plan: approve lua profile implementation
This commit is contained in:
parent
20f72214d7
commit
36c932a5b3
|
|
@ -7,7 +7,7 @@ kind: task
|
|||
priority: P1
|
||||
labels: [manifest, profiles, lua, architecture]
|
||||
created_at: 2026-05-30T02:22:35Z
|
||||
updated_at: 2026-05-30T02:23:16Z
|
||||
updated_at: 2026-05-30T02:26:32Z
|
||||
assignee: null
|
||||
legacy_ticket: null
|
||||
---
|
||||
|
|
|
|||
|
|
@ -28,4 +28,35 @@ Current plan gate:
|
|||
- If the plan respects the boundary, the orchestrator may authorize implementation in the same Pod/worktree.
|
||||
|
||||
|
||||
---
|
||||
|
||||
<!-- event: decision author: hare at: 2026-05-30T02:26:32Z -->
|
||||
|
||||
## Decision
|
||||
|
||||
## Implementation plan accepted with constraints
|
||||
|
||||
The implementation Pod produced a plan for Lua-based reusable Profile authoring. The plan is accepted as the implementation direction, with these constraints:
|
||||
|
||||
- Lua is the primary authoring path for this ticket; Nix is not the primary profile layer.
|
||||
- Do not keep legacy `.nix` profile evaluation just for compatibility if it complicates the design. Prefer removing/disabling Nix profile resolution from the normal profile selector path, while leaving `--manifest` as the explicit low-level escape hatch.
|
||||
- Builtin/default must resolve from Lua/Profile or Rust in-process data without external `nix`.
|
||||
- Public authoring boundary is `profile` / `require("insomnia.profile")`, not public `mkManifest`.
|
||||
- Controlled `require` is part of the implementation: host virtual `insomnia.*` modules and profile-local modules only; no installed resource path imports.
|
||||
- Profile may be manifest-like, but runtime-bound or authority-bearing fields such as `pod.name`, concrete `scope.allow`/`scope.deny`, resolved paths, sockets, runtime state, and raw secret material must be rejected or clearly diagnosed.
|
||||
- Scope in Profile is intent/policy only; concrete authority is resolved against runtime/delegation inputs.
|
||||
- Model/context-derived compaction can use Lua locals and/or helper policy such as `compact.ratio`, not Nix recursive sets.
|
||||
- Preserve profile selection semantics where still meaningful: default/builtin/user/project/source-qualified/path selectors and persisted resolved Manifest snapshots.
|
||||
|
||||
Implementation plan summary:
|
||||
|
||||
- Add embedded Lua evaluation in `crates/manifest` using a vendored Lua crate such as `mlua` if dependency/license/build characteristics are acceptable.
|
||||
- Add a Profile data model that is a reusable manifest-like recipe template and converts into a concrete `PodManifest` only through resolver runtime inputs.
|
||||
- Add sandboxed Lua evaluation with denied `os`, `io`, `debug`, unrestricted `package`, `dofile`, `loadfile`, and uncontrolled loaders.
|
||||
- Add host-provided virtual modules such as `insomnia`, `insomnia.profile`, `insomnia.models`, `insomnia.compact`, and `insomnia.scope`.
|
||||
- Add profile-local controlled `require` with canonical path checks, module cache, and cycle diagnostics.
|
||||
- Migrate builtin/default from `resources/nix/profiles/default.nix` to a Lua/Profile source or in-process equivalent.
|
||||
- Add focused tests for builtin/default without external nix, host modules, local require, sandbox denial, invalid Manifest-shaped returns, scope intent resolution, and selector semantics.
|
||||
|
||||
|
||||
---
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user