Skip to main content

assay_common/
exports.rs

1// Serializable export types for incident bundles
2
3use serde::Serialize;
4use std::collections::HashMap;
5use std::option::Option;
6use std::string::String;
7use std::vec::Vec; // Option is usually in core prelude, but to be safe. Actually Option/Result are usually available.
8                   // String and Vec are the main ones missing in no_std default.
9
10/// Exported process node (from ProcessTreeTracker)
11#[derive(Debug, Clone, Serialize)]
12pub struct ProcessNodeExport {
13    pub pid: u32,
14    pub parent_pid: Option<u32>,
15    pub children: Vec<u32>,
16    pub exe: Option<String>,
17    pub cmdline: Option<String>,
18    pub cwd: Option<String>,
19    pub state: ProcessStateExport,
20    pub depth: u32,
21}
22
23/// Process state for export
24#[derive(Debug, Clone, Copy, Serialize, PartialEq, Eq)]
25#[serde(rename_all = "snake_case")]
26pub enum ProcessStateExport {
27    Running,
28    Exited,
29    Killed,
30}
31
32/// Exported process tree
33#[derive(Debug, Clone, Serialize, Default)]
34pub struct ProcessTreeExport {
35    /// Root PIDs (explicitly monitored)
36    pub roots: Vec<u32>,
37
38    /// All nodes in the tree
39    pub nodes: HashMap<u32, ProcessNodeExport>,
40
41    /// Total count of nodes
42    pub total_count: usize,
43}
44
45/// Kill result export (from kill_tree)
46#[derive(Debug, Clone, Serialize)]
47pub struct KillResultExport {
48    /// PIDs successfully killed
49    pub killed: Vec<u32>,
50
51    /// PIDs that failed to kill
52    pub failed: Vec<KillFailureExport>,
53
54    /// Total attempted
55    pub attempted: usize,
56
57    /// Overall success
58    pub success: bool,
59
60    /// Duration in milliseconds
61    pub duration_ms: u64,
62
63    /// Kill order used
64    pub order: String,
65
66    /// Kill mode used
67    pub mode: String,
68}
69
70#[derive(Debug, Clone, Serialize)]
71pub struct KillFailureExport {
72    pub pid: u32,
73    pub error: String,
74    pub retries: u32,
75}
76
77/// Event record for incident bundles
78#[derive(Debug, Clone, Serialize)]
79pub struct EventRecordExport {
80    /// ISO timestamp
81    pub timestamp: String,
82
83    /// Process ID
84    pub pid: u32,
85
86    /// Event type name
87    pub event_type: String,
88
89    /// Event-specific details
90    pub details: serde_json::Value,
91}
92
93impl EventRecordExport {
94    /// Create from a decoded event.
95    /// Note: This simplifies the previous implementation by avoiding circular dependency on super::events.
96    /// The caller is responsible for converting their specific Event enum to this strict output format.
97    pub fn new(
98        pid: u32,
99        timestamp: chrono::DateTime<chrono::Utc>,
100        event_type: String,
101        details: serde_json::Value,
102    ) -> Self {
103        Self {
104            timestamp: timestamp.to_rfc3339(),
105            pid,
106            event_type,
107            details,
108        }
109    }
110}