9899398153
Wire the marketplace to actually install modules from Git repos, verify manifest signatures, track installations in the store, and auto-load them as Workers at startup. A module goes from marketplace entry to running Worker with Install() + LoadModule(). - Add Store.GetAll() for group-scoped key listing - Create marketplace.Installer with Install/Remove/Update/Installed - Export manifest.MarshalYAML for test fixtures - Wire installer into Service with auto-load on startup (step 8) - Expose Service.Installer() accessor - Full integration test: install → load → verify store write → unload → remove Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
43 lines
1 KiB
Go
43 lines
1 KiB
Go
package manifest
|
|
|
|
import (
|
|
"crypto/ed25519"
|
|
"fmt"
|
|
"path/filepath"
|
|
|
|
"forge.lthn.ai/core/go/pkg/io"
|
|
"gopkg.in/yaml.v3"
|
|
)
|
|
|
|
const manifestPath = ".core/view.yml"
|
|
|
|
// MarshalYAML serializes a manifest to YAML bytes.
|
|
func MarshalYAML(m *Manifest) ([]byte, error) {
|
|
return yaml.Marshal(m)
|
|
}
|
|
|
|
// Load reads and parses a .core/view.yml from the given root directory.
|
|
func Load(medium io.Medium, root string) (*Manifest, error) {
|
|
path := filepath.Join(root, manifestPath)
|
|
data, err := medium.Read(path)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("manifest.Load: %w", err)
|
|
}
|
|
return Parse([]byte(data))
|
|
}
|
|
|
|
// LoadVerified reads, parses, and verifies the ed25519 signature.
|
|
func LoadVerified(medium io.Medium, root string, pub ed25519.PublicKey) (*Manifest, error) {
|
|
m, err := Load(medium, root)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
ok, err := Verify(m, pub)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("manifest.LoadVerified: %w", err)
|
|
}
|
|
if !ok {
|
|
return nil, fmt.Errorf("manifest.LoadVerified: signature verification failed for %q", m.Code)
|
|
}
|
|
return m, nil
|
|
}
|