difftreelog
secret management
in: trunk
11 files changed
Cargo.lockdiffbeforeafterboth--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1092,6 +1092,7 @@
"time",
"tokio",
"tokio-util",
+ "toml_edit",
"tracing",
]
@@ -2744,6 +2745,13 @@
checksum = "c3160422bbd54dd5ecfdca71e5fd59b7b8fe2b1697ab2baf64f6d05dcc66d298"
[[package]]
+name = "repl-plugin-unstable"
+version = "0.1.0"
+dependencies = [
+ "fleet-base",
+]
+
+[[package]]
name = "reqwest"
version = "0.12.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -3618,6 +3626,43 @@
]
[[package]]
+name = "toml_datetime"
+version = "0.7.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f2cdb639ebbc97961c51720f858597f7f24c4fc295327923af55b74c3c724533"
+dependencies = [
+ "serde_core",
+]
+
+[[package]]
+name = "toml_edit"
+version = "0.23.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6485ef6d0d9b5d0ec17244ff7eb05310113c3f316f2d14200d4de56b3cb98f8d"
+dependencies = [
+ "indexmap 2.11.4",
+ "toml_datetime",
+ "toml_parser",
+ "toml_writer",
+ "winnow",
+]
+
+[[package]]
+name = "toml_parser"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c0cbe268d35bdb4bb5a56a2de88d0ad0eb70af5384a99d648cd4b3d04039800e"
+dependencies = [
+ "winnow",
+]
+
+[[package]]
+name = "toml_writer"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df8b2b54733674ad286d16267dcfc7a71ed5c776e4ac7aa3c3e2561f7c637bf2"
+
+[[package]]
name = "tonic"
version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -4469,6 +4514,15 @@
checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650"
[[package]]
+name = "winnow"
+version = "0.7.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "21a0236b59786fed61e2a80582dd500fe61f18b5dca67a4a067d0bc9039339cf"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
name = "wit-bindgen"
version = "0.46.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
Cargo.tomldiffbeforeafterboth--- a/Cargo.toml
+++ b/Cargo.toml
@@ -3,7 +3,7 @@
resolver = "2"
package.version = "0.1.0"
package.edition = "2024"
-package.rust-version = "1.86.0"
+package.rust-version = "1.89.0"
[workspace.dependencies]
better-command = { path = "./crates/better-command" }
cmds/repl-plugin-unstable/Cargo.tomldiffbeforeafterboth--- /dev/null
+++ b/cmds/repl-plugin-unstable/Cargo.toml
@@ -0,0 +1,11 @@
+[package]
+name = "repl-plugin-unstable"
+version.workspace = true
+edition.workspace = true
+rust-version.workspace = true
+
+[lib]
+crate-type = ["cdylib"]
+
+[dependencies]
+fleet-base = { version = "0.1.0", path = "../../crates/fleet-base" }
cmds/repl-plugin-unstable/src/lib.rsdiffbeforeafterboth--- /dev/null
+++ b/cmds/repl-plugin-unstable/src/lib.rs
@@ -0,0 +1,6 @@
+use fleet_base::primops::init_primops;
+
+#[unsafe(no_mangle)]
+fn nix_plugin_entry() {
+ init_primops();
+}
crates/fleet-base/Cargo.tomldiffbeforeafterboth--- a/crates/fleet-base/Cargo.toml
+++ b/crates/fleet-base/Cargo.toml
@@ -8,7 +8,7 @@
age.workspace = true
anyhow.workspace = true
better-command.workspace = true
-chrono = "0.4.41"
+chrono = { version = "0.4.41", features = ["serde"] }
clap = { workspace = true, features = ["derive"] }
fleet-shared.workspace = true
futures = "0.3.31"
@@ -27,5 +27,6 @@
thiserror.workspace = true
time = { version = "0.3.41", features = ["parsing"] }
tokio.workspace = true
-tokio-util = "0.7.15"
+tokio-util = { version = "0.7.15", features = ["codec"] }
+toml_edit = "0.23.7"
tracing.workspace = true
crates/fleet-base/src/lib.rsdiffbeforeafterboth--- a/crates/fleet-base/src/lib.rs
+++ b/crates/fleet-base/src/lib.rs
@@ -4,4 +4,6 @@
pub mod host;
mod keys;
pub mod opts;
+pub mod primops;
pub mod secret;
+pub mod secret_storage;
crates/fleet-base/src/primops.rsdiffbeforeafterboth--- /dev/null
+++ b/crates/fleet-base/src/primops.rs
@@ -0,0 +1,45 @@
+use nix_eval::NativeFn;
+
+#[derive(thiserror::Error, Debug)]
+enum Error {}
+
+struct Parts {
+ encrypted: Vec<String>,
+ public: Vec<String>,
+}
+
+trait SecretsBackend {
+ fn has_shared(&self, name: &str);
+ fn has_host(&self, host: &str, name: &str);
+ fn shared_parts(&self, name: &str) -> Parts;
+ fn host_parts(&self, host: &str, name: &str) -> Parts;
+}
+
+struct FsSecretsBackend {
+
+}
+
+pub fn init_primops() {
+ NativeFn::new(
+ c"fleet_ensure_secret",
+ c"Ensure secret existence for a host, regenerating it in case of some mismatch",
+ [
+ c"host",
+ c"secret",
+ c"expected_parts",
+ c"expected_encrypted_parts",
+ c"generator",
+ ],
+ |[
+ host,
+ secret,
+ expected_parts,
+ expected_encrypted_parts,
+ generator,
+ ]| {
+
+ todo!()
+ },
+ )
+ .register();
+}
crates/fleet-base/src/secret_storage.rsdiffbeforeafterbothno changes
crates/fleet-base/test.tomldiffbeforeafterboth--- /dev/null
+++ b/crates/fleet-base/test.toml
@@ -0,0 +1 @@
+hello = 999
crates/nix-eval/src/lib.rsdiffbeforeafterboth--- a/crates/nix-eval/src/lib.rs
+++ b/crates/nix-eval/src/lib.rs
@@ -952,7 +952,7 @@
type UserClosure<const N: usize> = Box<dyn Fn([&Value; N]) -> Result<Value>>;
-struct NativeFn(*mut PrimOp);
+pub struct NativeFn(*mut PrimOp);
impl NativeFn {
pub fn new<const N: usize>(
name: &'static CStr,
flake.nixdiffbeforeafterboth--- a/flake.nix
+++ b/flake.nix
@@ -185,6 +185,7 @@
inputs'.nix.packages.nix-flake-c
inputs'.nix.packages.nix-fetchers-c
inputs'.nix.packages.nix-store-c
+ inputs'.nix.packages.nix
(rage.overrideAttrs { cargoFeatures = [ "plugin" ]; })
];