Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

nixfleet-proto

Role. Single canonical source of every wire-format type crossing the agent / CP / CI boundary. Sits at the bottom of the workspace dependency graph; every other crate depends on it. Each pub module mirrors a JSON artefact on disk (fleet.resolved, revocations.json, trust.json, rollout manifest, host rollout-state marker) or an HTTP request/response body. Optional fields serialise as null (not omitted) so JCS bytes round-trip identically with the Nix evaluator output.

Key types and state machines. Per module: fleet_resolved::FleetResolved (the signed CI artefact projected from mkFleet, with Channel, Host, RolloutPolicy, Wave, Edge, DisruptionBudget, Pin, and Meta sub-types), trust::TrustConfig / TrustedPubkey / KeySlot (typed trust attrset deserialised from trust.json with time-aware key rotation), revocations::Revocations + RevocationEntry (signed cert-revocation sidecar), host_rollout_state::HostRolloutState (the per-host soak / promotion / failure state machine), rollout_manifest::RolloutManifest (per-rollout snapshot with HostWave and RolloutBudget), agent_wire and enroll_wire (HTTP bodies for /v1/agent/* and /v1/enroll), compliance::ComplianceControl (typed control with evaluate / probe projections), fleet_view::HostsResponse / RolloutTrace (operator-facing read views).

Surface. All types are Serialize + Deserialize + Clone + PartialEq + Debug. Tests round-trip every wire shape via crates/nixfleet-proto/src/testing.rs (gated behind the testing feature). Schema versioning lives on the wire types themselves (schema_version field where applicable); RFC-0003 owns the protocol-version policy. The crate exposes no functions and no async surface - it is purely the types.

Links.