Skip to main content

Crate rtb_credentials

Crate rtb_credentials 

Source
Expand description

OS-keychain-backed credential store, with precedence-aware resolution via Resolver.

§Precedence

Downstream tools declare credentials via CredentialRef and call Resolver::resolve to fetch the underlying secret. The canonical chain is env > keychain > literal > fallback_env:

  1. Environment variablecref.env points at the var name.
  2. OS keychaincref.keychain holds service/account.
  3. Literalcref.literal is the secret itself. Rejected under CI=true to avoid secrets landing in CI logs.
  4. Fallback envcref.fallback_env is an ecosystem-default (ANTHROPIC_API_KEY, etc.).

§Secrets never cross untyped boundaries

Every public function that touches a secret uses secrecy::SecretString: Debug renders [REDACTED]; memory is zeroed on drop.

§Backends

Platform-native backends are selected at compile time via the keyring crate’s feature flags:

PlatformDefault backendPersistence
macOSKeychain (apple-native)Cross-session
WindowsCredential Manager (windows-native)Cross-session
LinuxKernel keyutils (linux-native)Session-scoped

On Linux the default is session-scoped because enabling the freedesktop Secret Service backend pulls in libdbus-sys, which requires pkg-config + libdbus-1-dev on the build host. Downstream tools that need reboot-persistent Linux storage enable the credentials-linux-persistent feature on rtb (or linux-persistent on rtb-credentials directly).

See docs/development/specs/2026-04-22-rtb-credentials-v0.1.md for the authoritative contract.

Re-exports§

pub use bearing::CredentialBearing;
pub use error::CredentialError;
pub use reference::CredentialRef;
pub use reference::KeychainRef;
pub use resolver::ResolutionOutcome;
pub use resolver::ResolutionSource;
pub use resolver::Resolver;
pub use store::CredentialStore;
pub use store::EnvStore;
pub use store::KeyringStore;
pub use store::LiteralStore;
pub use store::MemoryStore;

Modules§

bearing
CredentialBearing — the introspection seam used by rtb-cli’s credentials subtree to enumerate the CredentialRefs a downstream tool’s config knows about.
error
Typed errors for the credentials subsystem.
reference
Config-serialisable reference to a credential.
resolver
The Resolver — walks a CredentialRef through the precedence chain defined by the framework spec.
store
The CredentialStore trait and its built-in implementations.

Traits§

ExposeSecret
Expose a reference to an inner secret

Type Aliases§

SecretString
Secret string type.