update_meta_inputs: require operator approval, rename to request_update_meta_inputs

2026-05-22 09:26:09 +02:00 · 2026-05-22 09:26:09 +02:00 · 3e098c56ff
commit 3e098c56ff
parent 597e4ba03a
7 changed files with 94 additions and 28 deletions
--- a/hive-c0re/src/manager_server.rs
+++ b/hive-c0re/src/manager_server.rs
@ -311,21 +311,47 @@ async fn dispatch(req: &ManagerRequest, coord: &Arc<Coordinator>) -> ManagerResp
                },
            }
        }
-        ManagerRequest::UpdateMetaInputs { inputs } => {
+        ManagerRequest::RequestUpdateMetaInputs {
+            inputs,
+            description,
+        } => {
            let label = if inputs.is_empty() {
                "all inputs".to_string()
            } else {
                inputs.join(", ")
            };
-            tracing::info!(%label, "manager: update_meta_inputs");
-            // Treat empty list as "update all" by passing the full list
-            // to lock_update; it calls bare `nix flake update` when empty.
-            match crate::meta::lock_update(inputs).await {
-                Ok(()) => ManagerResponse::Ok,
-                Err(e) => ManagerResponse::Err {
-                    message: format!("update_meta_inputs({label}): {e:#}"),
-                },
-            }
+            tracing::info!(%label, "manager: request_update_meta_inputs");
+            // Encode the inputs list as JSON and store it in commit_ref
+            // (there's no git commit involved; the field carries the
+            // payload for the approval handler to decode at run time).
+            let commit_ref = serde_json::to_string(inputs).unwrap_or_default();
+            let id = match coord
+                .approvals
+                .submit_kind(
+                    hive_sh4re::MANAGER_AGENT,
+                    hive_sh4re::ApprovalKind::UpdateMetaInputs,
+                    &commit_ref,
+                    description.as_deref(),
+                )
+                .map_err(|e| anyhow::anyhow!("{e:#}"))
+            {
+                Ok(id) => id,
+                Err(e) => {
+                    return ManagerResponse::Err {
+                        message: format!("queue update_meta_inputs approval: {e:#}"),
+                    }
+                }
+            };
+            tracing::info!(%id, %label, "update_meta_inputs approval queued");
+            coord.emit_approval_added(
+                id,
+                hive_sh4re::MANAGER_AGENT,
+                "update_meta_inputs",
+                None,
+                None,
+                description.clone(),
+            );
+            ManagerResponse::Ok
        }
        ManagerRequest::Ask {
            question,