Pins a SHA-256 trust fingerprint onto a connection's metadata source.
Used by IaC adopters (Terraform / Pulumi) and operators who manage
trust state via scripts. The admin LiveView fingerprint UX (deferred
to v0.6) shares the same underlying changeset
(MetadataSource.auto_refresh_changeset/2) so the two paths cannot
drift.
mix relyra.metadata.pin <connection_id> --fingerprint <sha256_hex> --repo MyApp.RepoMultiple --fingerprint flags may be supplied in one invocation
(rotation window — D-17 multi-valued anchor).
Operator MUST verify the fingerprint out-of-band before running this command. The fingerprint is the SHA-256 of the IdP's signing-cert (lowercase hex, no colons), computed via:
openssl x509 -in metadata-signing.pem -outform DER \
| openssl dgst -sha256 \
| tr 'A-F' 'a-f'The pin REPLACES the source's metadata_trust_fingerprints array.
Supply every currently-pinned fingerprint plus the new one to extend
(this matches the "explicit always" Relyra strict-defaults principle).