.status(400).send({
|
|
413
|
-
error: {
|
|
429
|
+
error: {
|
|
430
|
+
code: "INVALID_REQUEST",
|
|
431
|
+
message: "Missing required fields: agentId, name",
|
|
432
|
+
},
|
|
414
433
|
});
|
|
415
434
|
}
|
|
416
435
|
// Initialize agent in trust engine at T3 (Monitored)
|
|
@@ -418,31 +437,35 @@ export async function createServer() {
|
|
|
418
437
|
await trustEngine.initializeEntity(agentId, initialLevel);
|
|
419
438
|
const record = await trustEngine.getScore(agentId);
|
|
420
439
|
const expiresAt = new Date(Date.now() + 365 * 24 * 60 * 60 * 1000).toISOString(); // 1 year
|
|
421
|
-
apiLogger.info({ agentId, name, initialLevel },
|
|
440
|
+
apiLogger.info({ agentId, name, initialLevel }, "Agent admitted");
|
|
422
441
|
return reply.status(201).send({
|
|
423
442
|
admitted: true,
|
|
424
443
|
initialTier: record?.level ?? initialLevel,
|
|
425
444
|
initialScore: record?.score ?? 500,
|
|
426
|
-
observationCeiling: observationTier ===
|
|
445
|
+
observationCeiling: observationTier === "WHITE_BOX"
|
|
446
|
+
? 7
|
|
447
|
+
: observationTier === "GRAY_BOX"
|
|
448
|
+
? 5
|
|
449
|
+
: 3,
|
|
427
450
|
capabilities: capabilities ?? [],
|
|
428
451
|
expiresAt,
|
|
429
452
|
});
|
|
430
453
|
});
|
|
431
454
|
// SDK: Record trust signal
|
|
432
|
-
api.post(
|
|
455
|
+
api.post("/trust/:agentId/signal", async (request, reply) => {
|
|
433
456
|
const { agentId } = request.params;
|
|
434
457
|
const { type, source, weight = 0.1, context } = request.body;
|
|
435
458
|
const recordBefore = await trustEngine.getScore(agentId);
|
|
436
459
|
if (!recordBefore) {
|
|
437
460
|
return reply.status(404).send({
|
|
438
|
-
error: { code:
|
|
461
|
+
error: { code: "NOT_FOUND", message: "Agent not found" },
|
|
439
462
|
});
|
|
440
463
|
}
|
|
441
464
|
const scoreBefore = recordBefore.score;
|
|
442
465
|
// Map signal type to trust value
|
|
443
466
|
const valueMap = {
|
|
444
|
-
success: 0.8 +
|
|
445
|
-
failure: 0.2 -
|
|
467
|
+
success: 0.8 + weight * 0.2,
|
|
468
|
+
failure: 0.2 - weight * 0.1,
|
|
446
469
|
violation: 0.0,
|
|
447
470
|
neutral: 0.5,
|
|
448
471
|
};
|
|
@@ -464,18 +487,23 @@ export async function createServer() {
|
|
|
464
487
|
scoreAfter,
|
|
465
488
|
change: scoreAfter - scoreBefore,
|
|
466
489
|
newTier: recordAfter?.level ?? null,
|
|
467
|
-
newTierName: recordAfter
|
|
490
|
+
newTierName: recordAfter
|
|
491
|
+
? trustEngine.getLevelName(recordAfter.level)
|
|
492
|
+
: null,
|
|
468
493
|
};
|
|
469
494
|
});
|
|
470
495
|
// ================================================================
|
|
471
496
|
// Governance routes
|
|
472
497
|
// ================================================================
|
|
473
498
|
// Evaluate governance request (with proof chain)
|
|
474
|
-
api.post(
|
|
499
|
+
api.post("/governance/evaluate", async (request, reply) => {
|
|
475
500
|
const body = request.body;
|
|
476
501
|
if (!body.requestId || !body.entityId || !body.action) {
|
|
477
502
|
return reply.status(400).send({
|
|
478
|
-
error: {
|
|
503
|
+
error: {
|
|
504
|
+
code: "INVALID_REQUEST",
|
|
505
|
+
message: "Missing required fields: requestId, entityId, action",
|
|
506
|
+
},
|
|
479
507
|
});
|
|
480
508
|
}
|
|
481
509
|
const startTime = Date.now();
|
|
@@ -485,7 +513,7 @@ export async function createServer() {
|
|
|
485
513
|
entityId: body.entityId,
|
|
486
514
|
decision: result.decision,
|
|
487
515
|
proofId,
|
|
488
|
-
},
|
|
516
|
+
}, "Governance evaluation completed");
|
|
489
517
|
return {
|
|
490
518
|
result,
|
|
491
519
|
proofId,
|
|
@@ -493,85 +521,96 @@ export async function createServer() {
|
|
|
493
521
|
};
|
|
494
522
|
});
|
|
495
523
|
// Query governance rules
|
|
496
|
-
api.get(
|
|
524
|
+
api.get("/governance/rules", async (request) => {
|
|
497
525
|
const rules = await governanceEngine.queryRules(request.query);
|
|
498
526
|
return { rules, count: rules.length };
|
|
499
527
|
});
|
|
500
528
|
// Register governance rule
|
|
501
|
-
api.post(
|
|
529
|
+
api.post("/governance/rules", async (request, reply) => {
|
|
502
530
|
const rule = request.body;
|
|
503
531
|
if (!rule.ruleId || !rule.name || !rule.condition || !rule.effect) {
|
|
504
532
|
return reply.status(400).send({
|
|
505
|
-
error: {
|
|
533
|
+
error: {
|
|
534
|
+
code: "INVALID_REQUEST",
|
|
535
|
+
message: "Missing required rule fields",
|
|
536
|
+
},
|
|
506
537
|
});
|
|
507
538
|
}
|
|
508
539
|
governanceEngine.registerRule(rule);
|
|
509
|
-
apiLogger.info({ ruleId: rule.ruleId, name: rule.name },
|
|
510
|
-
return reply
|
|
540
|
+
apiLogger.info({ ruleId: rule.ruleId, name: rule.name }, "Governance rule registered");
|
|
541
|
+
return reply
|
|
542
|
+
.status(201)
|
|
543
|
+
.send({ registered: true, ruleId: rule.ruleId });
|
|
511
544
|
});
|
|
512
545
|
// ================================================================
|
|
513
546
|
// Boot Camp routes
|
|
514
547
|
// ================================================================
|
|
515
548
|
// Run boot camp for an agent
|
|
516
|
-
api.post(
|
|
549
|
+
api.post("/agents/:agentId/bootcamp", async (request, reply) => {
|
|
517
550
|
const { agentId } = request.params;
|
|
518
551
|
const { tenantId } = request.body;
|
|
519
552
|
if (!tenantId) {
|
|
520
553
|
return reply.status(400).send({
|
|
521
|
-
error: {
|
|
554
|
+
error: {
|
|
555
|
+
code: "INVALID_REQUEST",
|
|
556
|
+
message: "Missing required field: tenantId",
|
|
557
|
+
},
|
|
522
558
|
});
|
|
523
559
|
}
|
|
524
560
|
// The agent must implement handleChallenge — for API usage,
|
|
525
561
|
// this is a placeholder that indicates the boot camp needs
|
|
526
562
|
// to be driven by the calling service with a real agent adapter.
|
|
527
563
|
// For now, return the service configuration info.
|
|
528
|
-
apiLogger.info({ agentId, tenantId },
|
|
564
|
+
apiLogger.info({ agentId, tenantId }, "Boot camp requested");
|
|
529
565
|
return reply.status(501).send({
|
|
530
566
|
error: {
|
|
531
|
-
code:
|
|
532
|
-
message:
|
|
533
|
-
|
|
567
|
+
code: "NOT_IMPLEMENTED",
|
|
568
|
+
message: "Boot camp must be run programmatically via PromotionService. " +
|
|
569
|
+
"Use the @vorionsys/atsf-core SDK to run boot camp with a BootCampAgent implementation.",
|
|
534
570
|
},
|
|
535
571
|
hint: {
|
|
536
|
-
sdk:
|
|
537
|
-
import:
|
|
538
|
-
usage:
|
|
572
|
+
sdk: "@vorionsys/atsf-core",
|
|
573
|
+
import: "PromotionService",
|
|
574
|
+
usage: "new PromotionService(trustEngine).runAndEvaluate(agent)",
|
|
539
575
|
},
|
|
540
576
|
});
|
|
541
577
|
});
|
|
542
578
|
// Constraint routes
|
|
543
|
-
api.post(
|
|
579
|
+
api.post("/constraints/validate", async (request, reply) => {
|
|
544
580
|
const { entityId, intentType, context } = request.body;
|
|
545
581
|
if (!entityId || !intentType) {
|
|
546
582
|
return reply.status(400).send({
|
|
547
|
-
error: {
|
|
583
|
+
error: {
|
|
584
|
+
code: "INVALID_REQUEST",
|
|
585
|
+
message: "Missing required fields",
|
|
586
|
+
},
|
|
548
587
|
});
|
|
549
588
|
}
|
|
550
589
|
// Get entity trust record
|
|
551
590
|
const trustRecord = await trustEngine.getScore(entityId);
|
|
552
591
|
if (!trustRecord) {
|
|
553
592
|
return reply.status(404).send({
|
|
554
|
-
error: { code:
|
|
593
|
+
error: { code: "NOT_FOUND", message: "Entity not found" },
|
|
555
594
|
});
|
|
556
595
|
}
|
|
557
596
|
// Create evaluation context
|
|
558
597
|
const evalContext = {
|
|
559
598
|
intent: {
|
|
560
|
-
id:
|
|
599
|
+
id: "validation-check",
|
|
561
600
|
type: intentType,
|
|
562
|
-
goal:
|
|
601
|
+
goal: "constraint-validation",
|
|
563
602
|
context: context ?? {},
|
|
564
603
|
},
|
|
565
604
|
entity: {
|
|
566
605
|
id: entityId,
|
|
567
|
-
type:
|
|
606
|
+
type: "agent",
|
|
568
607
|
trustScore: trustRecord.score,
|
|
569
608
|
trustLevel: trustRecord.level,
|
|
570
609
|
attributes: {},
|
|
571
610
|
},
|
|
572
611
|
environment: {
|
|
573
612
|
timestamp: new Date().toISOString(),
|
|
574
|
-
timezone:
|
|
613
|
+
timezone: "UTC",
|
|
575
614
|
requestId: request.id,
|
|
576
615
|
},
|
|
577
616
|
custom: {},
|
|
@@ -597,13 +636,11 @@ export async function createServer() {
|
|
|
597
636
|
error: error.message,
|
|
598
637
|
stack: error.stack,
|
|
599
638
|
requestId: request.id,
|
|
600
|
-
},
|
|
639
|
+
}, "Request error");
|
|
601
640
|
reply.status(error.statusCode ?? 500).send({
|
|
602
641
|
error: {
|
|
603
|
-
code: error.code ??
|
|
604
|
-
message: config.env ===
|
|
605
|
-
? 'An error occurred'
|
|
606
|
-
: error.message,
|
|
642
|
+
code: error.code ?? "INTERNAL_ERROR",
|
|
643
|
+
message: config.env === "production" ? "An error occurred" : error.message,
|
|
607
644
|
},
|
|
608
645
|
});
|
|
609
646
|
});
|
|
@@ -624,10 +661,10 @@ export async function startServer() {
|
|
|
624
661
|
port: config.api.port,
|
|
625
662
|
host: config.api.host,
|
|
626
663
|
environment: config.env,
|
|
627
|
-
},
|
|
664
|
+
}, "Server started");
|
|
628
665
|
}
|
|
629
666
|
catch (error) {
|
|
630
|
-
apiLogger.error({ error },
|
|
667
|
+
apiLogger.error({ error }, "Failed to start server");
|
|
631
668
|
process.exit(1);
|
|
632
669
|
}
|
|
633
670
|
}
|