Expand description
Secure credential storage with multiple backends.
This crate provides credential storage with support for:
- OS Keychain: macOS Keychain, Windows Credential Manager, Linux Secret Service
- Environment Variables: For CI/CD and containerized environments
- Chain Store: Composable fallback between multiple backends
§Credential Resolution Order
When using ChainStore::default_chain(), credentials are resolved in this order:
- Environment variables (highest priority, for CI/CD)
DEVBOY_{PROVIDER}_TOKEN(e.g.,DEVBOY_GITHUB_TOKEN){PROVIDER}_TOKEN(fallback, e.g.,GITHUB_TOKEN)
- OS Keychain (for local development)
§Example
ⓘ
use devboy_storage::{ChainStore, CredentialStore};
// Use the default chain (env vars -> keychain)
let store = ChainStore::default_chain();
// This will check DEVBOY_GITHUB_TOKEN, then GITHUB_TOKEN,
// then keychain for "github.token"
let token = store.get("github.token")?;
// Or use keychain directly for local development
use devboy_storage::KeychainStore;
let keychain = KeychainStore::new();
keychain.store("gitlab.token", "glpat-xxx")?;Re-exports§
pub use cache::CachedStore;pub use ci::CI_HEURISTIC_VARS;pub use ci::CiActivation;pub use ci::CiDetection;pub use ci::CiPolicy;pub use ci::DEVBOY_CI_ENV;pub use ci::detect_ci_mode;pub use expiry::ExpiryWarning;pub use expiry::ExpiryWarningKind;pub use expiry::WARNING_WINDOW_DAYS;pub use expiry::check_rotation_reminders;pub use index::ApproveOnUse;pub use index::Gate;pub use index::GlobalIndex;pub use index::IndexEntry;pub use index::IndexError;pub use index::RotationMethod;pub use manifest::MANIFEST_RELATIVE_PATH;pub use manifest::ManifestError;pub use manifest::OverrideEntry;pub use manifest::PathRole;pub use manifest::ProjectManifest;pub use merge::MergeError;pub use merge::MergeOutput;pub use merge::MergeWarning;pub use merge::MergeWarningKind;pub use merge::OverrideField;pub use merge::ResolvedSecret;pub use merge::SecretOrigin;pub use merge::merge_manifest;pub use pattern_resolution::InheritanceWarning;pub use pattern_resolution::InheritanceWarningKind;pub use pattern_resolution::apply_pattern_inheritance;pub use router_cache::AdaptiveCache;pub use router_cache::CacheClock;pub use router_cache::DEFAULT_BASE_TTL;pub use router_cache::ManualClock;pub use router_cache::SystemClock;pub use router_config::DefaultRoute;pub use router_config::RouteRule;pub use router_config::RouterConfig;pub use router_config::RouterConfigError;pub use router_config::SOURCES_FILENAME;pub use router_config::SecretOverride;pub use router_config::SourceAccess;pub use router_config::SourceDefinition;pub use router_credentials::CredentialGraphError;pub use router_credentials::SOURCE_CREDENTIALS_PREFIX;pub use router_credentials::validate_source_credentials;pub use router_resolve::PathResolver;pub use router_resolve::ResolveError;pub use router_resolve::RouteDecision;pub use secret_path::PathError;pub use secret_path::SecretPath;pub use source::Capabilities;pub use source::CredentialRef;pub use source::GetOutcome;pub use source::RemoteRef;pub use source::SecretSource;pub use source::SourceError;pub use source::SourceStatus;pub use validation::FormatCheck;pub use validation::FormatRuleSource;pub use validation::validate_format;
Modules§
- cache
- In-memory TTL cache layer on top of a
CredentialStore. - ci
- Explicit CI-mode detection per ADR-021 §8 (“CI mode (explicit, not heuristic)”).
- expiry
- Expiry + rotation reminders per ADR-020 §3.
- index
- Global secret-metadata index per ADR-020 §3.
- manifest
- Per-project secret manifest per ADR-020 §4.
- merge
- Manifest-with-global-index merge per ADR-020 §4.
- pattern_
resolution - Pattern-id inheritance per ADR-020 §3 + ADR-023 §3.6.
- plugin_
client - Lifetime-managing client for subprocess
SecretSourceplugins per ADR-021 §10 (subprocess plugin lifetime contract). - plugin_
manifest - Sidecar manifest + plugin discovery for
SecretSourceplugins per ADR-021 §10. - plugin_
protocol - JSON-RPC over stdio wire protocol for
SecretSourceplugins per ADR-021 §10 (subprocess plugin extension). - router_
cache - In-memory cache for the source router per ADR-021 §7.
- router_
config - Router configuration loader per ADR-021 §2.
- router_
credentials - Source-credential recursion check per ADR-021 §4.
- router_
resolve - Path resolution algorithm per ADR-021 §2.
- secret_
path - Secret path validation per ADR-020 §2.
- source
SecretSourcetrait + supporting types per ADR-021 §1.- validation
- Format validation per ADR-021 §6 (the “validation framework”
umbrella) and ADR-020 §3 (
format_regex/pattern_idmetadata fields).
Structs§
- Chain
Store - Composable credential store that chains multiple backends.
- EnvVar
Store - Environment-variable-backed credential store.
- Keychain
Store - Credential store using the OS keychain.
- Memory
Store - In-memory credential store for testing.
Traits§
- Credential
Store - Credential storage trait.
Functions§
- build_
default_ store - Build the default credential chain, optionally wrapping the whole thing in a TTL cache. Call this from host binaries (CLI, MCP server entrypoint) so the cache configuration stays consistent.
- email_
key - Standard credential key for a provider’s email (used by Jira).
- token_
key - Standard credential key for a provider’s API token.
- wrap_
with_ cache - Build a store on top of a user-provided backend (mainly useful for CI variants or
custom test harnesses). Same cache semantics as
build_default_store.