Initial scaffold: certificate control plane v0.1.0

internal/domain/policy.go

@@ -0,0 +1,47 @@
+package domain
+
+import (
+	"encoding/json"
+	"time"
+)
+
+// PolicyRule defines enforcement rules for certificate management.
+type PolicyRule struct {
+	ID        string     `json:"id"`
+	Name      string     `json:"name"`
+	Type      PolicyType `json:"type"`
+	Config    json.RawMessage `json:"config"`
+	Enabled   bool       `json:"enabled"`
+	CreatedAt time.Time  `json:"created_at"`
+	UpdatedAt time.Time  `json:"updated_at"`
+}
+
+// PolicyType represents the category of policy enforcement.
+type PolicyType string
+
+const (
+	PolicyTypeAllowedIssuers      PolicyType = "AllowedIssuers"
+	PolicyTypeAllowedDomains      PolicyType = "AllowedDomains"
+	PolicyTypeRequiredMetadata    PolicyType = "RequiredMetadata"
+	PolicyTypeAllowedEnvironments PolicyType = "AllowedEnvironments"
+	PolicyTypeRenewalLeadTime     PolicyType = "RenewalLeadTime"
+)
+
+// PolicyViolation records an instance of a certificate violating a policy rule.
+type PolicyViolation struct {
+	ID            string            `json:"id"`
+	CertificateID string            `json:"certificate_id"`
+	RuleID        string            `json:"rule_id"`
+	Message       string            `json:"message"`
+	Severity      PolicySeverity    `json:"severity"`
+	CreatedAt     time.Time         `json:"created_at"`
+}
+
+// PolicySeverity indicates the impact level of a policy violation.
+type PolicySeverity string
+
+const (
+	PolicySeverityWarning  PolicySeverity = "Warning"
+	PolicySeverityError    PolicySeverity = "Error"
+	PolicySeverityCritical PolicySeverity = "Critical"
+)