From d7b7a724443e1e0533e654af7a60346dc3eb5349 Mon Sep 17 00:00:00 2001 From: Harald Hoyer Date: Mon, 24 Mar 2025 09:46:21 +0100 Subject: [PATCH] nix Signed-off-by: Harald Hoyer --- .gitignore | 3 +- Cargo.lock | 2026 +++++++++++++++++++++++++++++++++++ flake.lock | 28 +- flake.nix | 142 ++- nix/devshell.nix | 26 + nix/packages/vault-hier.nix | 9 + nix/rust-setup.nix | 13 + rust-toolchain.toml | 3 + src/api.rs | 72 +- src/document_service.rs | 208 +++- src/lib.rs | 12 +- src/main.rs | 96 +- src/vault_init.rs | 51 +- src/vault_setup.rs | 181 +++- 14 files changed, 2641 insertions(+), 229 deletions(-) create mode 100644 Cargo.lock create mode 100644 nix/devshell.nix create mode 100644 nix/packages/vault-hier.nix create mode 100644 nix/rust-setup.nix create mode 100644 rust-toolchain.toml diff --git a/.gitignore b/.gitignore index b7370a8..063b8cf 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,6 @@ /target/ **/*.rs.bk *.pdb -Cargo.lock # Generated by Cargo .cargo/ @@ -32,4 +31,4 @@ result result-* # macOS specific files -.DS_Store \ No newline at end of file +.DS_Store diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 0000000..af9c09f --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,2026 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 4 + +[[package]] +name = "addr2line" +version = "0.24.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dfbe277e56a376000877090da837660b4427aad530e3028d44e0bffe4f89a1c1" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" + +[[package]] +name = "aho-corasick" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916" +dependencies = [ + "memchr", +] + +[[package]] +name = "anstream" +version = "0.6.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8acc5369981196006228e28809f761875c0327210a891e941f4c683b3a99529b" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is_terminal_polyfill", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9" + +[[package]] +name = "anstyle-parse" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "anstyle-wincon" +version = "3.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3534e77181a9cc07539ad51f2141fe32f6c3ffd4df76db8ad92346b003ae4e" +dependencies = [ + "anstyle", + "once_cell", + "windows-sys 0.59.0", +] + +[[package]] +name = "anyhow" +version = "1.0.97" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dcfed56ad506cb2c684a14971b8861fdc3baaaae314b9e5f9bb532cbe3ba7a4f" + +[[package]] +name = "async-trait" +version = "0.1.88" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e539d3fca749fcee5236ab05e93a52867dd549cc157c8cb7f99595f3cedffdb5" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "autocfg" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" + +[[package]] +name = "axum" +version = "0.6.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b829e4e32b91e643de6eafe82b1d90675f5874230191a4ffbc1b336dec4d6bf" +dependencies = [ + "async-trait", + "axum-core", + "bitflags 1.3.2", + "bytes", + "futures-util", + "http", + "http-body", + "hyper", + "itoa", + "matchit", + "memchr", + "mime", + "multer", + "percent-encoding", + "pin-project-lite", + "rustversion", + "serde", + "serde_json", + "serde_path_to_error", + "serde_urlencoded", + "sync_wrapper", + "tokio", + "tower", + "tower-layer", + "tower-service", +] + +[[package]] +name = "axum-core" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "759fa577a247914fd3f7f76d62972792636412fbfd634cd452f6a385a74d2d2c" +dependencies = [ + "async-trait", + "bytes", + "futures-util", + "http", + "http-body", + "mime", + "rustversion", + "tower-layer", + "tower-service", +] + +[[package]] +name = "backtrace" +version = "0.3.74" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d82cb332cdfaed17ae235a638438ac4d4839913cc2af585c3c6746e8f8bee1a" +dependencies = [ + "addr2line", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", + "windows-targets 0.52.6", +] + +[[package]] +name = "base64" +version = "0.21.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c8214115b7bf84099f1309324e63141d4c5d7cc26862f97a0a857dbefe165bd" + +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array", +] + +[[package]] +name = "bumpalo" +version = "3.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1628fb46dfa0b37568d12e5edd512553eccf6a22a78e8bde00bb4aed84d5bdbf" + +[[package]] +name = "bytes" +version = "1.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" + +[[package]] +name = "cc" +version = "1.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be714c154be609ec7f5dad223a33bf1482fff90472de28f7362806e6d4832b8c" +dependencies = [ + "shlex", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "clap" +version = "4.5.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6088f3ae8c3608d19260cd7445411865a485688711b78b5be70d78cd96136f83" +dependencies = [ + "clap_builder", + "clap_derive", +] + +[[package]] +name = "clap_builder" +version = "4.5.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22a7ef7f676155edfb82daa97f99441f3ebf4a58d5e32f295a56259f1b6facc8" +dependencies = [ + "anstream", + "anstyle", + "clap_lex", + "strsim", +] + +[[package]] +name = "clap_derive" +version = "4.5.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09176aae279615badda0765c0c0b3f6ed53f4709118af73cf4655d85d1530cd7" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6" + +[[package]] +name = "colorchoice" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" + +[[package]] +name = "core-foundation" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "core-foundation-sys" +version = "0.8.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" + +[[package]] +name = "cpufeatures" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280" +dependencies = [ + "libc", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "typenum", +] + +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer", + "crypto-common", +] + +[[package]] +name = "displaydoc" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "encoding_rs" +version = "0.8.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "equivalent" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f" + +[[package]] +name = "errno" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d" +dependencies = [ + "libc", + "windows-sys 0.59.0", +] + +[[package]] +name = "fastrand" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + +[[package]] +name = "form_urlencoded" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "futures-channel" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10" +dependencies = [ + "futures-core", +] + +[[package]] +name = "futures-core" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" + +[[package]] +name = "futures-sink" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7" + +[[package]] +name = "futures-task" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988" + +[[package]] +name = "futures-util" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81" +dependencies = [ + "futures-core", + "futures-task", + "pin-project-lite", + "pin-utils", +] + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "getrandom" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73fea8450eea4bac3940448fb7ae50d91f034f941199fcd9d909a5a07aa455f0" +dependencies = [ + "cfg-if", + "libc", + "r-efi", + "wasi 0.14.2+wasi-0.2.4", +] + +[[package]] +name = "gimli" +version = "0.31.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f" + +[[package]] +name = "h2" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap", + "slab", + "tokio", + "tokio-util", + "tracing", +] + +[[package]] +name = "hashbrown" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + +[[package]] +name = "http" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" +dependencies = [ + "bytes", + "http", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87" + +[[package]] +name = "httpdate" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" + +[[package]] +name = "hyper" +version = "0.14.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41dfc780fdec9373c01bae43289ea34c972e40ee3c9f6b3c8801a35f35586ce7" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper-tls" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" +dependencies = [ + "bytes", + "hyper", + "native-tls", + "tokio", + "tokio-native-tls", +] + +[[package]] +name = "icu_collections" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db2fa452206ebee18c4b5c2274dbf1de17008e874b4dc4f0aea9d01ca79e4526" +dependencies = [ + "displaydoc", + "yoke", + "zerofrom", + "zerovec", +] + +[[package]] +name = "icu_locid" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13acbb8371917fc971be86fc8057c41a64b521c184808a698c02acc242dbf637" +dependencies = [ + "displaydoc", + "litemap", + "tinystr", + "writeable", + "zerovec", +] + +[[package]] +name = "icu_locid_transform" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01d11ac35de8e40fdeda00d9e1e9d92525f3f9d887cdd7aa81d727596788b54e" +dependencies = [ + "displaydoc", + "icu_locid", + "icu_locid_transform_data", + "icu_provider", + "tinystr", + "zerovec", +] + +[[package]] +name = "icu_locid_transform_data" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fdc8ff3388f852bede6b579ad4e978ab004f139284d7b28715f773507b946f6e" + +[[package]] +name = "icu_normalizer" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19ce3e0da2ec68599d193c93d088142efd7f9c5d6fc9b803774855747dc6a84f" +dependencies = [ + "displaydoc", + "icu_collections", + "icu_normalizer_data", + "icu_properties", + "icu_provider", + "smallvec", + "utf16_iter", + "utf8_iter", + "write16", + "zerovec", +] + +[[package]] +name = "icu_normalizer_data" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8cafbf7aa791e9b22bec55a167906f9e1215fd475cd22adfcf660e03e989516" + +[[package]] +name = "icu_properties" +version = "1.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93d6020766cfc6302c15dbbc9c8778c37e62c14427cb7f6e601d849e092aeef5" +dependencies = [ + "displaydoc", + "icu_collections", + "icu_locid_transform", + "icu_properties_data", + "icu_provider", + "tinystr", + "zerovec", +] + +[[package]] +name = "icu_properties_data" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67a8effbc3dd3e4ba1afa8ad918d5684b8868b3b26500753effea8d2eed19569" + +[[package]] +name = "icu_provider" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ed421c8a8ef78d3e2dbc98a973be2f3770cb42b606e3ab18d6237c4dfde68d9" +dependencies = [ + "displaydoc", + "icu_locid", + "icu_provider_macros", + "stable_deref_trait", + "tinystr", + "writeable", + "yoke", + "zerofrom", + "zerovec", +] + +[[package]] +name = "icu_provider_macros" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "idna" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "686f825264d630750a544639377bae737628043f20d38bbc029e8f29ea968a7e" +dependencies = [ + "idna_adapter", + "smallvec", + "utf8_iter", +] + +[[package]] +name = "idna_adapter" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "daca1df1c957320b2cf139ac61e7bd64fed304c5040df000a745aa1de3b4ef71" +dependencies = [ + "icu_normalizer", + "icu_properties", +] + +[[package]] +name = "indexmap" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3954d50fe15b02142bf25d3b8bdadb634ec3948f103d04ffe3031bc8fe9d7058" +dependencies = [ + "equivalent", + "hashbrown", +] + +[[package]] +name = "ipnet" +version = "2.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "469fb0b9cefa57e3ef31275ee7cacb78f2fdca44e4765491884a2b119d4eb130" + +[[package]] +name = "is_terminal_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" + +[[package]] +name = "itoa" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" + +[[package]] +name = "js-sys" +version = "0.3.77" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1cfaf33c695fc6e08064efbc1f72ec937429614f25eef83af942d0e227c3a28f" +dependencies = [ + "once_cell", + "wasm-bindgen", +] + +[[package]] +name = "lazy_static" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" + +[[package]] +name = "libc" +version = "0.2.171" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c19937216e9d3aa9956d9bb8dfc0b0c8beb6058fc4f7a4dc4d850edf86a237d6" + +[[package]] +name = "linux-raw-sys" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe7db12097d22ec582439daf8618b8fdd1a7bef6270e9af3b1ebcd30893cf413" + +[[package]] +name = "litemap" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23fb14cb19457329c82206317a5663005a4d404783dc74f4252769b0d5f42856" + +[[package]] +name = "lock_api" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30bde2b3dc3671ae49d8e2e9f044c7c005836e7a023ee57cffa25ab82764bb9e" + +[[package]] +name = "matchers" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558" +dependencies = [ + "regex-automata 0.1.10", +] + +[[package]] +name = "matchit" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e7465ac9959cc2b1404e8e2367b43684a6d13790fe23056cc8c6c5a6b7bcb94" + +[[package]] +name = "memchr" +version = "2.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" + +[[package]] +name = "mime" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" + +[[package]] +name = "mime_guess" +version = "2.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7c44f8e672c00fe5308fa235f821cb4198414e1c77935c1ab6948d3fd78550e" +dependencies = [ + "mime", + "unicase", +] + +[[package]] +name = "miniz_oxide" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e3e04debbb59698c15bacbb6d93584a8c0ca9cc3213cb423d31f760d8843ce5" +dependencies = [ + "adler2", +] + +[[package]] +name = "mio" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2886843bf800fba2e3377cff24abf6379b4c4d5c6681eaf9ea5b0d15090450bd" +dependencies = [ + "libc", + "wasi 0.11.0+wasi-snapshot-preview1", + "windows-sys 0.52.0", +] + +[[package]] +name = "multer" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01acbdc23469fd8fe07ab135923371d5f5a422fbf9c522158677c8eb15bc51c2" +dependencies = [ + "bytes", + "encoding_rs", + "futures-util", + "http", + "httparse", + "log", + "memchr", + "mime", + "spin", + "version_check", +] + +[[package]] +name = "native-tls" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e" +dependencies = [ + "libc", + "log", + "openssl", + "openssl-probe", + "openssl-sys", + "schannel", + "security-framework", + "security-framework-sys", + "tempfile", +] + +[[package]] +name = "nu-ansi-term" +version = "0.46.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84" +dependencies = [ + "overload", + "winapi", +] + +[[package]] +name = "object" +version = "0.36.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62948e14d923ea95ea2c7c86c71013138b66525b86bdc08d2dcc262bdb497b87" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.21.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d75b0bedcc4fe52caa0e03d9f1151a323e4aa5e2d78ba3580400cd3c9e2bc4bc" + +[[package]] +name = "openssl" +version = "0.10.71" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e14130c6a98cd258fdcb0fb6d744152343ff729cbfcb28c656a9d12b999fbcd" +dependencies = [ + "bitflags 2.9.0", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "openssl-probe" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" + +[[package]] +name = "openssl-sys" +version = "0.9.106" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8bb61ea9811cc39e3c2069f40b8b8e2e70d8569b361f879786cc7ed48b777cdd" +dependencies = [ + "cc", + "libc", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "overload" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" + +[[package]] +name = "parking_lot" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1bf18183cf54e8d6059647fc3063646a1801cf30896933ec2311622cc4b9a27" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-targets 0.52.6", +] + +[[package]] +name = "percent-encoding" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" + +[[package]] +name = "pin-project" +version = "1.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677f1add503faace112b9f1373e43e9e054bfdd22ff1a63c1bc485eaec6a6a8a" +dependencies = [ + "pin-project-internal", +] + +[[package]] +name = "pin-project-internal" +version = "1.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e918e4ff8c4549eb882f14b3a4bc8c8bc93de829416eacf579f1207a8fbf861" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "pin-project-lite" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b3cff922bd51709b605d9ead9aa71031d81447142d828eb4a6eba76fe619f9b" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "pkg-config" +version = "0.3.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c" + +[[package]] +name = "proc-macro2" +version = "1.0.94" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "r-efi" +version = "5.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "74765f6d916ee2faa39bc8e68e4f3ed8949b48cccdac59983d287a7cb71ce9c5" + +[[package]] +name = "redox_syscall" +version = "0.5.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b8c0c260b63a8219631167be35e6a988e9554dbd323f8bd08439c8ed1302bd1" +dependencies = [ + "bitflags 2.9.0", +] + +[[package]] +name = "regex" +version = "1.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata 0.4.9", + "regex-syntax 0.8.5", +] + +[[package]] +name = "regex-automata" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" +dependencies = [ + "regex-syntax 0.6.29", +] + +[[package]] +name = "regex-automata" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "809e8dc61f6de73b46c85f4c96486310fe304c434cfa43669d7b40f711150908" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax 0.8.5", +] + +[[package]] +name = "regex-syntax" +version = "0.6.29" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" + +[[package]] +name = "regex-syntax" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c" + +[[package]] +name = "reqwest" +version = "0.11.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62" +dependencies = [ + "base64", + "bytes", + "encoding_rs", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-tls", + "ipnet", + "js-sys", + "log", + "mime", + "mime_guess", + "native-tls", + "once_cell", + "percent-encoding", + "pin-project-lite", + "rustls-pemfile", + "serde", + "serde_json", + "serde_urlencoded", + "sync_wrapper", + "system-configuration", + "tokio", + "tokio-native-tls", + "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "winreg", +] + +[[package]] +name = "rustc-demangle" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" + +[[package]] +name = "rustix" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e56a18552996ac8d29ecc3b190b4fdbb2d91ca4ec396de7bbffaf43f3d637e96" +dependencies = [ + "bitflags 2.9.0", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.59.0", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" +dependencies = [ + "base64", +] + +[[package]] +name = "rustversion" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2" + +[[package]] +name = "ryu" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" + +[[package]] +name = "schannel" +version = "0.1.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f29ebaa345f945cec9fbbc532eb307f0fdad8161f281b6369539c8d84876b3d" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "security-framework" +version = "2.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" +dependencies = [ + "bitflags 2.9.0", + "core-foundation", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "serde" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.140" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373" +dependencies = [ + "itoa", + "memchr", + "ryu", + "serde", +] + +[[package]] +name = "serde_path_to_error" +version = "0.1.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59fab13f937fa393d08645bf3a84bdfe86e296747b506ada67bb15f10f218b2a" +dependencies = [ + "itoa", + "serde", +] + +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "sha2" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + +[[package]] +name = "sharded-slab" +version = "0.1.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f40ca3c46823713e0d4209592e8d6e826aa57e928f09752619fc696c499637f6" +dependencies = [ + "lazy_static", +] + +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + +[[package]] +name = "signal-hook-registry" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9e9e0b4211b72e7b8b6e85c807d36c212bdb33ea8587f7569562a84df5465b1" +dependencies = [ + "libc", +] + +[[package]] +name = "slab" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f92a496fb766b417c996b9c5e57daf2f7ad3b0bebe1ccfca4856390e3d3bb67" +dependencies = [ + "autocfg", +] + +[[package]] +name = "smallvec" +version = "1.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fcf8323ef1faaee30a44a340193b1ac6814fd9b7b4e88e9d4519a3e4abe1cfd" + +[[package]] +name = "socket2" +version = "0.5.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c970269d99b64e60ec3bd6ad27270092a5394c4e309314b18ae3fe575695fbe8" +dependencies = [ + "libc", + "windows-sys 0.52.0", +] + +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "syn" +version = "2.0.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "sync_wrapper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" + +[[package]] +name = "synstructure" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "system-configuration" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" +dependencies = [ + "bitflags 1.3.2", + "core-foundation", + "system-configuration-sys", +] + +[[package]] +name = "system-configuration-sys" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "tempfile" +version = "3.19.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7437ac7763b9b123ccf33c338a5cc1bac6f69b45a136c19bdd8a65e3916435bf" +dependencies = [ + "fastrand", + "getrandom", + "once_cell", + "rustix", + "windows-sys 0.59.0", +] + +[[package]] +name = "thread_local" +version = "1.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b9ef9bad013ada3808854ceac7b46812a6465ba368859a37e2100283d2d719c" +dependencies = [ + "cfg-if", + "once_cell", +] + +[[package]] +name = "tinystr" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9117f5d4db391c1cf6927e7bea3db74b9a1c1add8f7eda9ffd5364f40f57b82f" +dependencies = [ + "displaydoc", + "zerovec", +] + +[[package]] +name = "tokio" +version = "1.44.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f382da615b842244d4b8738c82ed1275e6c5dd90c459a30941cd07080b06c91a" +dependencies = [ + "backtrace", + "bytes", + "libc", + "mio", + "parking_lot", + "pin-project-lite", + "signal-hook-registry", + "socket2", + "tokio-macros", + "windows-sys 0.52.0", +] + +[[package]] +name = "tokio-macros" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e06d43f1345a3bcd39f6a56dbb7dcab2ba47e68e8ac134855e7e2bdbaf8cab8" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tokio-native-tls" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2" +dependencies = [ + "native-tls", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.7.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b9590b93e6fcc1739458317cccd391ad3955e2bde8913edf6f95f9e65a8f034" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tower" +version = "0.4.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +dependencies = [ + "futures-core", + "futures-util", + "pin-project", + "pin-project-lite", + "tokio", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "tower-layer" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e" + +[[package]] +name = "tower-service" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3" + +[[package]] +name = "tracing" +version = "0.1.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0" +dependencies = [ + "log", + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tracing-core" +version = "0.1.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e672c95779cf947c5311f83787af4fa8fffd12fb27e4993211a84bdfd9610f9c" +dependencies = [ + "once_cell", + "valuable", +] + +[[package]] +name = "tracing-log" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee855f1f400bd0e5c02d150ae5de3840039a3f54b025156404e34c23c03f47c3" +dependencies = [ + "log", + "once_cell", + "tracing-core", +] + +[[package]] +name = "tracing-subscriber" +version = "0.3.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008" +dependencies = [ + "matchers", + "nu-ansi-term", + "once_cell", + "regex", + "sharded-slab", + "smallvec", + "thread_local", + "tracing", + "tracing-core", + "tracing-log", +] + +[[package]] +name = "try-lock" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" + +[[package]] +name = "typenum" +version = "1.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1dccffe3ce07af9386bfd29e80c0ab1a8205a2fc34e4bcd40364df902cfa8f3f" + +[[package]] +name = "unicase" +version = "2.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75b844d17643ee918803943289730bec8aac480150456169e647ed0b576ba539" + +[[package]] +name = "unicode-ident" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512" + +[[package]] +name = "url" +version = "2.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32f8b686cadd1473f4bd0117a5d28d36b1ade384ea9b5069a1c40aefed7fda60" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + +[[package]] +name = "utf16_iter" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8232dd3cdaed5356e0f716d285e4b40b932ac434100fe9b7e0e8e935b9e6246" + +[[package]] +name = "utf8_iter" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be" + +[[package]] +name = "utf8parse" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" + +[[package]] +name = "uuid" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "458f7a779bf54acc9f347480ac654f68407d3aab21269a6e3c9f922acd9e2da9" +dependencies = [ + "getrandom", + "serde", +] + +[[package]] +name = "valuable" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba73ea9cf16a25df0c8caa16c51acb937d5712a8429db78a3ee29d5dcacd3a65" + +[[package]] +name = "vault-hier" +version = "0.1.0" +dependencies = [ + "anyhow", + "axum", + "base64", + "clap", + "reqwest", + "serde", + "serde_json", + "sha2", + "tokio", + "tracing", + "tracing-subscriber", + "uuid", +] + +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + +[[package]] +name = "version_check" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" + +[[package]] +name = "want" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e" +dependencies = [ + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasi" +version = "0.14.2+wasi-0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3" +dependencies = [ + "wit-bindgen-rt", +] + +[[package]] +name = "wasm-bindgen" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5" +dependencies = [ + "cfg-if", + "once_cell", + "rustversion", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2f0a0651a5c2bc21487bde11ee802ccaf4c51935d0d3d42a6101f98161700bc6" +dependencies = [ + "bumpalo", + "log", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.50" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "555d470ec0bc3bb57890405e5d4322cc9ea83cebb085523ced7be4144dac1e61" +dependencies = [ + "cfg-if", + "js-sys", + "once_cell", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fe63fc6d09ed3792bd0897b314f53de8e16568c2b3f7982f468c0bf9bd0b407" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ae87ea40c9f689fc23f209965b6fb8a99ad69aeeb0231408be24920604395de" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a05d73b933a847d6cccdda8f838a22ff101ad9bf93e33684f39c1f5f0eece3d" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "web-sys" +version = "0.3.77" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33b6dd2ef9186f1f2072e409e99cd22a975331a6b3591b12c764e0e55c60d5d2" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets 0.48.5", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +dependencies = [ + "windows_aarch64_gnullvm 0.48.5", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", + "windows_i686_msvc 0.48.5", + "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnullvm 0.48.5", + "windows_x86_64_msvc 0.48.5", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_i686_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "winreg" +version = "0.50.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +dependencies = [ + "cfg-if", + "windows-sys 0.48.0", +] + +[[package]] +name = "wit-bindgen-rt" +version = "0.39.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1" +dependencies = [ + "bitflags 2.9.0", +] + +[[package]] +name = "write16" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1890f4022759daae28ed4fe62859b1236caebfc61ede2f63ed4e695f3f6d936" + +[[package]] +name = "writeable" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e9df38ee2d2c3c5948ea468a8406ff0db0b29ae1ffde1bcf20ef305bcc95c51" + +[[package]] +name = "yoke" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "120e6aef9aa629e3d4f52dc8cc43a015c7724194c97dfaf45180d2daf2b77f40" +dependencies = [ + "serde", + "stable_deref_trait", + "yoke-derive", + "zerofrom", +] + +[[package]] +name = "yoke-derive" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2380878cad4ac9aac1e2435f3eb4020e8374b5f13c296cb75b4620ff8e229154" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "zerofrom" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5" +dependencies = [ + "zerofrom-derive", +] + +[[package]] +name = "zerofrom-derive" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "zerovec" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa2b893d79df23bfb12d5461018d408ea19dfafe76c2c7ef6d4eba614f8ff079" +dependencies = [ + "yoke", + "zerofrom", + "zerovec-derive", +] + +[[package]] +name = "zerovec-derive" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] diff --git a/flake.lock b/flake.lock index 4b258a6..200c378 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,20 @@ { "nodes": { + "crane": { + "locked": { + "lastModified": 1742394900, + "narHash": "sha256-vVOAp9ahvnU+fQoKd4SEXB2JG2wbENkpqcwlkIXgUC0=", + "owner": "ipetkov", + "repo": "crane", + "rev": "70947c1908108c0c551ddfd73d4f750ff2ea67cd", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -20,11 +35,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742268799, - "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", + "lastModified": 1742751704, + "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "da044451c6a70518db5b730fe277b70f494188f1", + "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", "type": "github" }, "original": { @@ -52,6 +67,7 @@ }, "root": { "inputs": { + "crane": "crane", "flake-utils": "flake-utils", "nixpkgs": "nixpkgs", "rust-overlay": "rust-overlay" @@ -62,11 +78,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1742437918, - "narHash": "sha256-Vflb6KJVDikFcM9E231mRN88uk4+jo7BWtaaQMifthI=", + "lastModified": 1742783666, + "narHash": "sha256-IwdSl51NL6V0f+mYXZR0UTKaGleOsk9zV3l6kt5SUWw=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "f03085549609e49c7bcbbee86a1949057d087199", + "rev": "60766d63c227d576510ecfb5edd3a687d56f6bc7", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index d774b81..5070907 100644 --- a/flake.nix +++ b/flake.nix @@ -3,41 +3,117 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; flake-utils.url = "github:numtide/flake-utils"; rust-overlay.url = "github:oxalica/rust-overlay"; + crane.url = "github:ipetkov/crane"; }; - outputs = { self, nixpkgs, flake-utils, rust-overlay }: - flake-utils.lib.eachDefaultSystem - (system: - let - overlays = [ - rust-overlay.overlays.default - ]; - pkgs = import nixpkgs { - inherit system overlays; - config = { - allowUnfree = true; - }; + outputs = + { self + , nixpkgs + , flake-utils + , rust-overlay + , crane + , + }: + flake-utils.lib.eachDefaultSystem ( + system: + let + overlays = [ + rust-overlay.overlays.default + ]; + pkgs = import nixpkgs { + inherit system overlays; + config = { + allowUnfree = true; }; - in - with pkgs; - { - devShells.default = mkShell { - env = { - OPENSSL_NO_VENDOR = "1"; - NIX_OUTPATH_USED_AS_RANDOM_SEED = "aaaaaaaaaa"; - }; + }; + src = craneLib.cleanCargoSource ./.; - packages = [ - pkg-config - vault - (rust-bin.stable.latest.default.override { - extensions = [ "rust-src" ]; - }) - rustc - cargo - rustfmt - clippy - ]; + commonArgs = { + inherit src; + + # Add any build inputs needed + buildInputs = with pkgs; [ + openssl + pkg-config + ]; + + # Add any native build inputs + nativeBuildInputs = with pkgs; [ + rustPlatform.bindgenHook + pkg-config + ]; + + checkType = "debug"; + env = { + OPENSSL_NO_VENDOR = "1"; + NIX_OUTPATH_USED_AS_RANDOM_SEED = "aaaaaaaaaa"; }; - } - ); + }; + + cargoArtifacts = craneLib.buildDepsOnly commonArgs; + individualCrateArgs = commonArgs // { + inherit cargoArtifacts; + inherit (craneLib.crateNameFromCargoToml { inherit src; }) version; + # NB: we disable tests since we'll run them all via cargo-nextest + doCheck = false; + }; + + # Import rust setup + rustSetup = import ./nix/rust-setup.nix { inherit pkgs crane; }; + inherit (rustSetup) rustVersion rustPlatform craneLib; + + # Import vault-hier package + vault-hier = import ./nix/packages/vault-hier.nix { + inherit + pkgs + craneLib + individualCrateArgs + ; + }; + + # Import devshell + devshell_with_src = import ./nix/devshell.nix { + inherit pkgs vault-hier rustVersion; + }; + in + { + checks = { + inherit vault-hier; + + my-workspace-clippy = craneLib.cargoClippy (commonArgs // { + inherit cargoArtifacts; + cargoClippyExtraArgs = "--all-targets -- --deny warnings"; + }); + + my-workspace-doc = craneLib.cargoDoc (commonArgs // { + inherit cargoArtifacts; + }); + + # Check formatting + my-workspace-fmt = craneLib.cargoFmt { + inherit src; + }; + + my-workspace-toml-fmt = craneLib.taploFmt { + src = pkgs.lib.sources.sourceFilesBySuffices src [ ".toml" ]; + # taplo arguments can be further customized below as needed + # taploExtraArgs = "--config ./taplo.toml"; + }; + + }; + + # Add packages output + packages = { + inherit vault-hier; + default = vault-hier; + }; + + devShells = { + inherit devshell_with_src; + default = devshell_with_src; + }; + + # Add formatter for `nix fmt` + formatter = pkgs.nixfmt-rfc-style; + } + ); } diff --git a/nix/devshell.nix b/nix/devshell.nix new file mode 100644 index 0000000..ab9d0d7 --- /dev/null +++ b/nix/devshell.nix @@ -0,0 +1,26 @@ +{ + pkgs, + vault-hier, + rustVersion, +}: + +let + toolchain_with_src = ( + rustVersion.override { + extensions = [ + "rustfmt" + "clippy" + "rust-src" + ]; + } + ); +in +pkgs.mkShell { + packages = with pkgs; [ + vault-hier # Add the vault-hier package to the dev shell + toolchain_with_src # Add the custom Rust toolchain with source code to the dev shell + ]; + nativeBuildInputs = [ + vault-hier + ]; +} diff --git a/nix/packages/vault-hier.nix b/nix/packages/vault-hier.nix new file mode 100644 index 0000000..f7ccfc6 --- /dev/null +++ b/nix/packages/vault-hier.nix @@ -0,0 +1,9 @@ +{ pkgs +, craneLib +, individualCrateArgs +, +}: +craneLib.buildPackage (individualCrateArgs // { + pname = "vault-hier"; + cargoExtraArgs = "-p vault-hier"; +}) diff --git a/nix/rust-setup.nix b/nix/rust-setup.nix new file mode 100644 index 0000000..febf4ae --- /dev/null +++ b/nix/rust-setup.nix @@ -0,0 +1,13 @@ +{ pkgs, crane }: + +let + rustVersion = pkgs.rust-bin.fromRustupToolchainFile (../rust-toolchain.toml); + rustPlatform = pkgs.makeRustPlatform { + cargo = rustVersion; + rustc = rustVersion; + }; + craneLib = (crane.mkLib pkgs).overrideToolchain rustVersion; +in +{ + inherit rustVersion rustPlatform craneLib; +} diff --git a/rust-toolchain.toml b/rust-toolchain.toml new file mode 100644 index 0000000..3d4ba0c --- /dev/null +++ b/rust-toolchain.toml @@ -0,0 +1,3 @@ +[toolchain] +channel = "1.85.1" +components = ["rustfmt", "clippy", "rust-src"] diff --git a/src/api.rs b/src/api.rs index f632b54..499e931 100644 --- a/src/api.rs +++ b/src/api.rs @@ -1,15 +1,14 @@ use anyhow::Result; use axum::{ + Json, Router, Server, extract::{Multipart, Path, State}, http::StatusCode, response::{IntoResponse, Response}, routing::{get, post}, - Json, Router, - Server, }; use serde::{Deserialize, Serialize}; use std::sync::Arc; -use tracing::{info, error, debug, instrument}; +use tracing::{debug, error, info, instrument}; use crate::document_service::{Document, DocumentService, SignatureVerification}; use crate::vault_setup::VaultClient; @@ -68,11 +67,7 @@ where // Start the API server #[instrument(skip(vault_addr, root_token))] -pub async fn start_api( - vault_addr: &str, - root_token: &str, - api_port: u16, -) -> Result<()> { +pub async fn start_api(vault_addr: &str, root_token: &str, api_port: u16) -> Result<()> { info!("Starting API server on port {}...", api_port); // Initialize Vault client @@ -110,9 +105,7 @@ pub async fn start_api( // Bind and serve info!("Serving API at {}", addr); - Server::bind(&addr) - .serve(app.into_make_service()) - .await?; + Server::bind(&addr).serve(app.into_make_service()).await?; Ok(()) } @@ -132,7 +125,8 @@ async fn login( ) -> Result, ApiError> { info!("Login attempt for user: {}", request.username); - let token = state.vault_client + let token = state + .vault_client .login_user(&request.username, &request.password) .await?; @@ -160,7 +154,10 @@ async fn upload_document( debug!("Received document name: {}", document_name); } else if name == "file" { document_content = field.bytes().await?.to_vec(); - debug!("Received document content: {} bytes", document_content.len()); + debug!( + "Received document content: {} bytes", + document_content.len() + ); } } @@ -170,14 +167,13 @@ async fn upload_document( } // Upload document - let document_id = state.document_service + let document_id = state + .document_service .upload_document(&document_name, &document_content) .await?; // Return document metadata - let document = state.document_service - .get_document(&document_id) - .await?; + let document = state.document_service.get_document(&document_id).await?; info!("Document uploaded successfully with ID: {}", document_id); Ok(Json(document)) @@ -191,12 +187,13 @@ async fn get_document( ) -> Result, ApiError> { info!("Fetching document: {}", document_id); - let document = state.document_service - .get_document(&document_id) - .await?; + let document = state.document_service.get_document(&document_id).await?; - debug!("Retrieved document {} with {} signatures", - document.id, document.signatures.len()); + debug!( + "Retrieved document {} with {} signatures", + document.id, + document.signatures.len() + ); Ok(Json(document)) } @@ -208,17 +205,22 @@ async fn sign_document( Path(document_id): Path, Json(request): Json, ) -> Result, ApiError> { - info!("Signing request for document {} by user {}", document_id, request.username); + info!( + "Signing request for document {} by user {}", + document_id, request.username + ); - state.document_service + state + .document_service .sign_document(&document_id, &request.username, &request.token) .await?; - let document = state.document_service - .get_document(&document_id) - .await?; + let document = state.document_service.get_document(&document_id).await?; - info!("Document {} successfully signed by {}", document_id, request.username); + info!( + "Document {} successfully signed by {}", + document_id, request.username + ); Ok(Json(document)) } @@ -230,12 +232,20 @@ async fn verify_document( ) -> Result, ApiError> { info!("Verifying document signatures: {}", document_id); - let verification = state.document_service + let verification = state + .document_service .verify_document_signatures(&document_id) .await?; - info!("Document {} verification result: {}", - document_id, if verification.is_verified { "VERIFIED" } else { "PENDING" }); + info!( + "Document {} verification result: {}", + document_id, + if verification.is_verified { + "VERIFIED" + } else { + "PENDING" + } + ); Ok(Json(verification)) } diff --git a/src/document_service.rs b/src/document_service.rs index 41f357f..bba4a80 100644 --- a/src/document_service.rs +++ b/src/document_service.rs @@ -1,12 +1,12 @@ use anyhow::{Context, Result}; +use base64::{Engine as _, engine::general_purpose::STANDARD as BASE64}; use reqwest::StatusCode; use serde::{Deserialize, Serialize}; use serde_json::json; -use sha2::{Sha256, Digest}; +use sha2::{Digest, Sha256}; use std::collections::HashMap; +use tracing::{debug, error, info, instrument}; use uuid::Uuid; -use base64::{Engine as _, engine::general_purpose::STANDARD as BASE64}; -use tracing::{info, error, debug, instrument}; use crate::vault_setup::{Department, User, VaultClient}; @@ -88,8 +88,10 @@ impl DocumentService { async fn store_document_metadata(&self, document: &Document) -> Result<()> { debug!("Storing document metadata for {}", document.id); - let url = format!("{}/v1/documents/data/docs/{}", - self.vault_client.addr, document.id); + let url = format!( + "{}/v1/documents/data/docs/{}", + self.vault_client.addr, document.id + ); let payload = json!({ "data": { @@ -104,7 +106,9 @@ impl DocumentService { } }); - let response = self.vault_client.client + let response = self + .vault_client + .client .post(&url) .header("X-Vault-Token", &self.vault_client.token) .json(&payload) @@ -118,8 +122,15 @@ impl DocumentService { } status => { let error_text = response.text().await?; - error!("Failed to store document metadata: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to store document metadata: {} - {}", status, error_text)) + error!( + "Failed to store document metadata: {} - {}", + status, error_text + ); + Err(anyhow::anyhow!( + "Failed to store document metadata: {} - {}", + status, + error_text + )) } } } @@ -129,10 +140,14 @@ impl DocumentService { pub async fn get_document(&self, document_id: &str) -> Result { debug!("Getting document metadata for {}", document_id); - let url = format!("{}/v1/documents/data/docs/{}", - self.vault_client.addr, document_id); + let url = format!( + "{}/v1/documents/data/docs/{}", + self.vault_client.addr, document_id + ); - let response = self.vault_client.client + let response = self + .vault_client + .client .get(&url) .header("X-Vault-Token", &self.vault_client.token) .send() @@ -169,27 +184,49 @@ impl DocumentService { } let document = Document { - id: json["data"]["data"]["id"].as_str().context("Missing id")?.to_string(), - name: json["data"]["data"]["name"].as_str().context("Missing name")?.to_string(), - hash: json["data"]["data"]["hash"].as_str().context("Missing hash")?.to_string(), + id: json["data"]["data"]["id"] + .as_str() + .context("Missing id")? + .to_string(), + name: json["data"]["data"]["name"] + .as_str() + .context("Missing name")? + .to_string(), + hash: json["data"]["data"]["hash"] + .as_str() + .context("Missing hash")? + .to_string(), status, signatures, }; - debug!("Retrieved document: {} with {} signatures", document.id, document.signatures.len()); + debug!( + "Retrieved document: {} with {} signatures", + document.id, + document.signatures.len() + ); Ok(document) } status => { let error_text = response.text().await?; error!("Failed to get document: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to get document: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to get document: {} - {}", + status, + error_text + )) } } } // Sign a document with the user's key #[instrument(skip(self, user_token), fields(document_id = %document_id, username = %username))] - pub async fn sign_document(&self, document_id: &str, username: &str, user_token: &str) -> Result<()> { + pub async fn sign_document( + &self, + document_id: &str, + username: &str, + user_token: &str, + ) -> Result<()> { info!("Signing document {} by user {}", document_id, username); // Get document metadata @@ -199,14 +236,15 @@ impl DocumentService { let user = self.vault_client.get_user_info(username).await?; // Sign the document hash with user's key - let url = format!("{}/v1/transit/sign/{}", - self.vault_client.addr, username); + let url = format!("{}/v1/transit/sign/{}", self.vault_client.addr, username); let payload = json!({ "input": BASE64.encode(document.hash.as_bytes()), }); - let response = self.vault_client.client + let response = self + .vault_client + .client .post(&url) .header("X-Vault-Token", user_token) .json(&payload) @@ -224,7 +262,8 @@ impl DocumentService { debug!("Generated signature for document {}", document_id); // Update document with signature - self.add_signature(document_id, username, &signature).await?; + self.add_signature(document_id, username, &signature) + .await?; // Update department signature record self.record_department_signature(document_id, &user).await?; @@ -238,26 +277,43 @@ impl DocumentService { status => { let error_text = response.text().await?; error!("Failed to sign document: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to sign document: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to sign document: {} - {}", + status, + error_text + )) } } } // Add a signature to a document #[instrument(skip(self, signature), fields(document_id = %document_id, username = %username))] - async fn add_signature(&self, document_id: &str, username: &str, signature: &str) -> Result<()> { - debug!("Adding signature from {} to document {}", username, document_id); + async fn add_signature( + &self, + document_id: &str, + username: &str, + signature: &str, + ) -> Result<()> { + debug!( + "Adding signature from {} to document {}", + username, document_id + ); // Get current document let mut document = self.get_document(document_id).await?; // Add signature - document.signatures.insert(username.to_string(), signature.to_string()); + document + .signatures + .insert(username.to_string(), signature.to_string()); // Store updated document self.store_document_metadata(&document).await?; - debug!("Added signature from {} to document {}", username, document_id); + debug!( + "Added signature from {} to document {}", + username, document_id + ); Ok(()) } @@ -269,13 +325,20 @@ impl DocumentService { Department::Finance => "finance", }; - debug!("Recording {} department signature for document {}", dept_str, document_id); + debug!( + "Recording {} department signature for document {}", + dept_str, document_id + ); - let url = format!("{}/v1/documents/data/dept/{}/signatures/{}", - self.vault_client.addr, dept_str, document_id); + let url = format!( + "{}/v1/documents/data/dept/{}/signatures/{}", + self.vault_client.addr, dept_str, document_id + ); // Check if department signatures already exist - let response = self.vault_client.client + let response = self + .vault_client + .client .get(&url) .header("X-Vault-Token", &self.vault_client.token) .send() @@ -309,7 +372,9 @@ impl DocumentService { } }); - let response = self.vault_client.client + let response = self + .vault_client + .client .post(&url) .header("X-Vault-Token", &self.vault_client.token) .json(&payload) @@ -318,13 +383,23 @@ impl DocumentService { match response.status() { StatusCode::OK | StatusCode::NO_CONTENT => { - info!("Recorded signature for {} in {} department", user.username, dept_str); + info!( + "Recorded signature for {} in {} department", + user.username, dept_str + ); Ok(()) } status => { let error_text = response.text().await?; - error!("Failed to record department signature: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to record department signature: {} - {}", status, error_text)) + error!( + "Failed to record department signature: {} - {}", + status, error_text + ); + Err(anyhow::anyhow!( + "Failed to record department signature: {} - {}", + status, + error_text + )) } } } @@ -364,17 +439,24 @@ impl DocumentService { // Verify document signatures #[instrument(skip(self))] - pub async fn verify_document_signatures(&self, document_id: &str) -> Result { + pub async fn verify_document_signatures( + &self, + document_id: &str, + ) -> Result { info!("Verifying signatures for document {}", document_id); // Get document let document = self.get_document(document_id).await?; // Get signing requirements - let url = format!("{}/v1/documents/data/config/signing_requirements", - self.vault_client.addr); + let url = format!( + "{}/v1/documents/data/config/signing_requirements", + self.vault_client.addr + ); - let response = self.vault_client.client + let response = self + .vault_client + .client .get(&url) .header("X-Vault-Token", &self.vault_client.token) .send() @@ -384,8 +466,15 @@ impl DocumentService { StatusCode::OK => response.json::().await?, status => { let error_text = response.text().await?; - error!("Failed to get signing requirements: {} - {}", status, error_text); - return Err(anyhow::anyhow!("Failed to get signing requirements: {} - {}", status, error_text)); + error!( + "Failed to get signing requirements: {} - {}", + status, error_text + ); + return Err(anyhow::anyhow!( + "Failed to get signing requirements: {} - {}", + status, + error_text + )); } }; @@ -413,13 +502,15 @@ impl DocumentService { // Get department signatures let legal_signatures = self.get_department_signatures(document_id, "legal").await?; - let finance_signatures = self.get_department_signatures(document_id, "finance").await?; + let finance_signatures = self + .get_department_signatures(document_id, "finance") + .await?; // Check if requirements are met let total_signatures = document.signatures.len(); - let is_verified = total_signatures >= required_signatures && - legal_signatures.len() >= required_legal && - finance_signatures.len() >= required_finance; + let is_verified = total_signatures >= required_signatures + && legal_signatures.len() >= required_legal + && finance_signatures.len() >= required_finance; let verification = SignatureVerification { document_id: document_id.to_string(), @@ -449,13 +540,24 @@ impl DocumentService { // Get department signatures for a document #[instrument(skip(self))] - async fn get_department_signatures(&self, document_id: &str, department: &str) -> Result> { - debug!("Getting {} department signatures for document {}", department, document_id); + async fn get_department_signatures( + &self, + document_id: &str, + department: &str, + ) -> Result> { + debug!( + "Getting {} department signatures for document {}", + department, document_id + ); - let url = format!("{}/v1/documents/data/dept/{}/signatures/{}", - self.vault_client.addr, department, document_id); + let url = format!( + "{}/v1/documents/data/dept/{}/signatures/{}", + self.vault_client.addr, department, document_id + ); - let response = self.vault_client.client + let response = self + .vault_client + .client .get(&url) .header("X-Vault-Token", &self.vault_client.token) .send() @@ -477,8 +579,12 @@ impl DocumentService { } } - debug!("Found {} signatures for {} department on document {}", - signatures.len(), department, document_id); + debug!( + "Found {} signatures for {} department on document {}", + signatures.len(), + department, + document_id + ); Ok(signatures) } diff --git a/src/lib.rs b/src/lib.rs index 7ce0e6f..ed3598d 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,11 +1,11 @@ // Modules that implement our hierarchical signing system -pub mod vault_setup; -pub mod vault_init; -pub mod document_service; pub mod api; +pub mod document_service; +pub mod vault_init; +pub mod vault_setup; // Re-export main components for easier access -pub use vault_setup::VaultClient; -pub use vault_init::initialize_vault; -pub use document_service::DocumentService; pub use api::start_api; +pub use document_service::DocumentService; +pub use vault_init::initialize_vault; +pub use vault_setup::VaultClient; diff --git a/src/main.rs b/src/main.rs index d57cd89..8afb25f 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,14 +1,18 @@ use anyhow::Result; use clap::{Parser, Subcommand}; use std::path::PathBuf; -use tracing::{info}; -use tracing_subscriber::{fmt, EnvFilter}; +use tracing::info; +use tracing_subscriber::{EnvFilter, fmt}; // Import our library -use vault_hier::{start_api, initialize_vault}; +use vault_hier::{initialize_vault, start_api}; #[derive(Parser)] -#[command(author, version, about = "Hierarchical Document Signing with HashiCorp Vault")] +#[command( + author, + version, + about = "Hierarchical Document Signing with HashiCorp Vault" +)] struct Cli { #[command(subcommand)] command: Commands, @@ -117,27 +121,49 @@ async fn main() -> Result<()> { let cli = Cli::parse(); match cli.command { - Commands::Server { vault_addr, api_port } => { + Commands::Server { + vault_addr, + api_port, + } => { run_server(&vault_addr, api_port).await?; - }, - Commands::Login { username, password, api_url } => { + } + Commands::Login { + username, + password, + api_url, + } => { login(&username, &password, &api_url).await?; - }, - Commands::Upload { name, file, api_url } => { + } + Commands::Upload { + name, + file, + api_url, + } => { upload_document(&name, file, &api_url).await?; - }, - Commands::Sign { document_id, username, token, api_url } => { + } + Commands::Sign { + document_id, + username, + token, + api_url, + } => { sign_document(&document_id, &username, &token, &api_url).await?; - }, - Commands::Verify { document_id, api_url } => { + } + Commands::Verify { + document_id, + api_url, + } => { verify_document(&document_id, &api_url).await?; - }, + } Commands::List { api_url } => { list_documents(&api_url).await?; - }, - Commands::Get { document_id, api_url } => { + } + Commands::Get { + document_id, + api_url, + } => { get_document(&document_id, &api_url).await?; - }, + } } Ok(()) @@ -194,8 +220,10 @@ async fn upload_document(name: &str, file_path: PathBuf, api_url: &str) -> Resul let form = reqwest::multipart::Form::new() .text("name", name.to_string()) - .part("file", reqwest::multipart::Part::bytes(file_content) - .file_name(file_name.to_string())); + .part( + "file", + reqwest::multipart::Part::bytes(file_content).file_name(file_name.to_string()), + ); let client = reqwest::Client::new(); let response = client @@ -216,7 +244,12 @@ async fn upload_document(name: &str, file_path: PathBuf, api_url: &str) -> Resul Ok(()) } -async fn sign_document(document_id: &str, username: &str, token: &str, api_url: &str) -> Result<()> { +async fn sign_document( + document_id: &str, + username: &str, + token: &str, + api_url: &str, +) -> Result<()> { info!("Signing document: {}", document_id); let client = reqwest::Client::new(); @@ -255,16 +288,21 @@ async fn verify_document(document_id: &str, api_url: &str) -> Result<()> { println!("Verification result:"); println!(" Valid: {}", data["valid"]); println!(" Total signatures: {}", data["signature_count"]); - println!(" Departments represented: {}", data["departments_represented"]); + println!( + " Departments represented: {}", + data["departments_represented"] + ); if let Some(signatures) = data["signatures"].as_array() { println!("\nSignatures:"); for (i, sig) in signatures.iter().enumerate() { - println!(" {}. User: {}, Department: {}, Time: {}", - i+1, + println!( + " {}. User: {}, Department: {}, Time: {}", + i + 1, sig["username"], sig["department"], - sig["timestamp"]); + sig["timestamp"] + ); } } } else { @@ -289,7 +327,7 @@ async fn list_documents(api_url: &str) -> Result<()> { println!("Documents:"); for (i, doc) in data.iter().enumerate() { - println!(" {}. ID: {}, Name: {}", i+1, doc["id"], doc["name"]); + println!(" {}. ID: {}, Name: {}", i + 1, doc["id"], doc["name"]); } if data.is_empty() { @@ -323,11 +361,13 @@ async fn get_document(document_id: &str, api_url: &str) -> Result<()> { if let Some(signatures) = doc["signatures"].as_array() { println!("\nSignatures:"); for (i, sig) in signatures.iter().enumerate() { - println!(" {}. User: {}, Department: {}, Time: {}", - i+1, + println!( + " {}. User: {}, Department: {}, Time: {}", + i + 1, sig["username"], sig["department"], - sig["timestamp"]); + sig["timestamp"] + ); } if signatures.is_empty() { diff --git a/src/vault_init.rs b/src/vault_init.rs index 9d489e1..1e3005c 100644 --- a/src/vault_init.rs +++ b/src/vault_init.rs @@ -1,10 +1,7 @@ use anyhow::{Context, Result}; use reqwest::Client; -use std::{ - env, - fs, -}; -use tracing::{info, warn, error, debug}; +use std::{env, fs}; +use tracing::{debug, error, info, warn}; use crate::vault_setup::VaultClient; @@ -16,14 +13,17 @@ pub async fn initialize_vault(vault_addr: &str) -> Result { VaultClient::wait_for_vault(vault_addr).await?; // Display Vault health status - let health_url = format!("{}/v1/sys/health?standbyok=true&sealedok=true&uninitok=true", vault_addr); + let health_url = format!( + "{}/v1/sys/health?standbyok=true&sealedok=true&uninitok=true", + vault_addr + ); match client.get(&health_url).send().await { Ok(response) => { if response.status().is_success() { let status_text = response.text().await?; info!("Vault status: {}", status_text); } - }, + } Err(e) => warn!("Error getting Vault status: {}", e), } @@ -47,7 +47,7 @@ pub async fn initialize_vault(vault_addr: &str) -> Result { Ok(key) => { info!("Found unseal key {} from environment", i); unseal_keys.push(key); - }, + } Err(_) => { debug!("Unseal key {} not found in environment", i); } @@ -56,11 +56,16 @@ pub async fn initialize_vault(vault_addr: &str) -> Result { // If we have unseal keys, try to unseal if !unseal_keys.is_empty() { - info!("Found {} unseal keys. Attempting to unseal...", unseal_keys.len()); + info!( + "Found {} unseal keys. Attempting to unseal...", + unseal_keys.len() + ); VaultClient::unseal_vault(&client, vault_addr, &unseal_keys).await?; } else { warn!("No unseal keys found. Vault remains sealed."); - info!("To unseal, set VAULT_UNSEAL_KEY_1, VAULT_UNSEAL_KEY_2, etc. environment variables."); + info!( + "To unseal, set VAULT_UNSEAL_KEY_1, VAULT_UNSEAL_KEY_2, etc. environment variables." + ); } } else { info!("Vault is already unsealed."); @@ -71,7 +76,7 @@ pub async fn initialize_vault(vault_addr: &str) -> Result { Ok(token) => { info!("Found root token from environment"); root_token = token; - }, + } Err(_) => { // Try to load from credentials file if let Ok(contents) = fs::read_to_string("vault-credentials.json") { @@ -86,8 +91,12 @@ pub async fn initialize_vault(vault_addr: &str) -> Result { } if root_token.is_empty() { - error!("Unable to find root token. Please set VAULT_TOKEN environment variable or provide vault-credentials.json file."); - anyhow::bail!("Unable to find root token. Please set VAULT_TOKEN environment variable or provide vault-credentials.json file."); + error!( + "Unable to find root token. Please set VAULT_TOKEN environment variable or provide vault-credentials.json file." + ); + anyhow::bail!( + "Unable to find root token. Please set VAULT_TOKEN environment variable or provide vault-credentials.json file." + ); } } else { // Initialize Vault @@ -112,11 +121,17 @@ pub async fn initialize_vault(vault_addr: &str) -> Result { if let Ok(()) = std::fs::create_dir_all("/app/data") { let docker_json_path = "/app/data/vault-credentials.json"; VaultClient::save_credentials(&init_response, docker_json_path)?; - info!("Backup JSON credentials saved to Docker volume at: {}", docker_json_path); + info!( + "Backup JSON credentials saved to Docker volume at: {}", + docker_json_path + ); let docker_text_path = "/app/data/vault-credentials.txt"; VaultClient::save_credentials(&init_response, docker_text_path)?; - info!("Backup text credentials saved to Docker volume at: {}", docker_text_path); + info!( + "Backup text credentials saved to Docker volume at: {}", + docker_text_path + ); } info!("========================================="); @@ -130,8 +145,10 @@ pub async fn initialize_vault(vault_addr: &str) -> Result { info!("========================================="); // Unseal Vault using the first three keys - let unseal_keys = init_response.keys_base64.iter() - .take(3) // We only need threshold number of keys (3) + let unseal_keys = init_response + .keys_base64 + .iter() + .take(3) // We only need threshold number of keys (3) .cloned() .collect::>(); diff --git a/src/vault_setup.rs b/src/vault_setup.rs index 872840e..f0cc020 100644 --- a/src/vault_setup.rs +++ b/src/vault_setup.rs @@ -2,14 +2,9 @@ use anyhow::{Context, Result}; use reqwest::{Client, StatusCode}; use serde::{Deserialize, Serialize}; use serde_json::json; -use std::{ - fs::File, - io::Write, - path::Path, - time::Duration, -}; +use std::{fs::File, io::Write, path::Path, time::Duration}; use tokio::time::sleep; -use tracing::{info, error, debug, instrument}; +use tracing::{debug, error, info, instrument}; // Vault API response structures #[derive(Debug, Deserialize)] @@ -77,9 +72,17 @@ impl VaultClient { let client = Client::new(); for i in 1..=30 { - let health_url = format!("{}/v1/sys/health?standbyok=true&sealedok=true&uninitok=true", addr); + let health_url = format!( + "{}/v1/sys/health?standbyok=true&sealedok=true&uninitok=true", + addr + ); - match client.get(&health_url).timeout(Duration::from_secs(1)).send().await { + match client + .get(&health_url) + .timeout(Duration::from_secs(1)) + .send() + .await + { Ok(response) => { let status = response.status().as_u16(); // Accept any of these status codes as "available" @@ -89,7 +92,7 @@ impl VaultClient { } debug!("Vault returned unexpected status code: {}", status); - }, + } Err(e) => { debug!("Error connecting to Vault: {}", e); } @@ -97,7 +100,9 @@ impl VaultClient { if i == 30 { error!("Timed out waiting for Vault to become available"); - return Err(anyhow::anyhow!("Timed out waiting for Vault to become available")); + return Err(anyhow::anyhow!( + "Timed out waiting for Vault to become available" + )); } info!("Vault is unavailable - sleeping (attempt {}/30)", i); @@ -112,10 +117,7 @@ impl VaultClient { pub async fn check_init_status(client: &Client, addr: &str) -> Result { info!("Checking if Vault is already initialized..."); - let response = client - .get(format!("{}/v1/sys/init", addr)) - .send() - .await?; + let response = client.get(format!("{}/v1/sys/init", addr)).send().await?; if response.status().is_success() { let status = response.json::().await?; @@ -140,8 +142,10 @@ impl VaultClient { if response.status().is_success() { let status = response.json::().await?; - info!("Seal status: sealed={}, threshold={}, shares={}, progress={}", - status.sealed, status.t, status.n, status.progress); + info!( + "Seal status: sealed={}, threshold={}, shares={}, progress={}", + status.sealed, status.t, status.n, status.progress + ); return Ok(status); } else { let error_text = response.text().await?; @@ -224,9 +228,7 @@ impl VaultClient { for (i, key) in unseal_keys.iter().take(required_keys).enumerate() { info!("Applying unseal key {}/{}...", i + 1, required_keys); - let unseal_req = UnsealRequest { - key: key.clone(), - }; + let unseal_req = UnsealRequest { key: key.clone() }; let response = client .put(format!("{}/v1/sys/unseal", addr)) @@ -319,7 +321,8 @@ impl VaultClient { "type": engine_type, }); - let response = self.client + let response = self + .client .post(&url) .header("X-Vault-Token", &self.token) .json(&payload) @@ -339,13 +342,23 @@ impl VaultClient { Ok(()) } else { error!("Failed to enable secrets engine: {}", error_text); - Err(anyhow::anyhow!("Failed to enable secrets engine: {}", error_text)) + Err(anyhow::anyhow!( + "Failed to enable secrets engine: {}", + error_text + )) } } status => { let error_text = response.text().await?; - error!("Failed to enable secrets engine: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to enable secrets engine: {} - {}", status, error_text)) + error!( + "Failed to enable secrets engine: {} - {}", + status, error_text + ); + Err(anyhow::anyhow!( + "Failed to enable secrets engine: {} - {}", + status, + error_text + )) } } } @@ -360,7 +373,8 @@ impl VaultClient { "type": method, }); - let response = self.client + let response = self + .client .post(&url) .header("X-Vault-Token", &self.token) .json(&payload) @@ -380,25 +394,38 @@ impl VaultClient { Ok(()) } else { error!("Failed to enable auth method: {}", error_text); - Err(anyhow::anyhow!("Failed to enable auth method: {}", error_text)) + Err(anyhow::anyhow!( + "Failed to enable auth method: {}", + error_text + )) } } status => { let error_text = response.text().await?; error!("Failed to enable auth method: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to enable auth method: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to enable auth method: {} - {}", + status, + error_text + )) } } } // Create a new user in Vault and associate with department #[instrument(skip(self, password))] - pub async fn create_user(&self, username: &str, password: &str, department: Department) -> Result<()> { + pub async fn create_user( + &self, + username: &str, + password: &str, + department: Department, + ) -> Result<()> { info!("Creating user {} in department {:?}", username, department); // Step 1: Create a policy for the user let policy_name = format!("{}-policy", username); - self.create_signing_policy(&policy_name, department.clone()).await?; + self.create_signing_policy(&policy_name, department.clone()) + .await?; // Step 2: Create the user with userpass auth let url = format!("{}/v1/auth/userpass/users/{}", self.addr, username); @@ -407,7 +434,8 @@ impl VaultClient { "policies": [policy_name], }); - let response = self.client + let response = self + .client .post(&url) .header("X-Vault-Token", &self.token) .json(&payload) @@ -429,7 +457,11 @@ impl VaultClient { status => { let error_text = response.text().await?; error!("Failed to create user: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to create user: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to create user: {} - {}", + status, + error_text + )) } } } @@ -444,9 +476,10 @@ impl VaultClient { // Get the username from the policy name (remove "-policy" suffix) let username = policy_name.trim_end_matches("-policy"); - + // Policy content with specific paths for the department - let policy = format!(r#" + let policy = format!( + r#" # Allow reading document metadata path "documents/data/docs/*" {{ capabilities = ["read"] @@ -466,14 +499,17 @@ impl VaultClient { path "documents/data/dept/{}/signatures/*" {{ capabilities = ["create", "read", "update"] }} - "#, username, dept_name); + "#, + username, dept_name + ); let url = format!("{}/v1/sys/policies/acl/{}", self.addr, policy_name); let payload = json!({ "policy": policy, }); - let response = self.client + let response = self + .client .put(&url) .header("X-Vault-Token", &self.token) .json(&payload) @@ -488,7 +524,11 @@ impl VaultClient { status => { let error_text = response.text().await?; error!("Failed to create policy: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to create policy: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to create policy: {} - {}", + status, + error_text + )) } } } @@ -501,7 +541,8 @@ impl VaultClient { "type": "ed25519", }); - let response = self.client + let response = self + .client .post(&url) .header("X-Vault-Token", &self.token) .json(&payload) @@ -516,7 +557,11 @@ impl VaultClient { status => { let error_text = response.text().await?; error!("Failed to create signing key: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to create signing key: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to create signing key: {} - {}", + status, + error_text + )) } } } @@ -537,7 +582,8 @@ impl VaultClient { } }); - let response = self.client + let response = self + .client .post(&url) .header("X-Vault-Token", &self.token) .json(&payload) @@ -552,7 +598,11 @@ impl VaultClient { status => { let error_text = response.text().await?; error!("Failed to store user metadata: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to store user metadata: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to store user metadata: {} - {}", + status, + error_text + )) } } } @@ -567,7 +617,8 @@ impl VaultClient { let username = format!("legal{}", i); let password = format!("legal{}pass", i); debug!(username, "Creating Legal department user"); - self.create_user(&username, &password, Department::Legal).await?; + self.create_user(&username, &password, Department::Legal) + .await?; } // Create 5 users in Finance department @@ -575,7 +626,8 @@ impl VaultClient { let username = format!("finance{}", i); let password = format!("finance{}pass", i); debug!(username, "Creating Finance department user"); - self.create_user(&username, &password, Department::Finance).await?; + self.create_user(&username, &password, Department::Finance) + .await?; } // Setup document signing requirements @@ -590,7 +642,10 @@ impl VaultClient { async fn setup_signing_requirements(&self) -> Result<()> { info!("Setting up document signing requirements"); - let url = format!("{}/v1/documents/data/config/signing_requirements", self.addr); + let url = format!( + "{}/v1/documents/data/config/signing_requirements", + self.addr + ); let payload = json!({ "data": { "total_required": 3, @@ -610,7 +665,8 @@ impl VaultClient { } }); - let response = self.client + let response = self + .client .post(&url) .header("X-Vault-Token", &self.token) .json(&payload) @@ -624,8 +680,15 @@ impl VaultClient { } status => { let error_text = response.text().await?; - error!("Failed to configure signing requirements: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to configure signing requirements: {} - {}", status, error_text)) + error!( + "Failed to configure signing requirements: {} - {}", + status, error_text + ); + Err(anyhow::anyhow!( + "Failed to configure signing requirements: {} - {}", + status, + error_text + )) } } } @@ -640,11 +703,7 @@ impl VaultClient { "password": password, }); - let response = self.client - .post(&url) - .json(&payload) - .send() - .await?; + let response = self.client.post(&url).json(&payload).send().await?; match response.status() { StatusCode::OK => { @@ -660,7 +719,11 @@ impl VaultClient { status => { let error_text = response.text().await?; error!("Failed to login: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to login: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to login: {} - {}", + status, + error_text + )) } } } @@ -672,7 +735,8 @@ impl VaultClient { let url = format!("{}/v1/documents/data/users/{}", self.addr, username); - let response = self.client + let response = self + .client .get(&url) .header("X-Vault-Token", &self.token) .send() @@ -694,7 +758,10 @@ impl VaultClient { } }; - debug!("Retrieved user info for {} in {:?} department", username, department); + debug!( + "Retrieved user info for {} in {:?} department", + username, department + ); Ok(User { username: username.to_string(), department, @@ -703,7 +770,11 @@ impl VaultClient { status => { let error_text = response.text().await?; error!("Failed to get user info: {} - {}", status, error_text); - Err(anyhow::anyhow!("Failed to get user info: {} - {}", status, error_text)) + Err(anyhow::anyhow!( + "Failed to get user info: {} - {}", + status, + error_text + )) } } }