ward-cli 0.2.0

GitHub repository management for developers. Plan, apply, verify.
Documentation

GitHub repository management as infrastructure-as-code.

Rust License CI Crates.io

Install · Quick Start · Docs · Contributing

────────────────────────────────────────

What is Ward?

Ward is a Rust CLI that treats GitHub repository management as infrastructure-as-code. Declare your desired state in ward.toml, diff it against reality, apply changes, and verify the result. No shell scripts, no cloning, no guessing.

Install

# from crates.io (recommended)
cargo install ward-cli

# homebrew (macOS / Linux)
brew install OriginalMHV/tap/ward-cli

# shell script (macOS / Linux)
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/OriginalMHV/Ward/releases/latest/download/ward-cli-installer.sh | sh

# powershell (Windows)
powershell -ExecutionPolicy ByPass -c "irm https://github.com/OriginalMHV/Ward/releases/latest/download/ward-cli-installer.ps1 | iex"

# from source
git clone https://github.com/OriginalMHV/Ward.git
cd Ward && cargo install --path .

Requires Rust >= 1.85 (source install only) and a GitHub token (GH_TOKEN, GITHUB_TOKEN, or gh auth token). Token scopes needed: repo, read:org, workflow.

ward completions bash > ~/.bash_completion.d/ward
ward completions zsh  > ~/.zfunc/_ward
ward completions fish > ~/.config/fish/completions/ward.fish

Quick Start

ward init                               # interactive setup wizard
vim ward.toml                           # review and adjust config
ward repos list --system backend        # see what's out there
ward security plan --system backend     # dry-run: what would change?
ward security apply --system backend    # apply + auto-verify

Use ward init --non-interactive to scaffold a minimal ward.toml without the wizard.

Documentation

Guide Description
Configuration ward.toml format, systems, overrides
Commands Full CLI reference
Templates Built-in and custom Tera templates
TUI Dashboard Interactive terminal interface
CI Integration Using Ward in GitHub Actions
Architecture How Ward works under the hood

How it works

  Plan (read)  →  Apply (write)  →  Verify (read)

  Diff current    Execute with       Re-read from API,
  vs desired      audit logging      confirm match
  • No git cloning -- file commits use the Git Trees API (blob, tree, commit, update ref). Atomic, no filesystem side effects.
  • Idempotent -- detects existing state and skips what's already done.
  • Audit log -- every mutation logged to ~/.ward/audit.log as JSON lines. Query with jq.
  • Custom templates -- place .tera files in ~/.ward/templates/ to add or override built-in templates. Uses Tera (Jinja2-compatible).

────────────────────────────────────────

Contributing

See CONTRIBUTING.md for setup and workflow details.

cargo fmt && cargo clippy --tests -- -D warnings && cargo test

License

MIT. See LICENSE.