intract.yamlManifest służy do opisywania wielu plików, artefaktów i relacji między intencjami.
version: intract.v1
project:
name: my-service
intent: serve:user_api
contracts:
- id: project.service
scope: project
intent: serve:user_api
priority: 1
domain: service
input: [http_request]
output: [http_response]
require:
- expose.user_endpoints
- validate.user_input
- authorize.user_access
- package.docker_image
- deploy.kubernetes_service
forbid:
- secret_leak
- unauthenticated_write
files:
src/auth/permissions.py:
- scope: file
intent: validate:user_permission
priority: 1
domain: security
input: [user, resource]
output: [allowed]
forbid: [network, write]
artifacts:
openapi.yaml:
kind: openapi
provides:
- expose.user_endpoints
Dockerfile:
kind: dockerfile
provides:
- package.docker_image
forbid:
- root_user
- latest_tag
- secret_leak
.github/workflows/ci.yml:
kind: github_actions
provides:
- validate.ci_pipeline
require:
- run.tests
- run.intract
python -m intract check-manifest intract.yaml
Schemat:
requirePole require pozwala sprawdzać, czy większy kontrakt jest pokryty mniejszymi kontraktami.
Przykład:
intent: analyze:code_duplication
require:
- scan.project_files
- extract.code_blocks
- detect.duplicates
- render.report
Graf:
python -m intract graph . --format mermaid