Skip to main content

zlayer_types/api/
credentials.rs

1//! Credential management DTOs (registry and git credentials).
2//!
3//! These types mirror the credential records stored by `zlayer-secrets`
4//! but are defined here as wire types so they can be reused by clients
5//! without depending on the secrets crate.
6
7use serde::{Deserialize, Serialize};
8
9/// Registry credential metadata (returned by list/create; no password).
10#[derive(Debug, Clone, Serialize, Deserialize, utoipa::ToSchema)]
11pub struct RegistryCredentialResponse {
12    /// Unique identifier.
13    pub id: String,
14    /// Registry hostname, e.g. `"docker.io"`, `"ghcr.io"`.
15    pub registry: String,
16    /// Username for authentication.
17    pub username: String,
18    /// Authentication method.
19    pub auth_type: RegistryAuthTypeSchema,
20}
21
22/// Authentication method for a registry credential (`OpenAPI` schema).
23#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq, utoipa::ToSchema)]
24#[serde(rename_all = "snake_case")]
25pub enum RegistryAuthTypeSchema {
26    /// HTTP Basic authentication (username + password).
27    Basic,
28    /// Bearer token authentication.
29    Token,
30}
31
32/// Git credential metadata (returned by list/create; no secret value).
33#[derive(Debug, Clone, Serialize, Deserialize, utoipa::ToSchema)]
34pub struct GitCredentialResponse {
35    /// Unique identifier.
36    pub id: String,
37    /// Human-readable display label.
38    pub name: String,
39    /// Credential kind.
40    pub kind: GitCredentialKindSchema,
41}
42
43/// Kind of git credential (`OpenAPI` schema).
44#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Eq, utoipa::ToSchema)]
45#[serde(rename_all = "snake_case")]
46pub enum GitCredentialKindSchema {
47    /// Personal access token.
48    Pat,
49    /// SSH private key.
50    SshKey,
51}
52
53/// Body for `POST /api/v1/credentials/registry`.
54#[derive(Debug, Serialize, Deserialize, utoipa::ToSchema)]
55pub struct CreateRegistryCredentialRequest {
56    /// Registry hostname (e.g. `"docker.io"`).
57    pub registry: String,
58    /// Username for authentication.
59    pub username: String,
60    /// Password or token value (stored encrypted, never returned).
61    pub password: String,
62    /// Authentication method.
63    pub auth_type: RegistryAuthTypeSchema,
64}
65
66/// Body for `POST /api/v1/credentials/git`.
67#[derive(Debug, Serialize, Deserialize, utoipa::ToSchema)]
68pub struct CreateGitCredentialRequest {
69    /// Human-readable label (e.g. `"GitHub PAT for ci"`).
70    pub name: String,
71    /// PAT or SSH key content (stored encrypted, never returned).
72    pub value: String,
73    /// Credential kind.
74    pub kind: GitCredentialKindSchema,
75}