Skip to content

Dapr

Dapr logo

Dapr can be used inside the sigMAX runtime model to provide a standard internal communication layer between generated components. It is not the public entry point of the application. Its role is to give each component a local sidecar that can handle service invocation, state access, bindings, pub/sub, secrets, and observability through declared building blocks.

In sigMAX, Dapr is mainly useful when generated components need to call each other or reach infrastructure capabilities without hard-coding host-specific addresses into the generated logic.

Dapr is an open source runtime for building distributed applications. It gives application code a set of stable APIs for common distributed-system concerns such as service invocation, state, pub/sub, bindings, secrets and observability.

The important idea is separation: application code keeps its business role, while Dapr carries infrastructure-facing communication patterns through a sidecar runtime named daprd.

Project concernDapr contribution
Service-to-service callsAddress services by app identity rather than hard-coded network details.
State and bindingsUse configured components instead of embedding provider-specific clients everywhere.
Pub/sub and eventsRoute messages through a portable building block.
Secrets and configKeep provider access behind declared runtime configuration.
ObservabilityEmit consistent telemetry around distributed calls.

Dapr is organized around building-block APIs. Each block exposes a stable API, while the concrete backing service is configured separately.

Building blockTypical purpose
Service invocationCall another application through its Dapr app ID.
State managementRead and write state through a configured state store.
Pub/subPublish and subscribe to application events.
BindingsConnect to external systems through input or output bindings.
SecretsRetrieve secrets from a configured secret store.
ObservabilityCollect traces, metrics and logs around runtime calls.

In containerized deployments, each application process can run next to a Dapr sidecar. The application calls its local sidecar over HTTP or gRPC. The sidecar then handles the distributed concern: resolving the target app, invoking another sidecar, applying component configuration, or calling a configured infrastructure provider.

This keeps the application container smaller and more stable. It does not need to know whether a dependency is local, remote, backed by Redis, PostgreSQL, a message broker, or another infrastructure service. Those choices live in Dapr component configuration and deployment policy.

sigMAX uses Dapr as an internal communication layer, not as the public API. Generated components remain the application endpoints. Dapr sidecars help those components invoke each other and reach internal capabilities without baking environment-specific addresses into generated WASM logic.

sigMAX elementDapr role
Generated componentRuns the sigMAX runtime and route/WASM logic.
Component sidecarGives that component an internal Dapr endpoint.
Storage serviceStays behind a Dapr sidecar and Docker network.
Docker Compose stackWires app containers, sidecars and storage together.
Binary ContractStill decides which runtime primitives and capabilities are allowed.

Dapr is not the sigMAX runtime, not the contract model, and not the public security boundary. It should not be used to hide undeclared dependencies or bypass the primitive/capability model.

Not replacedWhy it stays separate
Binary ContractsThey define allowed WASM imports, primitives and capabilities.
Rust runtimeIt loads WASM modules and enforces the execution boundary.
Public gatewayExternal exposure should stay explicit and narrow.
AgreementsGenerated and observed state still needs validation evidence.

The diagram below shows the intended shape: external traffic reaches the Rust runtime first. The runtime then calls the generated application components, while Dapr sidecars stay internal to Docker.

Hote

Docker

storage

metier

encodeur

8080

8081

8090

Call

Call

Dapr 3500

Dapr 3500

depends_on

depends_on

depends_on

depends_on

External

request

Rust runtime

WASM host

sigmax-encodeur

sigmax-encodeur-dapr

sigmax-metier-dapr

sigmax-metier

sigmax-storage-dapr

sigmax-storage

postgres

Recommended flow:

The important boundary is the difference between application exposure and sidecar exposure:

  • application ports can be published when they are intended entry points;
  • Dapr HTTP ports are internal by default;
  • Dapr sidecars remain implementation details of the internal runtime topology;
  • generated application components are reached through the runtime boundary;
  • database access stays behind the Docker network.

This keeps local development inspectable while avoiding a model where every sidecar becomes a public API surface.