1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
pub mod cli;
pub mod explain;
pub mod manpages;
pub mod providers;
#[cfg(feature = "cloud-pull-aws")]
pub use providers::aws as tsafe_aws;
#[cfg(feature = "cloud-pull-gcp")]
pub use providers::gcp as tsafe_gcp;
#[cfg(feature = "cloud-pull-vault")]
pub use providers::hcp as tsafe_hcp;
#[cfg(feature = "cloud-pull-keepass")]
pub use providers::keepass as tsafe_keepass;
#[cfg(feature = "cloud-pull-1password")]
pub use providers::onepassword as tsafe_op;
// Re-export the 1Password field-label normalisation function so that
// integration tests can verify the mapping contract without shelling out
// to `op`.
#[cfg(any(feature = "cloud-pull-1password", feature = "cloud-pull-vault", test))]
pub use op_mapping::op_field_label_to_key;
// Always-compiled module that holds the pure mapping logic so it is
// available for `#[cfg(test)]` regardless of feature flags.
pub mod op_mapping {
/// Normalise a 1Password field label to an env-style vault key.
///
/// Rule: spaces and hyphens → underscores, then uppercase.
/// The 1Password item name is **not** included in the output key.
///
/// Examples:
/// - `"My Secret"` → `"MY_SECRET"`
/// - `"db-password"` → `"DB_PASSWORD"`
/// - `"API_KEY"` → `"API_KEY"`
pub fn op_field_label_to_key(label: &str) -> String {
label.replace([' ', '-'], "_").to_uppercase()
}
}