assay_common/
exports.rs

1// Serializable export types for incident bundles
2
3use serde::Serialize;
4use std::collections::HashMap;
5use std::string::String;
6use std::vec::Vec;
7use std::option::Option; // Option is usually in core prelude, but to be safe. Actually Option/Result are usually available.
8// String and Vec are the main ones missing in no_std default.
9
10/// Exported process node (from ProcessTreeTracker)
11#[derive(Debug, Clone, Serialize)]
12pub struct ProcessNodeExport {
13    pub pid: u32,
14    pub parent_pid: Option<u32>,
15    pub children: Vec<u32>,
16    pub exe: Option<String>,
17    pub cmdline: Option<String>,
18    pub cwd: Option<String>,
19    pub state: ProcessStateExport,
20    pub depth: u32,
21}
22
23/// Process state for export
24#[derive(Debug, Clone, Copy, Serialize, PartialEq, Eq)]
25#[serde(rename_all = "snake_case")]
26pub enum ProcessStateExport {
27    Running,
28    Exited,
29    Killed,
30}
31
32/// Exported process tree
33#[derive(Debug, Clone, Serialize)]
34#[derive(Default)]
35pub struct ProcessTreeExport {
36    /// Root PIDs (explicitly monitored)
37    pub roots: Vec<u32>,
38
39    /// All nodes in the tree
40    pub nodes: HashMap<u32, ProcessNodeExport>,
41
42    /// Total count of nodes
43    pub total_count: usize,
44}
45
46
47
48/// Kill result export (from kill_tree)
49#[derive(Debug, Clone, Serialize)]
50pub struct KillResultExport {
51    /// PIDs successfully killed
52    pub killed: Vec<u32>,
53
54    /// PIDs that failed to kill
55    pub failed: Vec<KillFailureExport>,
56
57    /// Total attempted
58    pub attempted: usize,
59
60    /// Overall success
61    pub success: bool,
62
63    /// Duration in milliseconds
64    pub duration_ms: u64,
65
66    /// Kill order used
67    pub order: String,
68
69    /// Kill mode used
70    pub mode: String,
71}
72
73#[derive(Debug, Clone, Serialize)]
74pub struct KillFailureExport {
75    pub pid: u32,
76    pub error: String,
77    pub retries: u32,
78}
79
80/// Event record for incident bundles
81#[derive(Debug, Clone, Serialize)]
82pub struct EventRecordExport {
83    /// ISO timestamp
84    pub timestamp: String,
85
86    /// Process ID
87    pub pid: u32,
88
89    /// Event type name
90    pub event_type: String,
91
92    /// Event-specific details
93    pub details: serde_json::Value,
94}
95
96impl EventRecordExport {
97    /// Create from a decoded event.
98    /// Note: This simplifies the previous implementation by avoiding circular dependency on super::events.
99    /// The caller is responsible for converting their specific Event enum to this strict output format.
100    pub fn new(
101        pid: u32,
102        timestamp: chrono::DateTime<chrono::Utc>,
103        event_type: String,
104        details: serde_json::Value
105    ) -> Self {
106        Self {
107            timestamp: timestamp.to_rfc3339(),
108            pid,
109            event_type,
110            details,
111        }
112    }
113}
assay_common/exports.rs

assay_common/
exports.rs
