Skip to main content

TeeClient

phala_tee_deploy_rs

Struct TeeClient 

Source 
pub struct TeeClient { /* private fields */ }
Expand description

Client for interacting with the Phala TEE Cloud API.

TeeClient provides low-level access to the Phala Cloud API for deploying and managing containerized applications in a Trusted Execution Environment (TEE). This client handles authentication, API requests, and encryption of sensitive data.

For most use cases, consider using the higher-level TeeDeployer API instead, which provides a more ergonomic interface built on top of this client.

§Features

  • Direct API access to the Phala TEE Cloud
  • Secure environment variable encryption
  • TEEPod discovery and selection
  • Application deployment and management

Implementations§

Source§

impl TeeClient

Source

pub fn new(config: DeploymentConfig) -> Result<Self, Error>

Creates a new TeeClient with the given configuration.

§Parameters
  • config - The deployment configuration including API credentials and default settings
§Returns

A new TeeClient instance if successful

§Errors

Returns an error if the HTTP client cannot be created

Source

pub async fn deploy(&self) -> Result<DeploymentResponse, Error>

Deploys a container to the TEE environment using the client’s configuration.

This method uses the configuration set during client creation to deploy an application. It handles VM configuration, encryption, and API communication.

§Returns

A DeploymentResponse containing the deployment details if successful

§Errors

Returns an error if:

  • The API request fails
  • Environment variables cannot be encrypted
  • The API returns an error response
Source

pub async fn get_compose(&self, app_id: &str) -> Result<ComposeResponse, Error>

Retrieves the current Docker Compose configuration for an application.

§Parameters
  • app_id - The ID of the application to get the configuration for
§Returns

A ComposeResponse containing the compose file and encryption public key

§Errors

Returns an error if the API request fails or the application is not found

Source

pub async fn update_compose( &self, app_id: &str, compose_file: Value, env_vars: Option<HashMap<String, String>>, env_pubkey: String, ) -> Result<Value, Error>

Updates the Docker Compose configuration for an existing application.

This method can update both the application configuration and its environment variables.

§Parameters
  • app_id - The ID of the application to update
  • compose_file - The new Docker Compose configuration
  • env_vars - Optional new environment variables
  • env_pubkey - The public key for encrypting environment variables
§Returns

A JSON value containing the update operation result

§Errors

Returns an error if:

  • The API request fails
  • The application is not found
  • Environment variables cannot be encrypted
Source

pub async fn get_available_teepods( &self, ) -> Result<TeePodDiscoveryResponse, Error>

Retrieves a list of available TEEPods from the Phala Cloud API.

This method queries the API for TEEPods that are available for deployment, providing detailed diagnostics for any connection issues.

§Returns

A JSON value containing the list of available TEEPods if successful

§Errors

Returns an error if:

  • The network request fails (timeout, connection issues, etc.)
  • The API returns an error response
  • The response cannot be parsed as valid JSON
Source

pub async fn get_pubkey_for_config( &self, vm_config: &Value, ) -> Result<PubkeyResponse, Error>

Retrieves the encryption public key for a custom VM configuration.

§Parameters
  • vm_config - The VM configuration as a JSON value
§Returns

A JSON value containing the public key and salt for encryption

§Errors

Returns an error if the API request fails or returns an error

Source

pub async fn deploy_with_config_do_encrypt( &self, vm_config: Value, env_vars: &[(String, String)], app_env_encrypt_pubkey: &str, app_id_salt: &str, ) -> Result<DeploymentResponse, Error>

Deploys a container with a custom VM configuration and encrypts environment variables.

This method handles the encryption of environment variables and then calls deploy_with_config_encrypted_env to perform the actual deployment.

§Parameters
  • vm_config - The VM configuration as a JSON value
  • env_vars - Environment variables to encrypt and include in the deployment
  • app_env_encrypt_pubkey - The public key for encrypting environment variables
  • app_id_salt - The salt value for encryption
§Returns

A DeploymentResponse containing the deployment details if successful

§Errors

Returns an error if:

  • Environment variable encryption fails
  • The API request fails
  • The API returns an error response
Source

pub async fn deploy_with_config_encrypted_env( &self, vm_config: Value, encrypted_env: String, app_env_encrypt_pubkey: &str, app_id_salt: &str, ) -> Result<DeploymentResponse, Error>

Deploys a container with a custom VM configuration and pre-encrypted environment variables.

This method is the final step in the deployment process, sending the VM configuration and encrypted environment variables to the API.

§Parameters
  • vm_config - The VM configuration as a JSON value
  • encrypted_env - Pre-encrypted environment variables as a string
  • app_env_encrypt_pubkey - The public key used for encryption
  • app_id_salt - The salt value used for encryption
§Returns

A DeploymentResponse containing the deployment details if successful

§Errors

Returns an error if the API request fails or returns an error

Source

pub async fn provision_eliza( &self, name: String, character_file: String, env_keys: Vec<String>, image: String, ) -> Result<(String, String), Error>

Provisions a new ELIZA chatbot deployment.

This method initiates the ELIZA deployment process by requesting an app_id and encryption key from the API. This is the first step in the two-step deployment process.

§Parameters
  • name - Name for the ELIZA deployment
  • character_file - Character configuration file content
  • env_keys - List of environment variable keys to include
  • image - Docker image to use for the deployment
§Returns

A tuple containing:

  • app_id - The ID of the provisioned application
  • app_env_encrypt_pubkey - The public key for encrypting environment variables
§Errors

Returns an error if:

  • The API request fails
  • Invalid configuration is provided
  • The response cannot be parsed
Source

pub async fn create_eliza_vm( &self, app_id: &str, encrypted_env: &str, ) -> Result<DeploymentResponse, Error>

Creates a VM for an ELIZA deployment with encrypted environment variables.

This method is the second step in the ELIZA deployment process, creating the actual VM with the provided encrypted environment variables.

§Parameters
  • app_id - The ID of the provisioned application
  • encrypted_env - Pre-encrypted environment variables
§Returns

A DeploymentResponse containing the deployment details and status

§Errors

Returns an error if:

  • The API request fails
  • The deployment cannot be created
  • The response cannot be parsed
Source

pub async fn get_network_info( &self, app_id: &str, ) -> Result<NetworkInfoResponse, Error>

Retrieves network information for a deployed application.

This method fetches network connectivity details, status, and public URLs for accessing the deployed application.

§Parameters
  • app_id - The ID of the application to get network information for
§Returns

A NetworkInfoResponse containing network details including status and URLs

§Errors

Returns an error if:

  • The API request fails
  • The application is not found
  • The network information cannot be retrieved
Source

pub async fn get_system_stats( &self, app_id: &str, ) -> Result<SystemStatsResponse, Error>

Retrieves system statistics for a deployed application.

This method fetches detailed system information including OS details, CPU, memory, disk usage, and load averages for a deployed containerized application.

§Parameters
  • app_id - The ID of the application to get system statistics for
§Returns

A SystemStatsResponse containing system information if successful

§Errors

Returns an error if:

  • The API request fails
  • The application is not found
  • The system statistics cannot be retrieved
Source

pub async fn get_cvm(&self, cvm_id: &str) -> Result<CvmInfo, Error>

Get CVM details including status. GET /api/v1/cvms/{cvm_id}

Source

pub async fn get_state(&self, cvm_id: &str) -> Result<CvmStateResponse, Error>

Get CVM state (running, stopped, etc.). GET /api/v1/cvms/{cvm_id}/state

Source

pub async fn start_cvm(&self, cvm_id: &str) -> Result<CvmInfo, Error>

Start a stopped CVM. POST /api/v1/cvms/{cvm_id}/start

Source

pub async fn shutdown_cvm(&self, cvm_id: &str) -> Result<CvmInfo, Error>

Graceful shutdown (SIGTERM, then SIGKILL after timeout). POST /api/v1/cvms/{cvm_id}/shutdown

Source

pub async fn stop_cvm(&self, cvm_id: &str) -> Result<CvmInfo, Error>

Force stop (immediate, like power loss). POST /api/v1/cvms/{cvm_id}/stop

Source

pub async fn delete_cvm(&self, cvm_id: &str) -> Result<(), Error>

Permanently delete a stopped CVM (irreversible). DELETE /api/v1/cvms/{cvm_id}

Source

pub async fn get_attestation( &self, cvm_id: &str, ) -> Result<AttestationResponse, Error>

Get TEE attestation data. GET /api/v1/cvms/{cvm_id}/attestation

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more