85f9c7c487
- validate_artifact: add empty content_type -> MissingField; size_bytes <= 0 -> new BadSize; sha256 not exactly 64 lowercase-hex -> new BadDigest (via validate_sha256). The valid fixture (64-hex sha, positive size, non-empty content_type) stays accepted. - Release: rename updated_at -> published_at (published_at = 0 means draft). Final order: id, app_id, version, build, channel, notes, created_by, created_at, published_at. - Artifact: add opaque metadata: string before validation_status. - tests: add empty-content_type/MissingField, bad-size/BadSize, malformed-sha256/BadDigest cases and contract pins reading back Release.published_at and Artifact.metadata. PO-ruled out of scope and NOT added: Token model, in-memory repository (P2.3).
29 lines
843 B
Plaintext
29 lines
843 B
Plaintext
#import "modules/std.sx";
|
|
#import "platform.sx";
|
|
|
|
// Where an artifact sits in the validation pipeline: artifacts enter
|
|
// `pending`, then validation moves them to `valid` or `invalid`.
|
|
ValidationStatus :: enum u8 {
|
|
pending;
|
|
valid;
|
|
invalid;
|
|
}
|
|
|
|
// A single uploaded binary belonging to a release, for one platform.
|
|
// `sha256` is the lowercase-hex content digest; `storage_key` locates the
|
|
// bytes in the blob store. `metadata` is an opaque string (mirroring
|
|
// AuditEvent.metadata) carrying per-artifact data the manifest emits later.
|
|
Artifact :: struct {
|
|
id: string;
|
|
app_id: string;
|
|
release_id: string;
|
|
platform: Platform;
|
|
filename: string;
|
|
content_type: string;
|
|
size_bytes: s64;
|
|
sha256: string;
|
|
storage_key: string;
|
|
metadata: string;
|
|
validation_status: ValidationStatus = .pending;
|
|
}
|