Skip to content

Add io.pilot.insforge + broker-signup provisioning primitives#79

Merged
Alexgodoroja merged 2 commits into
mainfrom
submit/io.pilot.insforge
Jul 8, 2026
Merged

Add io.pilot.insforge + broker-signup provisioning primitives#79
Alexgodoroja merged 2 commits into
mainfrom
submit/io.pilot.insforge

Conversation

@Alexgodoroja

Copy link
Copy Markdown
Collaborator

io.pilot.insforge

InsForge (the agent-native cloud — Postgres, auth, storage, edge functions, AI model gateway) as one byo HTTP app. insforge.signup provisions the caller's own isolated InsForge backend in a single signed call; the adapter caches the key + backend URL and every other method talks directly to that backend, authenticated as the user.

23 methods + insforge.help, with pricing stated on every method.

Broker

internal/insforgesignup + cmd/insforge-signup-broker: a signed provisioning broker that holds one managed master account and, per caller, refreshes an OAuth token, creates an InsForge project, and returns its access key + backend URL. Idempotent per caller, AES-GCM-encrypted ledger, per-IP anti-Sybil cap. Same signed-handler / ledger shape as otpsignup, without a mailbox.

Two additive scaffold primitives

Needed because InsForge's backend is provisioned per user and its insert API takes a bare top-level array:

  • backend.url_secret — a secrets.json key holding a per-user backend base URL, re-resolved per request (a BaseURLFunc, the base-URL analogue of the existing per-request HeaderFunc). The broker-signup handler caches the returned backend_url there.
  • body_raw — a param location whose value becomes the entire request body verbatim (bare array/scalar), the body analogue of path_raw.

Both are opt-in and leave existing apps unchanged. Unit tests added for each; broker has its own test suite; verify-submission passes for all 4 platforms.

Test

  • go test ./internal/scaffold/ ./internal/publish/ ./internal/insforgesignup/ green
  • Full local e2e (adapter socket ↔ broker ↔ live InsForge): signup → own backend → db create/insert/query → AI gateway key → storage, all pass

Alex Godoroja added 2 commits July 7, 2026 19:41
io.pilot.insforge is a byo HTTP app that provisions the caller's own isolated
InsForge backend (Postgres, auth, storage, edge functions, AI model gateway)
in one signed call. Pilot's insforge-signup-broker holds one managed master
account and mints a per-user project; the adapter caches the key + backend URL
and talks directly to that backend thereafter.

- internal/insforgesignup + cmd/insforge-signup-broker: signed provisioning
  broker (OAuth refresh -> create project -> fetch access key), idempotent per
  caller, AES-GCM ledger, per-IP cap. Mirrors the otpsignup broker shape.
- scaffold: backend.url_secret (per-request dynamic base URL from secrets.json,
  a BaseURLFunc analogue of HeaderFunc) and body_raw param location (a param's
  value becomes the whole request body, for bare-array APIs). Both additive.
- submissions/io.pilot.insforge/submission.json: 23 methods + help, pricing on
  every method.
- docs/BROKER-SIGNUP.md: master-account provisioning variant.
@Alexgodoroja Alexgodoroja merged commit 975957e into main Jul 8, 2026
7 checks passed
@Alexgodoroja Alexgodoroja deleted the submit/io.pilot.insforge branch July 8, 2026 02:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant