haz-exec 0.1.0

Async task execution engine for haz.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231

//! [`ProcessSpawner`] trait, [`Process`] handle trait, and the
//! supporting value types every implementation produces.
//!
//! The trait pair abstracts the executor's view of the host OS's
//! process facilities so the production backend and the scriptable
//! test-double mock can share one shape. The production backend
//! [`StdProcessSpawner`](crate::std_impl::StdProcessSpawner) wraps
//! [`tokio::process::Command`]; the mock lives alongside under
//! [`crate::mock_impl`] but is gated to test builds only and is not
//! part of the crate's stable public surface. The trait associated
//! types still carry tokio types ([`tokio::io::AsyncRead`]); the
//! executor is tokio-bound by design and does not aim to be
//! runtime-neutral.
//!
//! Stream ownership is structural rather than convention. The
//! [`Spawned`] value returned from [`ProcessSpawner::spawn`] carries
//! the child's stdout and stderr as fields; callers move them into
//! reader tasks while keeping the [`Process`] value for waiting and
//! signalling. This mirrors the take-once invariant of
//! [`tokio::process::Child::stdout`] without exposing it as a runtime
//! check.

use std::ffi::OsString;
use std::future::Future;
use std::path::PathBuf;

use snafu::Snafu;
use tokio::io::AsyncRead;

/// Numeric process identifier as reported by the host OS.
///
/// Wraps [`u32`] so the type system distinguishes a process id from
/// every other numeric identifier the codebase carries.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
pub struct ProcessId(pub u32);

/// Termination or cancellation signal the executor delivers to a
/// child process during the cancellation flow (`EXEC-013`,
/// `EXEC-014`).
///
/// The variants are intentionally limited to the signals the executor
/// actually uses; this is not a full POSIX signal vocabulary.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
pub enum Signal {
    /// `SIGINT`, the interactive interrupt (e.g. Ctrl+C). Mapped to
    /// the platform equivalent on non-Unix hosts.
    Interrupt,
    /// `SIGTERM`, the polite-termination signal. Mapped to the
    /// platform equivalent on non-Unix hosts.
    Terminate,
    /// `SIGKILL`, the unconditional kill.
    Kill,
}

/// Final state of a child process as reported by [`Process::wait`].
///
/// Aliased to [`std::process::ExitStatus`] so callers can use the
/// platform-extension traits (e.g. `ExitStatusExt::signal()` on Unix)
/// without an extra conversion layer.
pub type ExitStatus = std::process::ExitStatus;

/// Description of one process the executor wants to spawn.
///
/// Carries the program, its argument vector, the working directory
/// (always absolute), and the environment variables the child should
/// see. The [`Self::env`] vector is preserved verbatim by all
/// implementations so test assertions are deterministic.
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct SpawnPlan {
    /// The executable to launch. May be an absolute path
    /// (e.g. `/bin/sh`) or a name to be resolved via `PATH`
    /// (e.g. `echo`).
    pub program: OsString,
    /// The argument vector passed to the child. Does NOT include
    /// `argv[0]`; implementations supply that from [`Self::program`].
    pub args: Vec<OsString>,
    /// Environment variables the child receives. Order is preserved;
    /// when the same name appears twice, last-write-wins (matching
    /// [`std::process::Command::env`] semantics).
    pub env: Vec<(OsString, OsString)>,
    /// Working directory the child runs in. MUST be absolute.
    pub cwd: PathBuf,
}

/// Failure modes shared by every [`ProcessSpawner`] and [`Process`]
/// method.
#[derive(Debug, Snafu)]
#[snafu(visibility(pub(crate)))]
pub enum ProcessError {
    /// The cwd in the [`SpawnPlan`] was relative; absolute paths are
    /// required.
    #[snafu(display("expected absolute cwd, got: {}", cwd.display()))]
    NonAbsoluteCwd {
        /// Relative cwd that was rejected.
        cwd: PathBuf,
    },

    /// The OS refused to spawn the child (executable not found,
    /// permission denied, fork/exec failure, etc.).
    #[snafu(display(
        "failed to spawn process for: {}: {source}",
        program.to_string_lossy()
    ))]
    SpawnFailed {
        /// Program the executor tried to launch.
        program: OsString,
        /// Underlying I/O error.
        source: std::io::Error,
    },

    /// The OS refused to deliver a signal to the child, or the
    /// implementation does not support the requested signal on the
    /// host platform (e.g. SIGTERM / SIGINT on Windows).
    #[snafu(display("failed to deliver signal {signal:?} to pid {pid:?}: {source}"))]
    SignalFailed {
        /// Signal the executor tried to deliver.
        signal: Signal,
        /// Process id of the target, when available.
        pid: Option<ProcessId>,
        /// Underlying I/O error.
        source: std::io::Error,
    },

    /// Reaping the child failed.
    #[snafu(display("failed to wait for pid {pid:?}: {source}"))]
    WaitFailed {
        /// Process id of the target, when available.
        pid: Option<ProcessId>,
        /// Underlying I/O error.
        source: std::io::Error,
    },
}

/// Handle to one spawned child process.
///
/// Implementors expose the lifecycle operations the executor needs
/// after `spawn`: identity ([`Self::id`]), signal delivery
/// ([`Self::send_signal`]), and reaping ([`Self::wait`]).
///
/// stdout and stderr are NOT exposed through this trait. The
/// [`ProcessSpawner::spawn`] call extracts them and returns them as
/// fields on a [`Spawned`] value, which is the structural enforcement
/// of the take-once invariant on those streams.
pub trait Process {
    /// Concrete async byte-stream type the implementation uses for
    /// the child's stdout. Both [`StdProcess`](crate::std_impl::StdProcess)
    /// and the mock satisfy [`AsyncRead`] + [`Send`] + [`Unpin`].
    type Stdout: AsyncRead + Send + Unpin;
    /// Concrete async byte-stream type the implementation uses for
    /// the child's stderr.
    type Stderr: AsyncRead + Send + Unpin;

    /// Numeric process id, or [`None`] once the child has been
    /// reaped (after [`Self::wait`] resolves).
    fn id(&self) -> Option<ProcessId>;

    /// Deliver `signal` to the child. Best-effort: returns as soon as
    /// the signal is queued by the kernel; does NOT wait for the
    /// child to acknowledge or terminate.
    ///
    /// On Unix, the std backend targets the child's process group
    /// (`kill(-pgid, sig)`) so any subprocesses the task itself
    /// forked also receive the signal (`EXEC-013` step 2,
    /// `EXEC-014`). On non-Unix hosts, only [`Signal::Kill`] is
    /// implemented; [`Signal::Terminate`] and [`Signal::Interrupt`]
    /// surface [`std::io::ErrorKind::Unsupported`].
    ///
    /// # Errors
    ///
    /// Returns [`ProcessError::SignalFailed`] when the OS rejects the
    /// signal (e.g. the child has already been reaped) or when the
    /// implementation does not support the requested variant on the
    /// host platform.
    fn send_signal(&mut self, signal: Signal) -> Result<(), ProcessError>;

    /// Wait for the child to terminate and yield its exit status.
    ///
    /// # Errors
    ///
    /// Returns [`ProcessError::WaitFailed`] when reaping fails.
    fn wait(&mut self) -> impl Future<Output = Result<ExitStatus, ProcessError>> + Send;
}

/// Triple of values produced by [`ProcessSpawner::spawn`].
///
/// The owned-at-spawn shape: stdout and stderr are taken out of the
/// child once at spawn time and exposed as fields. Callers move them
/// into reader tasks while keeping [`Self::process`] for waiting and
/// signalling.
pub struct Spawned<P: Process> {
    /// Handle to the spawned child for waiting and signalling.
    pub process: P,
    /// Async byte stream of the child's stdout.
    pub stdout: P::Stdout,
    /// Async byte stream of the child's stderr.
    pub stderr: P::Stderr,
}

/// Trait for spawning child processes.
///
/// The production backend
/// [`StdProcessSpawner`](crate::std_impl::StdProcessSpawner) wraps
/// [`tokio::process::Command`]; a scriptable test-double mock lives
/// alongside under [`crate::mock_impl`] but is gated to test builds
/// only.
///
/// Consumers borrow a `ProcessSpawner` implementation generically
/// rather than depending on either concrete impl, which keeps test
/// code free of the production tokio command wiring while remaining
/// on the same tokio runtime.
pub trait ProcessSpawner {
    /// The implementation's concrete [`Process`] type.
    type Process: Process;

    /// Spawn a child process per `plan`.
    ///
    /// On success, both stdout and stderr are configured as pipes and
    /// returned in the [`Spawned`] value's fields; stdin is closed.
    /// The returned future is [`Send`] so the executor can spawn it
    /// onto a multi-threaded runtime.
    ///
    /// # Errors
    ///
    /// Returns [`ProcessError::NonAbsoluteCwd`] when `plan.cwd` is
    /// relative, and [`ProcessError::SpawnFailed`] when the OS
    /// refuses to launch the child.
    fn spawn(
        &self,
        plan: &SpawnPlan,
    ) -> impl Future<Output = Result<Spawned<Self::Process>, ProcessError>> + Send;
}