Crate gloves

Source

Expand description

Gloves provides a dual-backend secrets manager.

Modules§

agent: Agent backend modules.
audit: Audit log module.
cli: Command-line interface.
config: Configuration file parsing and validation.
error: Error types and result aliases.
fs_secure: Secure filesystem helpers.
human: Human backend modules.
manager: Unified secrets manager.
paths: Filesystem path definitions.
reaper: TTL reaper.
registry: Agent registry.
runtime_bridge: Runtime bridge helpers for private operator integrations.
secret_ref: Portable secret references.
types: Core domain types (SecretId, AgentId, etc.).
vault: Encrypted volume management. Vault orchestration for encrypted volumes.

Structs§

AgentAccessFile: Raw per-agent access policy from TOML.
AgentAccessPolicy: Effective access policy for one configured agent.
AgentId: Opaque agent identifier.
AgentSecretsAccessFile: Raw per-agent secret access policy from TOML.
AgentVaultAccessFile: Raw per-agent vault access policy from TOML.
AgentVaultAccessPolicy: Effective vault access policy for one configured agent.
ConfigPathsFile: Raw [paths] section from TOML.
ConfigSelection: Resolved config selection before parsing.
DaemonBootstrapConfig: Effective daemon config after defaults and validation.
DaemonConfigFile: Raw [daemon] section from TOML.
DefaultBootstrapConfig: Effective default values after defaults and validation.
DefaultsConfigFile: Raw [defaults] section from TOML.
GlovesConfig: Effective and validated .gloves.toml configuration.
GlovesConfigFile: Raw TOML shape for one .gloves.toml file.
IntegrationConfig: Effective integration config after defaults and validation.
IntegrationConfigFile: Raw integration entry from TOML.
ResolvedAgentPathAccess: Resolved path visibility entry for one agent.
SecretAccessFile: Raw per-agent secret ACL from TOML.
SecretAccessPolicy: Effective secret ACL policy for one configured agent.
SecretId: Opaque secret identifier.
SecretPipeCommandPolicy: Effective pipe policy for one command.
SecretPipeCommandPolicyFile: Raw pipe policy for one command from TOML.
SecretPipePoliciesFile: Raw per-command pipe policy set from TOML.
SecretRef: Stable runtime-neutral reference to a stored secret.
SecretValue: Secret value wrapper that avoids accidental logging.
SecretsConfigFile: Raw [secrets] section from TOML.
SecretsPaths: Canonical path layout for secrets runtime files.
VaultBootstrapConfig: Effective vault mode after defaults and validation.
VaultConfigFile: Raw [vault] section from TOML.

Enums§

ConfigSource: Source used to select the effective config file.
GlovesError: Top-level application errors.
Owner: Distinguishes human-owned and agent-owned secrets.
PathOperation: Allowed operations for one agent’s private-path visibility.
SecretAclOperation: Allowed operations for one agent’s secret ACL.
SecretRefParseError: Validation errors for portable secret references.
ValidationError: Validation failures for identifiers.
VaultMode: Runtime mode for vault command availability and dependency enforcement.

Constants§

CONFIG_FILE_NAME: Default bootstrap config file name.
CONFIG_SCHEMA_VERSION: Supported bootstrap config schema version.
DEFAULT_SECRET_TTL_DAYS: Built-in default secret and request TTL in days when config does not override it.

Functions§

discover_config: Discovers .gloves.toml by walking from start_dir to filesystem root.
resolve_config_path: Resolves one config path based on precedence rules.

Type Aliases§

Result: A typed result used across the crate.

Crate gloves

Crate gloves Copy item path

Modules§

Structs§

Enums§

Constants§

Functions§

Type Aliases§

Crate gloves