Expand description
Consumer-side typed view of the evidence.json wire format
produced by compliance-evidence-collector.service.
LOADBEARING: this struct is one implementation of the canonical
schema; the contract is the JSON-on-disk format, not the Rust type.
The authoritative spec lives in the producer repo at
nixfleet-compliance/docs/evidence-format.md with a reference
fixture at nixfleet-compliance/docs/evidence-format-fixture.json.
Multiple language implementations (this Rust struct, the bash+jq
emitter in probe-runner.sh, the bash reader in
compliance-check, the untyped serde_json::Value consumer in
nixfleet-compliance-verify) all conform to the same wire spec.
Cardinality: one entry per control with a framework_articles
map. The same control (e.g. access-control) typically satisfies
multiple articles across multiple frameworks; nesting the map
avoids duplicating probe details on the wire. The agent expands
each entry into one ProbeSubResult per (framework, article)
tuple for per-row accounting in probe_failures (RFC-0007 §7.2).
Versioning: schema_version: 1 is the first formally-defined
evidence schema. Additive fields keep this constant (consumers
ignore unknown fields via serde(default)); field removal or
semantic change bumps the version in lockstep with the upstream
spec doc. The unreleased pre-retag v0.2.0 emit shape (no
schemaVersion field, control key spelling, status enum) is
superseded by the joint v0.2 retag — no production hosts ran the
broken integration end-to-end.
Drift detection: tests::fixture_round_trip deserialises the
upstream reference fixture (copied verbatim from the producer
repo with a SYNC header). Schema changes in the producer that
aren’t mirrored here surface as a test failure on the next build.
Structs§
- Evidence
Control Entry - One entry per control evaluated by the compliance collector.
passedis the control-level aggregate (every check indetailspassed).framework_articleslists which framework articles the control satisfies — used by the agent to emit oneProbeSubResultper (framework, article) tuple downstream. - Evidence
File - Top-level
evidence.jsonshape. The signed bytes consumed bynixfleet-compliance-verify(and the agent’s signature verify step) are the JCS canonical bytes of this struct.
Constants§
- SCHEMA_
VERSION - Schema version emitted by current producers. Bumped on any field-removal or semantic change; additive fields keep this constant.