xand_secrets/
lib.rs

1#![forbid(unsafe_code)]
2
3use async_trait::async_trait;
4
5pub use secrecy::{ExposeSecret, Secret};
6use thiserror::Error;
7
8use std::error::Error as StdError;
9
10#[derive(Debug, Error)]
11pub enum ReadSecretError {
12    #[error("the key \"{key}\" was not found within the secret store")]
13    KeyNotFound { key: String },
14    #[error("authentication with the secret store failed. {internal_error}")]
15    Authentication {
16        #[source]
17        internal_error: Box<dyn StdError + Send + Sync>,
18    },
19    #[error("a request to the secret store returned an unhandled error. {internal_error}")]
20    Request {
21        #[source]
22        internal_error: Box<dyn StdError + Send + Sync>,
23    },
24}
25
26#[derive(Debug, Error)]
27pub enum CheckHealthError {
28    /// We reached the remote endpoint but failed to authenticate
29    #[error("authentication with the secret store failed. {internal_error}")]
30    Authentication {
31        #[source]
32        internal_error: Box<dyn StdError + Send + Sync>,
33    },
34    /// We reached the remote endpoint and it indicated that it was unhealthy
35    #[error("the remote endpoint signalled an internal health issue. {internal_error}")]
36    RemoteInternal {
37        #[source]
38        internal_error: Box<dyn StdError + Send + Sync>,
39    },
40    /// We could not reach the remote endpoint.
41    #[error("remote endpoint unreachable. {internal_error}")]
42    Unreachable {
43        #[source]
44        internal_error: Box<dyn StdError + Send + Sync>,
45    },
46}
47
48#[async_trait]
49pub trait SecretKeyValueStore: Send + Sync {
50    async fn read(&self, key: &str) -> Result<Secret<String>, ReadSecretError>;
51
52    async fn check_health(&self) -> Result<(), CheckHealthError>;
53}