greentic-secrets-api 0.5.0

Shared traits and types for Greentic secrets backends.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

#![cfg_attr(not(feature = "std"), no_std)]

#[cfg(not(feature = "std"))]
extern crate alloc;

#[cfg(not(feature = "std"))]
use alloc::{borrow::Cow, string::String, vec::Vec};
#[cfg(feature = "std")]
use std::{borrow::Cow, string::String, vec::Vec};

use async_trait::async_trait;
use thiserror::Error;

#[cfg(feature = "std")]
use anyhow::Error as AnyhowError;

/// Error conditions that can occur while interacting with a secrets provider.
#[derive(Debug, Error)]
pub enum SecretError {
    #[error("not found: {0}")]
    NotFound(String),

    #[error("permission denied: {0}")]
    Permission(String),

    #[error("backend error: {0}")]
    Backend(Cow<'static, str>),

    #[cfg(feature = "std")]
    #[error(transparent)]
    Other(#[from] AnyhowError),
}

/// Result type returned by [`SecretsManager`].
pub type Result<T> = core::result::Result<T, SecretError>;

/// Minimal secrets manager interface shared between hosts and providers.
#[async_trait]
pub trait SecretsManager: Send + Sync {
    /// Read the secret data stored at `path`.
    async fn read(&self, path: &str) -> Result<Vec<u8>>;

    /// Overwrite the secret data stored at `path`.
    async fn write(&self, path: &str, bytes: &[u8]) -> Result<()>;

    /// Delete the secret stored at `path`.
    async fn delete(&self, path: &str) -> Result<()>;
}