1import { ScalarTypeEnum, SchemaModel } from '@lssm-tech/lib.schema';
2import { defineCommand } from '../../operations';
3import {
4	CONTROL_PLANE_DOMAIN,
5	CONTROL_PLANE_OWNERS,
6	CONTROL_PLANE_STABILITY,
7	CONTROL_PLANE_TAGS,
8} from '../constants';
9import { ControlPlaneSkillInstalledEvent } from '../events/controlPlaneSkillInstalled.event';
10import { ControlPlaneSkillRejectedEvent } from '../events/controlPlaneSkillRejected.event';
11import {
12	ControlPlaneSkillManifestModel,
13	ControlPlaneSkillVerificationIssueModel,
14} from '../skills/schema';
15
16export const ControlPlaneSkillInstallCommand = defineCommand({
17	meta: {
18		key: 'controlPlane.skill.install',
19		title: 'Install Skill Artifact',
20		version: '1.0.0',
21		description: 'Install a signed skill artifact after verification checks.',
22		goal: 'Enforce trusted skill onboarding with provenance guarantees.',
23		context:
24			'Used by the control plane or marketplace workflows when enabling new skills.',
25		domain: CONTROL_PLANE_DOMAIN,
26		owners: CONTROL_PLANE_OWNERS,
27		tags: [...CONTROL_PLANE_TAGS, 'skills'],
28		stability: CONTROL_PLANE_STABILITY,
29	},
30	capability: {
31		key: 'control-plane.skill-registry',
32		version: '1.0.0',
33	},
34	io: {
35		input: ControlPlaneSkillInstallInput,
36		output: ControlPlaneSkillInstallOutput,
37		errors: {
38			SIGNATURE_INVALID: {
39				description: 'The submitted artifact signature is invalid.',
40				http: 400,
41				when: 'Signature verification fails for the supplied artifact digest.',
42			},
43			SIGNATURE_MISSING: {
44				description: 'The skill manifest is missing a signature block.',
45				http: 400,
46				when: 'Unsigned skill artifacts are submitted for installation.',
47			},
48			MANIFEST_INVALID: {
49				description: 'The skill manifest payload is malformed.',
50				http: 400,
51				when: 'Manifest schema validation fails before verification can run.',
52			},
53			SCHEMA_VERSION_INVALID: {
54				description: 'The skill manifest schema version is unsupported.',
55				http: 400,
56				when: 'Manifest schemaVersion is not supported by the control plane.',
57			},
58			PUBLISHER_UNTRUSTED: {
59				description: 'The skill publisher or signing key is not trusted.',
60				http: 403,
61				when: 'Publisher trust policy rejects the manifest identity or signature key.',
62			},
63			KEY_UNTRUSTED: {
64				description: 'The signing key is not pinned for the trusted publisher.',
65				http: 403,
66				when: 'Trusted publisher policy does not include the manifest keyId or public key.',
67			},
68			PROVENANCE_UNTRUSTED: {
69				description:
70					'The skill provenance is outside the trusted publisher scope.',
71				http: 403,
72				when: 'Manifest provenance does not match the trusted publisher prefixes.',
73			},
74			ARTIFACT_DIGEST_MISMATCH: {
75				description:
76					'The submitted artifact digest does not match the signed manifest.',
77				http: 409,
78				when: 'Artifact tampering or drift is detected during verification.',
79			},
80			SIGNATURE_EXPIRED: {
81				description: 'The skill manifest signature has expired.',
82				http: 400,
83				when: 'Signature expiry checks fail during verification.',
84			},
85			CONTRACTS_SPEC_VERSION_MISSING: {
86				description:
87					'The runtime did not provide a ContractSpec version for compatibility checks.',
88				http: 409,
89				when: 'Compatibility requirements cannot be evaluated without a runtime version.',
90			},
91			CONTRACTS_SPEC_TOO_OLD: {
92				description:
93					'The runtime ContractSpec version is below the supported minimum.',
94				http: 409,
95				when: 'Skill compatibility requires a newer ContractSpec version.',
96			},
97			CONTRACTS_SPEC_TOO_NEW: {
98				description:
99					'The runtime ContractSpec version is above the supported maximum.',
100				http: 409,
101				when: 'Skill compatibility does not support the active ContractSpec version yet.',
102			},
103			CONTROL_PLANE_VERSION_MISSING: {
104				description:
105					'The runtime did not provide a control-plane version for compatibility checks.',
106				http: 409,
107				when: 'Control-plane feature compatibility requires an explicit runtime version.',
108			},
109			CONTROL_PLANE_TOO_OLD: {
110				description:
111					'The control-plane runtime is below the supported minimum version.',
112				http: 409,
113				when: 'Skill compatibility requires a newer control-plane version.',
114			},
115			CONTROL_PLANE_TOO_NEW: {
116				description:
117					'The control-plane runtime is above the supported maximum version.',
118				http: 409,
119				when: 'Skill compatibility does not support the active control-plane version yet.',
120			},
121			CAPABILITY_MISSING: {
122				description:
123					'The runtime is missing a capability required by the skill.',
124				http: 409,
125				when: 'Required control-plane capabilities are unavailable at install time.',
126			},
127		},
128	},
129	policy: {
130		auth: 'admin',
131		pii: [],
132	},
133	sideEffects: {
134		emits: [
135			{
136				ref: ControlPlaneSkillInstalledEvent.meta,
137				when: 'Skill validation and installation complete successfully.',
138			},
139			{
140				ref: ControlPlaneSkillRejectedEvent.meta,
141				when: 'Skill validation fails and installation is rejected.',
142			},
143		],
144	},
145});