cindy 0.2.1

Managing infrastructure at breakneck speed.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

use crate as cindy;

use uuid::Uuid;

#[doc(hidden)]
#[crate::wire]
pub struct RemoteFnPayload {
    pub uuid: Uuid,
    pub fn_id: String,
    pub data: Vec<u8>,
}

/// A message the orchestrator sends *to* the worker over the RPC
/// channel.
///
/// The first frame is always a [`Handshake`](WorkerInbound::Handshake)
/// carrying the vault DEKs this worker needs; everything after is a
/// [`Call`](WorkerInbound::Call). Routing keys through the channel
/// (rather than an env var or argv) means the raw key material never
/// appears in the target's process table — it lives only in the
/// SSH-protected pipe and the worker's memory.
#[doc(hidden)]
#[crate::wire]
pub enum WorkerInbound {
    /// Sent once, first: the `{vault: raw-DEK-bytes}` map the worker
    /// installs into its keychain before serving any calls.
    Handshake {
        vault_keys: std::collections::HashMap<String, Vec<u8>>,
    },
    /// A remote-function invocation.
    Call(RemoteFnPayload),
}

#[doc(hidden)]
#[crate::wire]
pub enum RemoteFnResponse {
    Ok(Vec<u8>),
    Panic(String),
}

#[doc(hidden)]
#[crate::wire]
pub struct RemoteFnResponsePayload {
    pub uuid: Uuid,
    pub response: RemoteFnResponse,
}

#[doc(hidden)]
pub fn quarantine_stdio() -> (tokio::fs::File, tokio::fs::File) {
    let saved_in = nix::unistd::dup(std::io::stdin()).expect("Couldn't dup RPC stdin off FD 0");
    let saved_out = nix::unistd::dup(std::io::stdout()).expect("Couldn't dup RPC stdout off FD 1");

    nix::unistd::dup2_stdout(std::io::stderr()).expect("Couldn't redirect FD 1 to stderr");

    let dev_null =
        std::fs::File::open("/dev/null").expect("Couldn't open /dev/null for FD 0 redirect");
    nix::unistd::dup2_stdin(&dev_null).expect("Couldn't redirect FD 0 to /dev/null");
    // `dev_null` drops here; the kernel still holds the underlying file
    // via FD 0, which `dup2_stdin` just pointed at it.

    (
        tokio::fs::File::from_std(std::fs::File::from(saved_in)),
        tokio::fs::File::from_std(std::fs::File::from(saved_out)),
    )
}