rust-tokio-supervisor 0.1.3

A Rust tokio supervisor with declarative task supervision, restart policy, shutdown coordination, and observability.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271

//! Structured dashboard IPC errors.
//!
//! The dashboard feature exchanges errors with relay code over JSON. This
//! module keeps those errors typed so tests can assert code, stage, target, and
//! retry behavior without parsing strings.

use schemars::JsonSchema;
use serde::{Deserialize, Serialize};
use thiserror::Error;

/// Error returned by target-side dashboard IPC handlers.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, JsonSchema, Error)]
#[error("{code} at {stage}: {message}")]
pub struct DashboardError {
    /// Machine-readable error code.
    pub code: String,
    /// Processing stage that produced the error.
    pub stage: String,
    /// Optional target process identifier related to the error.
    pub target_id: Option<String>,
    /// Human-readable diagnostic message.
    pub message: String,
    /// Whether a caller can retry after the reported condition changes.
    pub retryable: bool,
}

impl DashboardError {
    /// Creates a structured dashboard error.
    ///
    /// # Arguments
    ///
    /// - `code`: Stable machine-readable error code.
    /// - `stage`: Processing stage that produced the error.
    /// - `target_id`: Optional target process identifier.
    /// - `message`: Human-readable diagnostic message.
    /// - `retryable`: Whether a retry can later succeed.
    ///
    /// # Returns
    ///
    /// Returns a [`DashboardError`] value ready for JSON serialization.
    pub fn new(
        code: impl Into<String>,
        stage: impl Into<String>,
        target_id: Option<String>,
        message: impl Into<String>,
        retryable: bool,
    ) -> Self {
        Self {
            code: code.into(),
            stage: stage.into(),
            target_id,
            message: message.into(),
            retryable,
        }
    }

    /// Creates an unsupported method error.
    ///
    /// # Arguments
    ///
    /// - `method`: Method name rejected by the parser.
    ///
    /// # Returns
    ///
    /// Returns a non-retryable [`DashboardError`].
    pub fn unsupported_method(method: impl AsRef<str>) -> Self {
        Self::new(
            "unsupported_method",
            "protocol_parse",
            None,
            format!("unsupported dashboard IPC method {}", method.as_ref()),
            false,
        )
    }

    /// Creates a validation error.
    ///
    /// # Arguments
    ///
    /// - `stage`: Validation stage.
    /// - `target_id`: Optional target process identifier.
    /// - `message`: Human-readable validation message.
    ///
    /// # Returns
    ///
    /// Returns a non-retryable [`DashboardError`].
    pub fn validation(
        stage: impl Into<String>,
        target_id: Option<String>,
        message: impl Into<String>,
    ) -> Self {
        Self::new("validation_failed", stage, target_id, message, false)
    }

    /// Creates a target unavailable error.
    ///
    /// # Arguments
    ///
    /// - `stage`: Processing stage that tried to use the target.
    /// - `target_id`: Target process identifier.
    /// - `message`: Human-readable diagnostic message.
    ///
    /// # Returns
    ///
    /// Returns a retryable [`DashboardError`].
    pub fn target_unavailable(
        stage: impl Into<String>,
        target_id: impl Into<String>,
        message: impl Into<String>,
    ) -> Self {
        Self::new(
            "target_unavailable",
            stage,
            Some(target_id.into()),
            message,
            true,
        )
    }

    // ------------------------------------------------------------------
    // IPC security error constructors
    // ------------------------------------------------------------------

    /// Creates a socket owner mismatch error.
    pub fn ipc_socket_owner_mismatch(message: impl Into<String>) -> Self {
        Self::new(
            "ipc_socket_owner_mismatch",
            "ipc_bind",
            None,
            message,
            false,
        )
    }

    /// Creates a peer credential uid mismatch error.
    pub fn peer_cred_uid_mismatch(expected: u32, got: u32) -> Self {
        Self::new(
            "peer_cred_uid_mismatch",
            "peer_credentials",
            None,
            format!("peer uid mismatch: expected {expected}, got {got}"),
            false,
        )
    }

    /// Creates a peer credential gid not allowed error.
    pub fn peer_cred_gid_not_allowed(gid: u32) -> Self {
        Self::new(
            "peer_cred_gid_not_allowed",
            "peer_credentials",
            None,
            format!("peer gid {gid} is not in the allowed gid list"),
            false,
        )
    }

    /// Creates a peer credential pid not allowed error.
    pub fn peer_cred_pid_not_allowed(pid: u32) -> Self {
        Self::new(
            "peer_cred_pid_not_allowed",
            "peer_credentials",
            None,
            format!("peer pid {pid} is not in the allowed pid list"),
            false,
        )
    }

    /// Creates a peer credential unavailable error.
    pub fn peer_cred_unavailable(message: impl Into<String>) -> Self {
        Self::new(
            "peer_cred_unavailable",
            "peer_credentials",
            None,
            message,
            false,
        )
    }

    /// Creates an authorization denied error.
    pub fn authz_denied(method: impl Into<String>) -> Self {
        Self::new(
            "authz_denied",
            "authorization",
            None,
            format!("command {} is not authorized", method.into()),
            false,
        )
    }

    /// Creates an authorization not configured error.
    pub fn authz_not_configured() -> Self {
        Self::new(
            "authz_not_configured",
            "authorization",
            None,
            "command authorization is not configured",
            false,
        )
    }

    /// Creates a replay detected error.
    pub fn replay_detected(request_id: impl Into<String>) -> Self {
        Self::new(
            "replay_detected",
            "replay_protection",
            None,
            format!("replay detected for request_id {}", request_id.into()),
            false,
        )
    }

    /// Creates a request too large error.
    pub fn request_too_large(actual: usize, max_bytes: usize) -> Self {
        Self::new(
            "request_too_large",
            "size_limit",
            None,
            format!("request body {actual} bytes exceeds limit of {max_bytes} bytes"),
            false,
        )
    }

    /// Creates a rate limit exceeded error.
    pub fn rate_limit_exceeded() -> Self {
        Self::new(
            "rate_limit_exceeded",
            "rate_limit",
            None,
            "rate limit exceeded",
            false,
        )
    }

    /// Creates an audit write failed error.
    pub fn audit_write_failed(message: impl Into<String>) -> Self {
        Self::new("audit_write_failed", "audit", None, message, false)
    }

    /// Creates an audit queue full error.
    pub fn audit_queue_full() -> Self {
        Self::new(
            "audit_queue_full",
            "audit",
            None,
            "audit defer queue is full",
            false,
        )
    }

    /// Creates an allowlist denied error.
    pub fn allowlist_denied(path: impl Into<String>) -> Self {
        Self::new(
            "allowlist_denied",
            "allowlist",
            None,
            format!("external command not in allowlist: {}", path.into()),
            false,
        )
    }

    /// Creates an allowlist empty error.
    pub fn allowlist_empty() -> Self {
        Self::new(
            "allowlist_empty",
            "allowlist",
            None,
            "external command allowlist is empty — all external commands are denied",
            false,
        )
    }
}