Skip to main content
Version: 1.x

interfaces

World interfaces

Import interface wasi:io/error@0.2.0

Types

resource error

A resource which represents some error information.

The only method provided by this resource is to-debug-string, which provides some human-readable information about the error.

In the wasi:io package, this resource is returned through the wasi:io/streams/stream-error type.

To provide more specific error information, other interfaces may provide functions to further "downcast" this error into more specific error information. For example, errors returned in streams derived from filesystem types to be described using the filesystem's own error-code type, using the function wasi:filesystem/types/filesystem-error-code, which takes a parameter borrow<error> and returns option<wasi:filesystem/types/error-code>.

The set of functions which can "downcast" an error into a more concrete type is open.

Functions

[method]error.to-debug-string: func

Returns a string that is suitable to assist humans in debugging this error.

WARNING: The returned string should not be consumed mechanically! It may change across platforms, hosts, or other implementation details. Parsing this string is a major platform-compatibility hazard.

Params
Return values
  • string

Import interface wasi:io/poll@0.2.0

A poll API intended to let users wait for I/O events on multiple handles at once.

Types

resource pollable

pollable represents a single I/O event which may be ready, or not.

Functions

[method]pollable.ready: func

Return the readiness of a pollable. This function never blocks.

Returns true when the pollable is ready, and false otherwise.

Params
Return values
  • bool

[method]pollable.block: func

block returns immediately if the pollable is ready, and otherwise blocks until ready.

This function is equivalent to calling poll.poll on a list containing only this pollable.

Params

poll: func

Poll for completion on a set of pollables.

This function takes a list of pollables, which identify I/O sources of interest, and waits until one or more of the events is ready for I/O.

The result list<u32> contains one or more indices of handles in the argument list that is ready for I/O.

If the list contains more elements than can be indexed with a u32 value, this function traps.

A timeout can be implemented by adding a pollable from the wasi-clocks API to the list.

This function does not return a result; polling in itself does not do any I/O so it doesn't fail. If any of the I/O sources identified by the pollables has an error, it is indicated by marking the source as being reaedy for I/O.

Params
Return values
  • list<u32>

Import interface wasi:io/streams@0.2.0

WASI I/O is an I/O abstraction API which is currently focused on providing stream types.

In the future, the component model is expected to add built-in stream types; when it does, they are expected to subsume this API.

Types

type error

error

#### `type pollable` [`pollable`](#pollable)

#### `variant stream-error`

An error for input-stream and output-stream operations.

Variant Cases

  • last-operation-failed: own<error>

    The last operation (a write or flush) failed before completion.

    More information is available in the error payload.

  • closed

    The stream is closed: no more input will be accepted by the stream. A closed output-stream will return this error on all future operations.

resource input-stream

An input bytestream.

input-streams are non-blocking to the extent practical on underlying platforms. I/O operations always return promptly; if fewer bytes are promptly available than requested, they return the number of bytes promptly available, which could even be zero. To wait for data to be available, use the subscribe function to obtain a pollable which can be polled for using wasi:io/poll.

resource output-stream

An output bytestream.

output-streams are non-blocking to the extent practical on underlying platforms. Except where specified otherwise, I/O operations also always return promptly, after the number of bytes that can be written promptly, which could even be zero. To wait for the stream to be ready to accept data, the subscribe function to obtain a pollable which can be polled for using wasi:io/poll.

Functions

[method]input-stream.read: func

Perform a non-blocking read from the stream.

When the source of a read is binary data, the bytes from the source are returned verbatim. When the source of a read is known to the implementation to be text, bytes containing the UTF-8 encoding of the text are returned.

This function returns a list of bytes containing the read data, when successful. The returned list will contain up to len bytes; it may return fewer than requested, but not more. The list is empty when no bytes are available for reading at this time. The pollable given by subscribe will be ready when more bytes are available.

This function fails with a stream-error when the operation encounters an error, giving last-operation-failed, or when the stream is closed, giving closed.

When the caller gives a len of 0, it represents a request to read 0 bytes. If the stream is still open, this call should succeed and return an empty list, or otherwise fail with closed.

The len parameter is a u64, which could represent a list of u8 which is not possible to allocate in wasm32, or not desirable to allocate as as a return value by the callee. The callee may return a list of bytes less than len in size while more bytes are available for reading.

Params
Return values

[method]input-stream.blocking-read: func

Read bytes from a stream, after blocking until at least one byte can be read. Except for blocking, behavior is identical to read.

Params
Return values

[method]input-stream.skip: func

Skip bytes from a stream. Returns number of bytes skipped.

Behaves identical to read, except instead of returning a list of bytes, returns the number of bytes consumed from the stream.

Params
Return values

[method]input-stream.blocking-skip: func

Skip bytes from a stream, after blocking until at least one byte can be skipped. Except for blocking behavior, identical to skip.

Params
Return values

[method]input-stream.subscribe: func

Create a pollable which will resolve once either the specified stream has bytes available to read or the other end of the stream has been closed. The created pollable is a child resource of the input-stream. Implementations may trap if the input-stream is dropped before all derived pollables created with this function are dropped.

Params
Return values

[method]output-stream.check-write: func

Check readiness for writing. This function never blocks.

Returns the number of bytes permitted for the next call to write, or an error. Calling write with more bytes than this function has permitted will trap.

When this function returns 0 bytes, the subscribe pollable will become ready when this function will report at least 1 byte, or an error.

Params
Return values

[method]output-stream.write: func

Perform a write. This function never blocks.

When the destination of a write is binary data, the bytes from contents are written verbatim. When the destination of a write is known to the implementation to be text, the bytes of contents are transcoded from UTF-8 into the encoding of the destination and then written.

Precondition: check-write gave permit of Ok(n) and contents has a length of less than or equal to n. Otherwise, this function will trap.

returns Err(closed) without writing if the stream has closed since the last call to check-write provided a permit.

Params
Return values

[method]output-stream.blocking-write-and-flush: func

Perform a write of up to 4096 bytes, and then flush the stream. Block until all of these operations are complete, or an error occurs.

This is a convenience wrapper around the use of check-write, subscribe, write, and flush, and is implemented with the following pseudo-code:

text
let pollable = this.subscribe();
while !contents.is_empty() {
  // Wait for the stream to become writable
  pollable.block();
  let Ok(n) = this.check-write(); // eliding error handling
  let len = min(n, contents.len());
  let (chunk, rest) = contents.split_at(len);
  this.write(chunk  );            // eliding error handling
  contents = rest;
}
this.flush();
// Wait for completion of `flush`
pollable.block();
// Check for any errors that arose during `flush`
let _ = this.check-write();         // eliding error handling
Params
Return values

[method]output-stream.flush: func

Request to flush buffered output. This function never blocks.

This tells the output-stream that the caller intends any buffered output to be flushed. the output which is expected to be flushed is all that has been passed to write prior to this call.

Upon calling this function, the output-stream will not accept any writes (check-write will return ok(0)) until the flush has completed. The subscribe pollable will become ready when the flush has completed and the stream can accept more writes.

Params
Return values

[method]output-stream.blocking-flush: func

Request to flush buffered output, and block until flush completes and stream is ready for writing again.

Params
Return values

[method]output-stream.subscribe: func

Create a pollable which will resolve once the output-stream is ready for more writing, or an error has occured. When this pollable is ready, check-write will return ok(n) with n>0, or an error.

If the stream is closed, this pollable is always ready immediately.

The created pollable is a child resource of the output-stream. Implementations may trap if the output-stream is dropped before all derived pollables created with this function are dropped.

Params
Return values

[method]output-stream.write-zeroes: func

Write zeroes to a stream.

This should be used precisely like write with the exact same preconditions (must use check-write first), but instead of passing a list of bytes, you simply pass the number of zero-bytes that should be written.

Params
Return values

[method]output-stream.blocking-write-zeroes-and-flush: func

Perform a write of up to 4096 zeroes, and then flush the stream. Block until all of these operations are complete, or an error occurs.

This is a convenience wrapper around the use of check-write, subscribe, write-zeroes, and flush, and is implemented with the following pseudo-code:

text
let pollable = this.subscribe();
while num_zeroes != 0 {
  // Wait for the stream to become writable
  pollable.block();
  let Ok(n) = this.check-write(); // eliding error handling
  let len = min(n, num_zeroes);
  this.write-zeroes(len);         // eliding error handling
  num_zeroes -= len;
}
this.flush();
// Wait for completion of `flush`
pollable.block();
// Check for any errors that arose during `flush`
let _ = this.check-write();         // eliding error handling
Params
Return values

[method]output-stream.splice: func

Read from one stream and write to another.

The behavior of splice is equivelant to:

  1. calling check-write on the output-stream
  2. calling read on the input-stream with the smaller of the check-write permitted length and the len provided to splice
  3. calling write on the output-stream with that read data.

Any error reported by the call to check-write, read, or write ends the splice and reports that error.

This function returns the number of bytes transferred; it may be less than len.

Params
Return values

[method]output-stream.blocking-splice: func

Read from one stream and write to another, with blocking.

This is similar to splice, except that it blocks until the output-stream is ready for writing, and the input-stream is ready for reading, before performing the splice.

Params
Return values

Import interface wasi:blobstore/types@0.2.0-draft

Types used by blobstore

Types

type input-stream

input-stream

#### `type output-stream` [`output-stream`](#output_stream)

#### `type container-name` `string`

name of a container, a collection of objects. The container name may be any valid UTF-8 string.

type object-name

string

name of an object within a container The object name may be any valid UTF-8 string.

type timestamp

u64

TODO: define timestamp to include seconds since Unix epoch and nanoseconds https://github.com/WebAssembly/wasi-blob-store/issues/7

type object-size

u64

size of an object, in bytes

type error

string

#### `record container-metadata`

information about a container

Record Fields

record object-metadata

information about an object

Record Fields

record object-id

identifier for an object that includes its container name

Record Fields

resource outgoing-value

A data is the data stored in a data blob. The value can be of any type that can be represented in a byte array. It provides a way to write the value to the output-stream defined in the wasi-io interface. Soon: switch to resource value { ... }

resource incoming-value

A incoming-value is a wrapper around a value. It provides a way to read the value from the input-stream defined in the wasi-io interface.

The incoming-value provides two ways to consume the value:

  1. incoming-value-consume-sync consumes the value synchronously and returns the value as a list of bytes.
  2. incoming-value-consume-async consumes the value asynchronously and returns the value as an input-stream. Soon: switch to resource incoming-value { ... }

type incoming-value-async-body

input-stream

#### `type incoming-value-sync-body` [`incoming-value-sync-body`](#incoming_value_sync_body)

----

Functions

[static]outgoing-value.new-outgoing-value: func

Return values

[method]outgoing-value.outgoing-value-write-body: func

Returns a stream for writing the value contents.

The returned output-stream is a child resource: it must be dropped before the parent outgoing-value resource is dropped (or finished), otherwise the outgoing-value drop or finish will trap.

Returns success on the first call: the output-stream resource for this outgoing-value may be retrieved at most once. Subsequent calls will return error.

Params
Return values

[static]outgoing-value.finish: func

Finalize an outgoing value. This must be called to signal that the outgoing value is complete. If the outgoing-value is dropped without calling outgoing-value.finalize, the implementation should treat the value as corrupted.

Params
Return values

[static]incoming-value.incoming-value-consume-sync: func

Params
Return values

[static]incoming-value.incoming-value-consume-async: func

Params
Return values

[method]incoming-value.size: func

Params
Return values
  • u64

Import interface wasi:blobstore/container@0.2.0-draft

a Container is a collection of objects

Types

type input-stream

input-stream

#### `type output-stream` [`output-stream`](#output_stream)

#### `type container-metadata` [`container-metadata`](#container_metadata)

#### `type error` [`error`](#error)

#### `type incoming-value` [`incoming-value`](#incoming_value)

#### `type object-metadata` [`object-metadata`](#object_metadata)

#### `type object-name` [`object-name`](#object_name)

#### `type outgoing-value` [`outgoing-value`](#outgoing_value)

#### `resource container`

this defines the container resource

resource stream-object-names

this defines the stream-object-names resource which is a representation of stream

Functions

[method]container.name: func

returns container name

Params
Return values

[method]container.info: func

returns container metadata

Params
Return values

[method]container.get-data: func

retrieves an object or portion of an object, as a resource. Start and end offsets are inclusive. Once a data-blob resource has been created, the underlying bytes are held by the blobstore service for the lifetime of the data-blob resource, even if the object they came from is later deleted.

Params
Return values

[method]container.write-data: func

creates or replaces an object with the data blob.

Params
Return values

[method]container.list-objects: func

returns list of objects in the container. Order is undefined.

Params
Return values

[method]container.delete-object: func

deletes object. does not return error if object did not exist.

Params
Return values

[method]container.delete-objects: func

deletes multiple objects in the container

Params
Return values

[method]container.has-object: func

returns true if the object exists in this container

Params
Return values

[method]container.object-info: func

returns metadata for the object

Params
Return values

[method]container.clear: func

removes all objects within the container, leaving the container empty.

Params
Return values

[method]stream-object-names.read-stream-object-names: func

reads the next number of objects from the stream

This function returns the list of objects read, and a boolean indicating if the end of the stream was reached.

Params
Return values

[method]stream-object-names.skip-stream-object-names: func

skip the next number of objects in the stream

This function returns the number of objects skipped, and a boolean indicating if the end of the stream was reached.

Params
Return values
  • result<(u64, bool), error>

Import interface wasi:blobstore/blobstore@0.2.0-draft

wasi-cloud Blobstore service definition

Types

type container

container

#### `type error` [`error`](#error)

#### `type container-name` [`container-name`](#container_name)

#### `type object-id` [`object-id`](#object_id)

----

Functions

create-container: func

creates a new empty container

Params
Return values

get-container: func

retrieves a container by name

Params
Return values

delete-container: func

deletes a container and all objects within it

Params
Return values

container-exists: func

returns true if the container exists

Params
Return values

copy-object: func

copies (duplicates) an object, to the same or a different container. returns an error if the target container does not exist. overwrites destination object if it already existed.

Params
Return values

move-object: func

moves or renames an object, to the same or a different container returns an error if the destination container does not exist. overwrites destination object if it already existed.

Params
Return values

Import interface wasi:config/store@0.2.0-draft

Types

variant error

An error type that encapsulates the different errors that can occur fetching configuration values.

Variant Cases

  • upstream: string

    This indicates an error from an "upstream" config source. As this could be almost _anything_ (such as Vault, Kubernetes ConfigMaps, KeyValue buckets, etc), the error message is a string.

  • io: string

    This indicates an error from an I/O operation. As this could be almost _anything_ (such as a file read, network connection, etc), the error message is a string. Depending on how this ends up being consumed, we may consider moving this to use the `wasi:io/error` type instead. For simplicity right now in supporting multiple implementations, it is being left as a string.

Functions

get: func

Gets a configuration value of type string associated with the key.

The value is returned as an option<string>. If the key is not found, Ok(none) is returned. If an error occurs, an Err(error) is returned.

Params
  • key: string
Return values
  • result<option<string>, error>

get-all: func

Gets a list of configuration key-value pairs of type string.

If an error occurs, an Err(error) is returned.

Return values
  • result<list<(string, string)>, error>

Import interface wasi:keyvalue/store@0.2.0-draft

A keyvalue interface that provides eventually consistent key-value operations.

Each of these operations acts on a single key-value pair.

The value in the key-value pair is defined as a u8 byte array and the intention is that it is the common denominator for all data types defined by different key-value stores to handle data, ensuring compatibility between different key-value stores. Note: the clients will be expecting serialization/deserialization overhead to be handled by the key-value store. The value could be a serialized object from JSON, HTML or vendor-specific data types like AWS S3 objects.

Data consistency in a key value store refers to the guarantee that once a write operation completes, all subsequent read operations will return the value that was written.

Any implementation of this interface must have enough consistency to guarantee "reading your writes." In particular, this means that the client should never get a value that is older than the one it wrote, but it MAY get a newer value if one was written around the same time. These guarantees only apply to the same client (which will likely be provided by the host or an external capability of some kind). In this context a "client" is referring to the caller or guest that is consuming this interface. Once a write request is committed by a specific client, all subsequent read requests by the same client will reflect that write or any subsequent writes. Another client running in a different context may or may not immediately see the result due to the replication lag. As an example of all of this, if a value at a given key is A, and the client writes B, then immediately reads, it should get B. If something else writes C in quick succession, then the client may get C. However, a client running in a separate context may still see A or B

Types

variant error

The set of errors which may be raised by functions in this package

Variant Cases

  • no-such-store

    The host does not recognize the store identifier requested.

  • access-denied

    The requesting component does not have access to the specified store (which may or may not exist).

  • other: string

    Some implementation-specific error has occurred (e.g. I/O)

record key-response

A response to a list-keys operation.

Record Fields

  • keys: list<string>

    The list of keys returned by the query.

  • cursor: option<u64>

    The continuation token to use to fetch the next page of keys. If this is `null`, then there are no more keys to fetch.

resource bucket

A bucket is a collection of key-value pairs. Each key-value pair is stored as a entry in the bucket, and the bucket itself acts as a collection of all these entries.

It is worth noting that the exact terminology for bucket in key-value stores can very depending on the specific implementation. For example:

  1. Amazon DynamoDB calls a collection of key-value pairs a table
  2. Redis has hashes, sets, and sorted sets as different types of collections
  3. Cassandra calls a collection of key-value pairs a column family
  4. MongoDB calls a collection of key-value pairs a collection
  5. Riak calls a collection of key-value pairs a bucket
  6. Memcached calls a collection of key-value pairs a slab
  7. Azure Cosmos DB calls a collection of key-value pairs a container

In this interface, we use the term bucket to refer to a collection of key-value pairs

Functions

open: func

Get the bucket with the specified identifier.

identifier must refer to a bucket provided by the host.

error::no-such-store will be raised if the identifier is not recognized.

Params
  • identifier: string
Return values

[method]bucket.get: func

Get the value associated with the specified key

The value is returned as an option. If the key-value pair exists in the store, it returns Ok(value). If the key does not exist in the store, it returns Ok(none).

If any other error occurs, it returns an Err(error).

Params
  • self: borrow<bucket>
  • key: string
Return values
  • result<option<list<u8>>, error>

[method]bucket.set: func

Set the value associated with the key in the store. If the key already exists in the store, it overwrites the value.

If the key does not exist in the store, it creates a new key-value pair.

If any other error occurs, it returns an Err(error).

Params
  • self: borrow<bucket>
  • key: string
  • value: list<u8>
Return values

[method]bucket.delete: func

Delete the key-value pair associated with the key in the store.

If the key does not exist in the store, it does nothing.

If any other error occurs, it returns an Err(error).

Params
  • self: borrow<bucket>
  • key: string
Return values

[method]bucket.exists: func

Check if the key exists in the store.

If the key exists in the store, it returns Ok(true). If the key does not exist in the store, it returns Ok(false).

If any other error occurs, it returns an Err(error).

Params
  • self: borrow<bucket>
  • key: string
Return values

[method]bucket.list-keys: func

Get all the keys in the store with an optional cursor (for use in pagination). It returns a list of keys. Please note that for most KeyValue implementations, this is a can be a very expensive operation and so it should be used judiciously. Implementations can return any number of keys in a single response, but they should never attempt to send more data than is reasonable (i.e. on a small edge device, this may only be a few KB, while on a large machine this could be several MB). Any response should also return a cursor that can be used to fetch the next page of keys. See the key-response record for more information.

Note that the keys are not guaranteed to be returned in any particular order.

If the store is empty, it returns an empty list.

MAY show an out-of-date list of keys if there are concurrent writes to the store.

If any error occurs, it returns an Err(error).

Params
  • self: borrow<bucket>
  • cursor: option<u64>
Return values

Import interface wasi:keyvalue/atomics@0.2.0-draft

A keyvalue interface that provides atomic operations.

Atomic operations are single, indivisible operations. When a fault causes an atomic operation to fail, it will appear to the invoker of the atomic operation that the action either completed successfully or did nothing at all.

Please note that this interface is bare functions that take a reference to a bucket. This is to get around the current lack of a way to "extend" a resource with additional methods inside of wit. Future version of the interface will instead extend these methods on the base bucket resource.

Types

type bucket

bucket

#### `type error` [`error`](#error)

----

Functions

increment: func

Atomically increment the value associated with the key in the store by the given delta. It returns the new value.

If the key does not exist in the store, it creates a new key-value pair with the value set to the given delta.

If any other error occurs, it returns an Err(error).

Params
Return values

Import interface wasi:keyvalue/batch@0.2.0-draft

A keyvalue interface that provides batch operations.

A batch operation is an operation that operates on multiple keys at once.

Batch operations are useful for reducing network round-trip time. For example, if you want to get the values associated with 100 keys, you can either do 100 get operations or you can do 1 batch get operation. The batch operation is faster because it only needs to make 1 network call instead of 100.

A batch operation does not guarantee atomicity, meaning that if the batch operation fails, some of the keys may have been modified and some may not.

This interface does has the same consistency guarantees as the store interface, meaning that you should be able to "read your writes."

Please note that this interface is bare functions that take a reference to a bucket. This is to get around the current lack of a way to "extend" a resource with additional methods inside of wit. Future version of the interface will instead extend these methods on the base bucket resource.

Types

type bucket

bucket

#### `type error` [`error`](#error)

----

Functions

get-many: func

Get the key-value pairs associated with the keys in the store. It returns a list of key-value pairs.

If any of the keys do not exist in the store, it returns a none value for that pair in the list.

MAY show an out-of-date value if there are concurrent writes to the store.

If any other error occurs, it returns an Err(error).

Params
Return values
  • result<list<option<(string, list<u8>)>>, error>

set-many: func

Set the values associated with the keys in the store. If the key already exists in the store, it overwrites the value.

Note that the key-value pairs are not guaranteed to be set in the order they are provided.

If any of the keys do not exist in the store, it creates a new key-value pair.

If any other error occurs, it returns an Err(error). When an error occurs, it does not rollback the key-value pairs that were already set. Thus, this batch operation does not guarantee atomicity, implying that some key-value pairs could be set while others might fail.

Other concurrent operations may also be able to see the partial results.

Params
  • bucket: borrow<bucket>
  • key-values: list<(string, list<u8>)>
Return values

delete-many: func

Delete the key-value pairs associated with the keys in the store.

Note that the key-value pairs are not guaranteed to be deleted in the order they are provided.

If any of the keys do not exist in the store, it skips the key.

If any other error occurs, it returns an Err(error). When an error occurs, it does not rollback the key-value pairs that were already deleted. Thus, this batch operation does not guarantee atomicity, implying that some key-value pairs could be deleted while others might fail.

Other concurrent operations may also be able to see the partial results.

Params
Return values

Import interface wasi:logging/logging@0.1.0-draft

WASI Logging is a logging API intended to let users emit log messages with simple priority levels and context values.

Types

enum level

A log level, describing a kind of message.

Enum Cases

  • trace

    Describes messages about the values of variables and the flow of control within a program.

  • debug

    Describes messages likely to be of interest to someone debugging a program.

  • info

    Describes messages likely to be of interest to someone monitoring a program.

  • warn

    Describes messages indicating hazardous situations.

  • error

    Describes messages indicating serious errors.

  • critical

    Describes messages indicating fatal errors.

Functions

log: func

Emit a log message.

A log message has a level describing what kind of message is being sent, a context, which is an uninterpreted string meant to help consumers group similar messages, and a string containing the message text.

Params

Import interface wasmcloud:bus/lattice@1.0.0

Types

resource call-target-interface

Interface target. This represents an interface, which can be selected by set-link-name.

Functions

[constructor]call-target-interface: func

Params
  • namespace: string
  • package: string
  • interface: string
Return values

set-link-name: func

Set a link name to use for all interfaces specified. This is advanced functionality only available within wasmcloud and, as such, is exposed here as part of the wasmcloud:bus package. This is used when you are linking multiple of the same interfaces (i.e. a keyvalue implementation for caching and another one for secrets) to a component.

Params

Import interface wasmcloud:bus/lattice@2.0.0

Types

resource call-target-interface

Interface target. This represents an interface, which can be selected by set-link-name.

Functions

[constructor]call-target-interface: func

Params
  • namespace: string
  • package: string
  • interface: string
Return values

set-link-name: func

Set a link name to use for all interfaces specified. This is advanced functionality only available within wasmcloud and, as such, is exposed here as part of the wasmcloud:bus package. This is used when you are linking multiple of the same interfaces (i.e. a keyvalue implementation for caching and another one for secrets) to a component.

Will return an error if a link does not exist at call time with the specified name and interfaces.

Params
Return values
  • result<_, string>

Import interface wasmcloud:messaging/types@0.2.0

Types common to message broker interactions

Types

record broker-message

A message sent to or received from a broker

Record Fields
  • subject: string
  • body: list<u8>
  • reply-to: option<string>

Import interface wasmcloud:messaging/consumer@0.2.0

Types

type broker-message

broker-message

----

Functions

request: func

Perform a request operation on a subject

Params
  • subject: string
  • body: list<u8>
  • timeout-ms: u32
Return values

publish: func

Publish a message to a subject without awaiting a response

Params
Return values
  • result<_, string>

Import interface wasmcloud:secrets/store@0.1.0-draft

Types

variant secrets-error

An error type that encapsulates the different errors that can occur fetching secrets

Variant Cases

  • upstream: string

    This indicates an error from an "upstream" secrets source. As this could be almost _anything_ (such as Vault, Kubernetes Secrets, KeyValue buckets, etc), the error message is a string.

  • io: string

    This indicates an error from an I/O operation. As this could be almost _anything_ (such as a file read, network connection, etc), the error message is a string. Depending on how this ends up being consumed, we may consider moving this to use the `wasi:io/error` type instead. For simplicity right now in supporting multiple implementations, it is being left as a string.

  • not-found

    This indicates that the secret was not found. Generally "not found" errors will be handled by the upstream secrets backend, but there are cases where the host may need to return this error.

variant secret-value

A secret value can be either a string or a byte array, which lets you store binary data as a secret.

Variant Cases

  • string: string

    A string value

  • bytes: list<u8>

    A byte array value

resource secret

A secret is a resource that can only be borrowed. This allows you to pass around handles to secrets and not reveal the values until a component needs them. You need to use the reveal interface to get the value.

Functions

get: func

Gets a single opaque secrets value set at the given key if it exists

Params
  • key: string
Return values

Import interface wasmcloud:secrets/reveal@0.1.0-draft

Types

type secret

secret

#### `type secret-value` [`secret-value`](#secret_value)

----

Functions

reveal: func

Reveals the value of a secret to the caller. This lets you easily audit your code to discover where secrets are being used.

Params
Return values