lmrc_vault/
lib.rs

1//! # lmrc-vault
2//!
3//! HashiCorp Vault management library for the LMRC Stack.
4//!
5//! This library provides comprehensive functionality for managing HashiCorp Vault installations
6//! on Kubernetes/K3s clusters and interacting with the Vault API for secret management.
7//!
8//! ## Features
9//!
10//! - **Vault Deployment**: Deploy Vault to K3s/Kubernetes clusters via Helm
11//! - **Client Operations**: Read, write, list, and delete secrets (KV v2 engine)
12//! - **Authentication**: Token-based and Kubernetes service account authentication
13//! - **Initialization**: Initialize and unseal Vault clusters
14//! - **Policy Management**: Create and manage Vault policies
15//! - **Builder Pattern API**: Fluent, type-safe configuration
16//! - **Error Handling**: Comprehensive error types with context
17//!
18//! ## Quick Start
19//!
20//! ### Using Vault Client
21//!
22//! ```rust,no_run
23//! use lmrc_vault::{VaultClient, VaultConfig, SecretOperations};
24//!
25//! #[tokio::main]
26//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
27//!     // Create Vault client configuration
28//!     let config = VaultConfig::builder()
29//!         .address("https://vault.example.com:8200")
30//!         .token("hvs.CAESIJ...")
31//!         .build()?;
32//!
33//!     // Create client
34//!     let client = VaultClient::new(config)?;
35//!
36//!     // Write a secret (using trait methods)
37//!     client.write_secret(
38//!         "secret/data/myapp/config",
39//!         &[("db_password", "secure_pass"), ("api_key", "key123")]
40//!     ).await?;
41//!
42//!     // Read a secret
43//!     let secret = client.read_secret("secret/data/myapp/config").await?;
44//!     println!("Database password: {}", secret.get("db_password").unwrap());
45//!
46//!     Ok(())
47//! }
48//! ```
49//!
50//! ### Deploying Vault to K3s
51//!
52//! ```rust,no_run
53//! use lmrc_vault::{VaultDeployment, VaultDeploymentConfig};
54//!
55//! fn main() -> Result<(), Box<dyn std::error::Error>> {
56//!     let config = VaultDeploymentConfig::builder()
57//!         .namespace("vault")
58//!         .replicas(3)
59//!         .storage_size("10Gi")
60//!         .enable_ui(true)
61//!         .build()?;
62//!
63//!     let deployment = VaultDeployment::new(
64//!         "192.168.1.100",
65//!         "root",
66//!         config
67//!     );
68//!
69//!     // Deploy Vault via Helm (not async)
70//!     deployment.deploy()?;
71//!
72//!     // Initialize Vault (not async)
73//!     let init_result = deployment.initialize(5, 3)?;
74//!     println!("Root token: {}", init_result.root_token);
75//!     println!("Unseal keys: {:?}", init_result.unseal_keys);
76//!
77//!     Ok(())
78//! }
79//! ```
80
81pub mod client;
82pub mod config;
83pub mod deployment;
84pub mod error;
85pub mod manager;
86pub mod operations;
87
88// Re-exports
89pub use client::VaultClient;
90pub use config::{VaultConfig, VaultConfigBuilder, VaultDeploymentConfig};
91pub use deployment::VaultDeployment;
92pub use error::{Result, VaultError};
93pub use manager::VaultManager;
94pub use operations::{InitResult, SecretData, SecretOperations};