Skip to main content

Module pack_fetcher

aiegis_harness

Module pack_fetcher 

Source
Expand description

Remote policy-pack fetcher.

Talks to Nel’s signed-distribution surface at GET /index.json GET //.tar.gz GET //.sig

For each pack listed in index.json we:

  1. Fetch the .tar.gz and .sig.
  2. Verify the Ed25519 signature against the issuer pubkey (harness_core::pack_sig::verify_pack_tarball, which empirically matches Nel’s /opt/aegis/aegis-registry/src/policy_packs.py ::_sign_tarball_sha).
  3. Compare the sha256 against the value advertised in index.json (defence in depth — sig already covers this, but a mismatch flags a publisher bug or MITM that fooled the sig in some unforeseen way).
  4. Cache to disk under $XDG_CACHE_HOME/aiegis-harness/packs/ (fallback ~/.cache/…) so re-fetch is a no-op on warm start.
  5. Extract manifest.json + .rego file(s) into the cache dir for offline inspection.

ROUTING DECISION (honest): Nel’s packs ship full OPA Rego v1 (import rego.v1 + contains msg if syntax). The Rust reference daemon’s evaluator only supports the re_match(<regex>, input.value) subset. So we DO NOT register Nel’s packs in the evaluator stack — they are loaded as INVENTORY (visible in /health, sig-verified, cached) but actions are evaluated only against locally-loaded AHP-Policy-Pack/0.1 JSON files passed via –policy-pack.

This is what the spec mandates: “NO FAKE STUFF. If sig verification can’t reproduce in pure Rust without writing speculative code, surface as needs-iteration.” Sig verification reproduces fine. Rego v1 execution does not — embedding a Rego interpreter is a separate work item (see needs-iteration note below).

needs-iteration: embed opa-rs or regorus to actually execute Nel’s published packs. Tracked as Day-2 follow-up; until then the harness uses Nel’s packs as a SIGNED LISTING, not as live policy.

Structs§

PackDescriptor
PackIndex
RemotePack

Enums§

FetchError

Functions§

cache_root
Compute the on-disk cache root.
fetch_all
Fetch + verify + cache every pack listed at <base_url>/index.json.
fetch_bytes 🔒
fetch_one 🔒
fingerprint
Render a 16-char fingerprint of all loaded packs’ sha256s, in pack-load order. Lets e2e tests assert on a stable identity for the pack-source.