fluentci_pdk/
lib.rs

1use extism_pdk::*;
2use fluentci_types::{nix::NixArgs, secret::*, Module};
3use proto::Proto;
4use secret::Secret;
5use secret_manager::SecretManager;
6
7use self::{
8    cache::Cache, devbox::Devbox, devenv::Devenv, directory::Directory, envhub::Envhub, file::File,
9    flox::Flox, git::Git, hermit::Hermit, mise::Mise, nix::Nix, pipeline::Pipeline, pixi::Pixi,
10    pkgx::Pkgx,
11};
12
13pub mod cache;
14pub mod devbox;
15pub mod devenv;
16pub mod directory;
17pub mod envhub;
18pub mod file;
19pub mod flox;
20pub mod git;
21pub mod hermit;
22pub mod mise;
23pub mod nix;
24pub mod pipeline;
25pub mod pixi;
26pub mod pkgx;
27pub mod proto;
28pub mod secret;
29pub mod secret_manager;
30
31#[host_fn]
32extern "ExtismHost" {
33    fn cache(key: String) -> Json<Cache>;
34    fn devbox() -> Json<Devbox>;
35    fn devenv() -> Json<Devenv>;
36    fn directory(path: String) -> Json<Directory>;
37    fn envhub() -> Json<Envhub>;
38    fn file(path: String) -> Json<File>;
39    fn flox() -> Json<Flox>;
40    fn git(url: String) -> Json<Git>;
41    fn http(url: String) -> Json<File>;
42    fn hermit() -> Json<Hermit>;
43    fn mise() -> Json<Mise>;
44    fn nix(args: Json<NixArgs>) -> Json<Nix>;
45    fn pipeline(name: String) -> Json<Pipeline>;
46    fn pixi() -> Json<Pixi>;
47    fn proto() -> Json<Proto>;
48    fn pkgx() -> Json<Pkgx>;
49    fn get_env(key: String) -> String;
50    fn has_env(key: String) -> Json<bool>;
51    fn set_envs(envs: Json<Vec<(String, String)>>);
52    fn remove_env(key: String);
53    fn get_os() -> String;
54    fn get_arch() -> String;
55    fn call(opts: Json<Module>) -> String;
56    fn add_secretmanager(provider: Json<Provider>) -> String;
57    fn set_secret(params: Json<Vec<String>>) -> String;
58}
59
60pub struct Client {}
61
62pub fn dag() -> Client {
63    Client {}
64}
65
66impl Client {
67    pub fn cache(&self, key: &str) -> Result<Cache, Error> {
68        unsafe { cache(key.into()) }.map(|cache| cache.into_inner())
69    }
70
71    pub fn devbox(&self) -> Result<Devbox, Error> {
72        unsafe { devbox() }.map(|devbox| devbox.into_inner())
73    }
74
75    pub fn devenv(&self) -> Result<Devenv, Error> {
76        unsafe { devenv() }.map(|devenv| devenv.into_inner())
77    }
78
79    pub fn directory(&self, path: &str) -> Result<Directory, Error> {
80        unsafe { directory(path.to_string()) }.map(|directory| directory.into_inner())
81    }
82
83    pub fn envhub(&self) -> Result<Envhub, Error> {
84        unsafe { envhub() }.map(|envhub| envhub.into_inner())
85    }
86
87    pub fn file(&self, path: &str) -> Result<File, Error> {
88        unsafe { file(path.into()) }.map(|file| file.into_inner())
89    }
90
91    pub fn flox(&self) -> Result<Flox, Error> {
92        unsafe { flox() }.map(|flox| flox.into_inner())
93    }
94
95    pub fn git(&self, url: &str) -> Result<Git, Error> {
96        unsafe { git(url.into()) }.map(|git| git.into_inner())
97    }
98
99    pub fn http(&self, url: &str) -> Result<File, Error> {
100        unsafe { http(url.into()) }.map(|file| file.into_inner())
101    }
102
103    pub fn mise(&self) -> Result<Mise, Error> {
104        unsafe { mise() }.map(|mise| mise.into_inner())
105    }
106
107    pub fn hermit(&self) -> Result<Hermit, Error> {
108        unsafe { hermit() }.map(|hermit| hermit.into_inner())
109    }
110
111    pub fn nix(&self, args: NixArgs) -> Result<Nix, Error> {
112        unsafe { nix(Json(args)) }.map(|nix| nix.into_inner())
113    }
114
115    pub fn pipeline(&self, name: &str) -> Result<Pipeline, Error> {
116        unsafe { pipeline(name.into()) }.map(|pipeline| pipeline.into_inner())
117    }
118
119    pub fn pixi(&self) -> Result<Pixi, Error> {
120        unsafe { pixi() }.map(|pixi| pixi.into_inner())
121    }
122
123    pub fn pkgx(&self) -> Result<Pkgx, Error> {
124        unsafe { pkgx() }.map(|pkgx| pkgx.into_inner())
125    }
126
127    pub fn proto(&self) -> Result<Proto, Error> {
128        unsafe { proto() }.map(|proto| proto.into_inner())
129    }
130
131    pub fn get_env(&self, key: &str) -> Result<String, Error> {
132        unsafe { get_env(key.into()) }
133    }
134
135    pub fn has_env(&self, key: &str) -> Result<bool, Error> {
136        unsafe { has_env(key.into()) }.map(|has_env| has_env.into_inner())
137    }
138
139    pub fn set_envs(&self, envs: Vec<(String, String)>) -> Result<(), Error> {
140        unsafe { set_envs(envs.into()) }
141    }
142
143    pub fn remove_env(&self, key: &str) -> Result<(), Error> {
144        unsafe { remove_env(key.into()) }
145    }
146
147    pub fn get_os(&self) -> Result<String, Error> {
148        unsafe { get_os() }
149    }
150
151    pub fn get_arch(&self) -> Result<String, Error> {
152        unsafe { get_arch() }
153    }
154
155    pub fn call(&self, url: &str, func: &str, args: Vec<&str>) -> Result<String, Error> {
156        unsafe {
157            call(Json(Module {
158                url: url.into(),
159                function: func.into(),
160                args: args.join(" "),
161            }))
162        }
163    }
164
165    pub fn google_secret_manager(
166        &self,
167        project: &str,
168        google_credentials_file: &str,
169    ) -> Result<SecretManager, Error> {
170        let provider = Provider::Google(GoogleConfig {
171            google_project: Some(project.to_string()),
172            google_credentials_file: Some(google_credentials_file.into()),
173            ..Default::default()
174        });
175        let id = unsafe { add_secretmanager(Json(provider))? };
176        Ok(SecretManager { id })
177    }
178
179    pub fn aws_secrets_manager(
180        &self,
181        region: &str,
182        access_key_id: &str,
183        secret_access_key: &str,
184    ) -> Result<SecretManager, Error> {
185        let provider = Provider::Aws(AwsConfig {
186            aws_region: region.into(),
187            aws_access_key_id: Some(access_key_id.to_string()),
188            aws_secret_access_key: Some(secret_access_key.to_string()),
189        });
190        let id = unsafe { add_secretmanager(Json(provider))? };
191        Ok(SecretManager { id })
192    }
193
194    pub fn azure_keyvault(
195        &self,
196        client_id: &str,
197        client_secret: &str,
198        tenant_id: &str,
199        keyvault_name: &str,
200        keyvault_url: &str,
201    ) -> Result<SecretManager, Error> {
202        let provider = Provider::Azure(AzureConfig {
203            credential: AzureCredential {
204                azure_client_id: Some(client_id.to_string()),
205                azure_client_secret: Some(client_secret.to_string()),
206                azure_tenant_id: Some(tenant_id.to_string()),
207            },
208            azure_keyvault_name: Some(keyvault_name.to_string()),
209            azure_keyvault_url: Some(keyvault_url.to_string()),
210        });
211        let id = unsafe { add_secretmanager(Json(provider))? };
212        Ok(SecretManager { id })
213    }
214
215    pub fn hashicorp_vault(
216        &self,
217        address: &str,
218        token: &str,
219        cacert: Option<&str>,
220    ) -> Result<SecretManager, Error> {
221        let provider = Provider::Hashicorp(HashicorpVaultConfig {
222            vault_address: Some(address.to_string()),
223            vault_token: Some(token.to_string()),
224            vault_cacert: cacert.map(|x| x.into()),
225        });
226        let id = unsafe { add_secretmanager(Json(provider))? };
227        Ok(SecretManager { id })
228    }
229
230    pub fn set_secret(&self, name: &str, value: &str) -> Result<Secret, Error> {
231        let id = unsafe { set_secret(Json(vec![name.into(), value.into()]))? };
232        Ok(Secret {
233            id,
234            name: name.into(),
235            mount: "default".into(),
236        })
237    }
238}
fluentci_pdk/lib.rs

fluentci_pdk/
lib.rs
