diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..44e6baf --- /dev/null +++ b/.dockerignore @@ -0,0 +1,9 @@ +target/ +.git/ +bin/ +*.md +docs/ +examples/ +charts/ +tests/ +.github/ diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3081ce1..68f8fc2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,42 +11,28 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: dtolnay/rust-toolchain@stable with: - go-version: "1.25" - - run: go vet ./... - - run: | - go install golang.org/x/tools/cmd/staticcheck@latest || true - if command -v staticcheck >/dev/null 2>&1; then - staticcheck ./... - else - echo "staticcheck not available, skipping" - fi + components: clippy, rustfmt + - run: cargo fmt --check + - run: cargo clippy -- -D warnings test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - with: - go-version: "1.25" - - run: go test ./... -count=1 -timeout 60s -race -coverprofile=coverage.out - - uses: actions/upload-artifact@v4 - with: - name: coverage - path: coverage.out + - uses: dtolnay/rust-toolchain@stable + - run: cargo test --all build: runs-on: ubuntu-latest needs: [lint, test] steps: - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - with: - go-version: "1.25" - - run: make build + - uses: dtolnay/rust-toolchain@stable + - run: cargo build --release - uses: actions/upload-artifact@v4 with: name: initium-binary - path: bin/initium + path: target/release/initium helm-lint: runs-on: ubuntu-latest steps: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b42dfd7..23934ab 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,40 +1,29 @@ name: Release - on: push: tags: - "v*" - permissions: contents: read packages: write id-token: write - jobs: release: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - - uses: actions/setup-go@v5 - with: - go-version: "1.25" - - - run: go test ./... -count=1 -timeout 60s -race - + - uses: dtolnay/rust-toolchain@stable + - run: cargo test --all - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract version id: version run: echo "VERSION=${GITHUB_REF#refs/tags/v}" >> "$GITHUB_OUTPUT" - - uses: docker/build-push-action@v6 with: context: . @@ -47,7 +36,6 @@ jobs: ghcr.io/kitstream/initium:latest sbom: true provenance: true - - uses: docker/build-push-action@v6 with: context: . @@ -61,4 +49,3 @@ jobs: ghcr.io/kitstream/initium-jyq:latest sbom: true provenance: true - diff --git a/.gitignore b/.gitignore index 5170e51..23de6af 100644 --- a/.gitignore +++ b/.gitignore @@ -1,17 +1,4 @@ -# IDE .idea/ -*.iml -# Go +target/ bin/ -*.exe -*.dll -*.so -*.dylib -# Test -*.test -*.out -coverage.out -# OS -.DS_Store -Thumbs.db -CLAUDE.md \ No newline at end of file +CLAUDE.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 50ec628..1a605a5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,16 +7,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed +- Complete rewrite from Go to Rust for ~76% smaller Docker images (7.4MB → 1.8MB) +- CLI framework changed from cobra to clap +- Template engine changed from Go text/template to minijinja (Jinja2-style); access env vars via `{{ env.VAR }}` +- CI/CD workflows updated for Rust toolchain (cargo test, clippy, rustfmt) +- Dockerfiles updated to use rust:1.85-alpine builder with musl static linking + ### Added - `exec` subcommand: run arbitrary commands with structured logging, exit code forwarding, and optional `--workdir` for child process working directory - `jyq.Dockerfile` and `initium-jyq` container image variant with pre-built `jq` and `yq` tools - Documentation for building custom images using Initium as a base - `fetch` subcommand and `internal/fetch` package: fetch secrets/config from HTTP(S) endpoints with auth header via env var, retry with backoff, TLS options, redirect control (same-site by default), and path traversal prevention -- `render` subcommand and `internal/render` package: render templates into config files with `envsubst` (default) and Go `text/template` modes, path traversal prevention, and automatic intermediate directory creation +- `render` subcommand and `internal/render` package: render templates into config files with `envsubst` (default) and Jinja2 template modes, path traversal prevention, and automatic intermediate directory creation - `seed` subcommand: run database seed commands with structured logging and exit code forwarding (no idempotency — distinct from `migrate`) - `migrate` subcommand: run database migration commands with structured logging, exit code forwarding, and optional idempotency via `--lock-file` - FAQ.md with functionality, security, and deployment questions for junior-to-mid-level engineers -- Project scaffolding with Go module, CLI framework (cobra), and repo layout +- Project scaffolding with Rust/Cargo, CLI framework (clap), and repo layout - `wait-for` subcommand: wait for TCP and HTTP(S) endpoints with retries, exponential backoff, and jitter - `internal/retry` package with configurable retry logic, backoff, and jitter - `internal/logging` package with text and JSON structured logging, automatic secret redaction diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 0000000..84fe2fe --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,1500 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 4 + +[[package]] +name = "adler2" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" + +[[package]] +name = "aho-corasick" +version = "1.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ddd31a130427c27518df266943a5308ed92d4b226cc639f5a8f1002816174301" +dependencies = [ + "memchr", +] + +[[package]] +name = "android_system_properties" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +dependencies = [ + "libc", +] + +[[package]] +name = "anstream" +version = "0.6.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43d5b281e737544384e969a5ccad3f1cdd24b48086a0fc1b2a5262a26b8f4f4a" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is_terminal_polyfill", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5192cca8006f1fd4f7237516f40fa183bb07f8fbdfedaa0036de5ea9b0b45e78" + +[[package]] +name = "anstyle-parse" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "40c48f72fd53cd289104fc64099abca73db4166ad86ea0b4341abe65af83dadc" +dependencies = [ + "windows-sys 0.61.2", +] + +[[package]] +name = "anstyle-wincon" +version = "3.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "291e6a250ff86cd4a820112fb8898808a366d8f9f58ce16d1f538353ad55747d" +dependencies = [ + "anstyle", + "once_cell_polyfill", + "windows-sys 0.61.2", +] + +[[package]] +name = "anyhow" +version = "1.0.102" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f202df86484c868dbad7eaa557ef785d5c66295e41b460ef922eca0723b842c" + +[[package]] +name = "ascii" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d92bec98840b8f03a5ff5413de5293bfcd8bf96467cf5452609f939ec6f5de16" + +[[package]] +name = "autocfg" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" + +[[package]] +name = "aws-lc-rs" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9a7b350e3bb1767102698302bc37256cbd48422809984b98d292c40e2579aa9" +dependencies = [ + "aws-lc-sys", + "zeroize", +] + +[[package]] +name = "aws-lc-sys" +version = "0.37.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b092fe214090261288111db7a2b2c2118e5a7f30dc2569f1732c4069a6840549" +dependencies = [ + "cc", + "cmake", + "dunce", + "fs_extra", +] + +[[package]] +name = "base64" +version = "0.22.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" + +[[package]] +name = "bitflags" +version = "2.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "843867be96c8daad0d758b57df9392b6d8d271134fce549de6ce169ff98a92af" + +[[package]] +name = "bumpalo" +version = "3.20.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5d20789868f4b01b2f2caec9f5c4e0213b41e3e5702a50157d699ae31ced2fcb" + +[[package]] +name = "cc" +version = "1.2.56" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aebf35691d1bfb0ac386a69bac2fde4dd276fb618cf8bf4f5318fe285e821bb2" +dependencies = [ + "find-msvc-tools", + "jobserver", + "libc", + "shlex", +] + +[[package]] +name = "cfg-if" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801" + +[[package]] +name = "chrono" +version = "0.4.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c673075a2e0e5f4a1dde27ce9dee1ea4558c7ffe648f576438a20ca1d2acc4b0" +dependencies = [ + "iana-time-zone", + "num-traits", + "windows-link", +] + +[[package]] +name = "chunked_transfer" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e4de3bc4ea267985becf712dc6d9eed8b04c953b3fcfb339ebc87acd9804901" + +[[package]] +name = "clap" +version = "4.5.60" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2797f34da339ce31042b27d23607e051786132987f595b02ba4f6a6dffb7030a" +dependencies = [ + "clap_builder", + "clap_derive", +] + +[[package]] +name = "clap_builder" +version = "4.5.60" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24a241312cea5059b13574bb9b3861cabf758b879c15190b37b6d6fd63ab6876" +dependencies = [ + "anstream", + "anstyle", + "clap_lex", + "strsim", +] + +[[package]] +name = "clap_derive" +version = "4.5.55" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a92793da1a46a5f2a02a6f4c46c6496b28c43638adea8306fcb0caa1634f24e5" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a822ea5bc7590f9d40f1ba12c0dc3c2760f3482c6984db1573ad11031420831" + +[[package]] +name = "cmake" +version = "0.1.57" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75443c44cd6b379beb8c5b45d85d0773baf31cce901fe7bb252f4eff3008ef7d" +dependencies = [ + "cc", +] + +[[package]] +name = "colorchoice" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" + +[[package]] +name = "core-foundation-sys" +version = "0.8.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" + +[[package]] +name = "crc32fast" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "displaydoc" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "dunce" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" + +[[package]] +name = "equivalent" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f" + +[[package]] +name = "errno" +version = "0.3.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb" +dependencies = [ + "libc", + "windows-sys 0.61.2", +] + +[[package]] +name = "fastrand" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" + +[[package]] +name = "find-msvc-tools" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5baebc0774151f905a1a2cc41989300b1e6fbb29aff0ceffa1064fdd3088d582" + +[[package]] +name = "flate2" +version = "1.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "843fba2746e448b37e26a819579957415c8cef339bf08564fe8b7ddbd959573c" +dependencies = [ + "crc32fast", + "miniz_oxide", +] + +[[package]] +name = "foldhash" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2" + +[[package]] +name = "form_urlencoded" +version = "1.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb4cb245038516f5f85277875cdaa4f7d2c9a0fa0468de06ed190163b1581fcf" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "fs_extra" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" + +[[package]] +name = "getrandom" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff2abc00be7fca6ebc474524697ae276ad847ad0a6b3faa4bcb027e9a4614ad0" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "getrandom" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "899def5c37c4fd7b2664648c28120ecec138e4d395b459e5ca34f9cce2dd77fd" +dependencies = [ + "cfg-if", + "libc", + "r-efi", + "wasip2", +] + +[[package]] +name = "getrandom" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "139ef39800118c7683f2fd3c98c1b23c09ae076556b435f8e9064ae108aaeeec" +dependencies = [ + "cfg-if", + "libc", + "r-efi", + "wasip2", + "wasip3", +] + +[[package]] +name = "hashbrown" +version = "0.15.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1" +dependencies = [ + "foldhash", +] + +[[package]] +name = "hashbrown" +version = "0.16.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "841d1cc9bed7f9236f321df977030373f4a4163ae1a7dbfe1a51a2c1a51d9100" + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + +[[package]] +name = "httpdate" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" + +[[package]] +name = "iana-time-zone" +version = "0.1.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e31bc9ad994ba00e440a8aa5c9ef0ec67d5cb5e5cb0cc7f8b744a35b389cc470" +dependencies = [ + "android_system_properties", + "core-foundation-sys", + "iana-time-zone-haiku", + "js-sys", + "log", + "wasm-bindgen", + "windows-core", +] + +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" +dependencies = [ + "cc", +] + +[[package]] +name = "icu_collections" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c6b649701667bbe825c3b7e6388cb521c23d88644678e83c0c4d0a621a34b43" +dependencies = [ + "displaydoc", + "potential_utf", + "yoke", + "zerofrom", + "zerovec", +] + +[[package]] +name = "icu_locale_core" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "edba7861004dd3714265b4db54a3c390e880ab658fec5f7db895fae2046b5bb6" +dependencies = [ + "displaydoc", + "litemap", + "tinystr", + "writeable", + "zerovec", +] + +[[package]] +name = "icu_normalizer" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f6c8828b67bf8908d82127b2054ea1b4427ff0230ee9141c54251934ab1b599" +dependencies = [ + "icu_collections", + "icu_normalizer_data", + "icu_properties", + "icu_provider", + "smallvec", + "zerovec", +] + +[[package]] +name = "icu_normalizer_data" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7aedcccd01fc5fe81e6b489c15b247b8b0690feb23304303a9e560f37efc560a" + +[[package]] +name = "icu_properties" +version = "2.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "020bfc02fe870ec3a66d93e677ccca0562506e5872c650f893269e08615d74ec" +dependencies = [ + "icu_collections", + "icu_locale_core", + "icu_properties_data", + "icu_provider", + "zerotrie", + "zerovec", +] + +[[package]] +name = "icu_properties_data" +version = "2.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "616c294cf8d725c6afcd8f55abc17c56464ef6211f9ed59cccffe534129c77af" + +[[package]] +name = "icu_provider" +version = "2.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85962cf0ce02e1e0a629cc34e7ca3e373ce20dda4c4d7294bbd0bf1fdb59e614" +dependencies = [ + "displaydoc", + "icu_locale_core", + "writeable", + "yoke", + "zerofrom", + "zerotrie", + "zerovec", +] + +[[package]] +name = "id-arena" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d3067d79b975e8844ca9eb072e16b31c3c1c36928edf9c6789548c524d0d954" + +[[package]] +name = "idna" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b0875f23caa03898994f6ddc501886a45c7d3d62d04d2d90788d47be1b1e4de" +dependencies = [ + "idna_adapter", + "smallvec", + "utf8_iter", +] + +[[package]] +name = "idna_adapter" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344" +dependencies = [ + "icu_normalizer", + "icu_properties", +] + +[[package]] +name = "indexmap" +version = "2.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7714e70437a7dc3ac8eb7e6f8df75fd8eb422675fc7678aff7364301092b1017" +dependencies = [ + "equivalent", + "hashbrown 0.16.1", + "serde", + "serde_core", +] + +[[package]] +name = "initium" +version = "0.1.0" +dependencies = [ + "chrono", + "clap", + "minijinja", + "rand", + "regex", + "rustls", + "serde", + "serde_json", + "tempfile", + "tiny_http", + "ureq", +] + +[[package]] +name = "is_terminal_polyfill" +version = "1.70.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a6cb138bb79a146c1bd460005623e142ef0181e3d0219cb493e02f7d08a35695" + +[[package]] +name = "itoa" +version = "1.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92ecc6618181def0457392ccd0ee51198e065e016d1d527a7ac1b6dc7c1f09d2" + +[[package]] +name = "jobserver" +version = "0.1.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9afb3de4395d6b3e67a780b6de64b51c978ecf11cb9a462c66be7d4ca9039d33" +dependencies = [ + "getrandom 0.3.4", + "libc", +] + +[[package]] +name = "js-sys" +version = "0.3.88" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7e709f3e3d22866f9c25b3aff01af289b18422cc8b4262fb19103ee80fe513d" +dependencies = [ + "once_cell", + "wasm-bindgen", +] + +[[package]] +name = "leb128fmt" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09edd9e8b54e49e587e4f6295a7d29c3ea94d469cb40ab8ca70b288248a81db2" + +[[package]] +name = "libc" +version = "0.2.182" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6800badb6cb2082ffd7b6a67e6125bb39f18782f793520caee8cb8846be06112" + +[[package]] +name = "linux-raw-sys" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a66949e030da00e8c7d4434b251670a91556f4144941d37452769c25d58a53" + +[[package]] +name = "litemap" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6373607a59f0be73a39b6fe456b8192fcc3585f602af20751600e974dd455e77" + +[[package]] +name = "log" +version = "0.4.29" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897" + +[[package]] +name = "memchr" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79" + +[[package]] +name = "minijinja" +version = "2.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c54f3bcc034dd74496b5ca929fd0b710186672d5ff0b0f255a9ceb259042ece" +dependencies = [ + "serde", +] + +[[package]] +name = "miniz_oxide" +version = "0.8.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316" +dependencies = [ + "adler2", + "simd-adler32", +] + +[[package]] +name = "num-traits" +version = "0.2.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" +dependencies = [ + "autocfg", +] + +[[package]] +name = "once_cell" +version = "1.21.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" + +[[package]] +name = "once_cell_polyfill" +version = "1.70.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "384b8ab6d37215f3c5301a95a4accb5d64aa607f1fcb26a11b5303878451b4fe" + +[[package]] +name = "percent-encoding" +version = "2.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b4f627cb1b25917193a259e49bdad08f671f8d9708acfd5fe0a8c1455d87220" + +[[package]] +name = "potential_utf" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b73949432f5e2a09657003c25bca5e19a0e9c84f8058ca374f49e0ebe605af77" +dependencies = [ + "zerovec", +] + +[[package]] +name = "ppv-lite86" +version = "0.2.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9" +dependencies = [ + "zerocopy", +] + +[[package]] +name = "prettyplease" +version = "0.2.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "479ca8adacdd7ce8f1fb39ce9ecccbfe93a3f1344b3d0d97f20bc0196208f62b" +dependencies = [ + "proc-macro2", + "syn", +] + +[[package]] +name = "proc-macro2" +version = "1.0.106" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fd00f0bb2e90d81d1044c2b32617f68fcb9fa3bb7640c23e9c748e53fb30934" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21b2ebcf727b7760c461f091f9f0f539b77b8e87f2fd88131e7f1b433b3cece4" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "r-efi" +version = "5.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom 0.2.17", +] + +[[package]] +name = "regex" +version = "1.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e10754a14b9137dd7b1e3e5b0493cc9171fdd105e0ab477f51b72e7f3ac0e276" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e1dd4122fc1595e8162618945476892eefca7b88c52820e74af6262213cae8f" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.8.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a96887878f22d7bad8a3b6dc5b7440e0ada9a245242924394987b21cf2210a4c" + +[[package]] +name = "ring" +version = "0.17.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7" +dependencies = [ + "cc", + "cfg-if", + "getrandom 0.2.17", + "libc", + "untrusted", + "windows-sys 0.52.0", +] + +[[package]] +name = "rustix" +version = "1.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6fe4565b9518b83ef4f91bb47ce29620ca828bd32cb7e408f0062e9930ba190" +dependencies = [ + "bitflags", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.61.2", +] + +[[package]] +name = "rustls" +version = "0.23.36" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c665f33d38cea657d9614f766881e4d510e0eda4239891eea56b4cadcf01801b" +dependencies = [ + "aws-lc-rs", + "log", + "once_cell", + "ring", + "rustls-pki-types", + "rustls-webpki", + "subtle", + "zeroize", +] + +[[package]] +name = "rustls-pki-types" +version = "1.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be040f8b0a225e40375822a563fa9524378b9d63112f53e19ffff34df5d33fdd" +dependencies = [ + "zeroize", +] + +[[package]] +name = "rustls-webpki" +version = "0.103.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7df23109aa6c1567d1c575b9952556388da57401e4ace1d15f79eedad0d8f53" +dependencies = [ + "aws-lc-rs", + "ring", + "rustls-pki-types", + "untrusted", +] + +[[package]] +name = "rustversion" +version = "1.0.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d" + +[[package]] +name = "semver" +version = "1.0.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d767eb0aabc880b29956c35734170f26ed551a859dbd361d140cdbeca61ab1e2" + +[[package]] +name = "serde" +version = "1.0.228" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e" +dependencies = [ + "serde_core", + "serde_derive", +] + +[[package]] +name = "serde_core" +version = "1.0.228" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.228" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.149" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83fc039473c5595ace860d8c4fafa220ff474b3fc6bfdb4293327f1a37e94d86" +dependencies = [ + "itoa", + "memchr", + "serde", + "serde_core", + "zmij", +] + +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + +[[package]] +name = "simd-adler32" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e320a6c5ad31d271ad523dcf3ad13e2767ad8b1cb8f047f75a8aeaf8da139da2" + +[[package]] +name = "smallvec" +version = "1.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" + +[[package]] +name = "stable_deref_trait" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596" + +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "subtle" +version = "2.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" + +[[package]] +name = "syn" +version = "2.0.117" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e665b8803e7b1d2a727f4023456bbbbe74da67099c585258af0ad9c5013b9b99" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "synstructure" +version = "0.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tempfile" +version = "3.25.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0136791f7c95b1f6dd99f9cc786b91bb81c3800b639b3478e561ddb7be95e5f1" +dependencies = [ + "fastrand", + "getrandom 0.4.1", + "once_cell", + "rustix", + "windows-sys 0.61.2", +] + +[[package]] +name = "tiny_http" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "389915df6413a2e74fb181895f933386023c71110878cd0825588928e64cdc82" +dependencies = [ + "ascii", + "chunked_transfer", + "httpdate", + "log", +] + +[[package]] +name = "tinystr" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42d3e9c45c09de15d06dd8acf5f4e0e399e85927b7f00711024eb7ae10fa4869" +dependencies = [ + "displaydoc", + "zerovec", +] + +[[package]] +name = "unicode-ident" +version = "1.0.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6e4313cd5fcd3dad5cafa179702e2b244f760991f45397d14d4ebf38247da75" + +[[package]] +name = "unicode-xid" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" + +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + +[[package]] +name = "ureq" +version = "2.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02d1a66277ed75f640d608235660df48c8e3c19f3b4edb6a263315626cc3c01d" +dependencies = [ + "base64", + "flate2", + "log", + "once_cell", + "rustls", + "rustls-pki-types", + "url", + "webpki-roots 0.26.11", +] + +[[package]] +name = "url" +version = "2.5.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff67a8a4397373c3ef660812acab3268222035010ab8680ec4215f38ba3d0eed" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", + "serde", +] + +[[package]] +name = "utf8_iter" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be" + +[[package]] +name = "utf8parse" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" + +[[package]] +name = "wasi" +version = "0.11.1+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b" + +[[package]] +name = "wasip2" +version = "1.0.2+wasi-0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9517f9239f02c069db75e65f174b3da828fe5f5b945c4dd26bd25d89c03ebcf5" +dependencies = [ + "wit-bindgen", +] + +[[package]] +name = "wasip3" +version = "0.4.0+wasi-0.3.0-rc-2026-01-06" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5428f8bf88ea5ddc08faddef2ac4a67e390b88186c703ce6dbd955e1c145aca5" +dependencies = [ + "wit-bindgen", +] + +[[package]] +name = "wasm-bindgen" +version = "0.2.111" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec1adf1535672f5b7824f817792b1afd731d7e843d2d04ec8f27e8cb51edd8ac" +dependencies = [ + "cfg-if", + "once_cell", + "rustversion", + "wasm-bindgen-macro", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.111" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19e638317c08b21663aed4d2b9a2091450548954695ff4efa75bff5fa546b3b1" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.111" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c64760850114d03d5f65457e96fc988f11f01d38fbaa51b254e4ab5809102af" +dependencies = [ + "bumpalo", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.111" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60eecd4fe26177cfa3339eb00b4a36445889ba3ad37080c2429879718e20ca41" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "wasm-encoder" +version = "0.244.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "990065f2fe63003fe337b932cfb5e3b80e0b4d0f5ff650e6985b1048f62c8319" +dependencies = [ + "leb128fmt", + "wasmparser", +] + +[[package]] +name = "wasm-metadata" +version = "0.244.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb0e353e6a2fbdc176932bbaab493762eb1255a7900fe0fea1a2f96c296cc909" +dependencies = [ + "anyhow", + "indexmap", + "wasm-encoder", + "wasmparser", +] + +[[package]] +name = "wasmparser" +version = "0.244.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "47b807c72e1bac69382b3a6fb3dbe8ea4c0ed87ff5629b8685ae6b9a611028fe" +dependencies = [ + "bitflags", + "hashbrown 0.15.5", + "indexmap", + "semver", +] + +[[package]] +name = "webpki-roots" +version = "0.26.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "521bc38abb08001b01866da9f51eb7c5d647a19260e00054a8c7fd5f9e57f7a9" +dependencies = [ + "webpki-roots 1.0.6", +] + +[[package]] +name = "webpki-roots" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22cfaf3c063993ff62e73cb4311efde4db1efb31ab78a3e5c457939ad5cc0bed" +dependencies = [ + "rustls-pki-types", +] + +[[package]] +name = "windows-core" +version = "0.62.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8e83a14d34d0623b51dce9581199302a221863196a1dde71a7663a4c2be9deb" +dependencies = [ + "windows-implement", + "windows-interface", + "windows-link", + "windows-result", + "windows-strings", +] + +[[package]] +name = "windows-implement" +version = "0.60.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "053e2e040ab57b9dc951b72c264860db7eb3b0200ba345b4e4c3b14f67855ddf" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "windows-interface" +version = "0.59.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f316c4a2570ba26bbec722032c4099d8c8bc095efccdc15688708623367e358" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "windows-link" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5" + +[[package]] +name = "windows-result" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7781fa89eaf60850ac3d2da7af8e5242a5ea78d1a11c49bf2910bb5a73853eb5" +dependencies = [ + "windows-link", +] + +[[package]] +name = "windows-strings" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7837d08f69c77cf6b07689544538e017c1bfcf57e34b4c0ff58e6c2cd3b37091" +dependencies = [ + "windows-link", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-sys" +version = "0.61.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc" +dependencies = [ + "windows-link", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_gnullvm", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "wit-bindgen" +version = "0.51.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7249219f66ced02969388cf2bb044a09756a083d0fab1e566056b04d9fbcaa5" +dependencies = [ + "wit-bindgen-rust-macro", +] + +[[package]] +name = "wit-bindgen-core" +version = "0.51.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea61de684c3ea68cb082b7a88508a8b27fcc8b797d738bfc99a82facf1d752dc" +dependencies = [ + "anyhow", + "heck", + "wit-parser", +] + +[[package]] +name = "wit-bindgen-rust" +version = "0.51.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b7c566e0f4b284dd6561c786d9cb0142da491f46a9fbed79ea69cdad5db17f21" +dependencies = [ + "anyhow", + "heck", + "indexmap", + "prettyplease", + "syn", + "wasm-metadata", + "wit-bindgen-core", + "wit-component", +] + +[[package]] +name = "wit-bindgen-rust-macro" +version = "0.51.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c0f9bfd77e6a48eccf51359e3ae77140a7f50b1e2ebfe62422d8afdaffab17a" +dependencies = [ + "anyhow", + "prettyplease", + "proc-macro2", + "quote", + "syn", + "wit-bindgen-core", + "wit-bindgen-rust", +] + +[[package]] +name = "wit-component" +version = "0.244.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d66ea20e9553b30172b5e831994e35fbde2d165325bec84fc43dbf6f4eb9cb2" +dependencies = [ + "anyhow", + "bitflags", + "indexmap", + "log", + "serde", + "serde_derive", + "serde_json", + "wasm-encoder", + "wasm-metadata", + "wasmparser", + "wit-parser", +] + +[[package]] +name = "wit-parser" +version = "0.244.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecc8ac4bc1dc3381b7f59c34f00b67e18f910c2c0f50015669dde7def656a736" +dependencies = [ + "anyhow", + "id-arena", + "indexmap", + "log", + "semver", + "serde", + "serde_derive", + "serde_json", + "unicode-xid", + "wasmparser", +] + +[[package]] +name = "writeable" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9edde0db4769d2dc68579893f2306b26c6ecfbe0ef499b013d731b7b9247e0b9" + +[[package]] +name = "yoke" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72d6e5c6afb84d73944e5cedb052c4680d5657337201555f9f2a16b7406d4954" +dependencies = [ + "stable_deref_trait", + "yoke-derive", + "zerofrom", +] + +[[package]] +name = "yoke-derive" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b659052874eb698efe5b9e8cf382204678a0086ebf46982b79d6ca3182927e5d" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "zerocopy" +version = "0.8.39" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db6d35d663eadb6c932438e763b262fe1a70987f9ae936e60158176d710cae4a" +dependencies = [ + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.8.39" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4122cd3169e94605190e77839c9a40d40ed048d305bfdc146e7df40ab0f3e517" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "zerofrom" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5" +dependencies = [ + "zerofrom-derive", +] + +[[package]] +name = "zerofrom-derive" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "zeroize" +version = "1.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0" + +[[package]] +name = "zerotrie" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a59c17a5562d507e4b54960e8569ebee33bee890c70aa3fe7b97e85a9fd7851" +dependencies = [ + "displaydoc", + "yoke", + "zerofrom", +] + +[[package]] +name = "zerovec" +version = "0.11.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c28719294829477f525be0186d13efa9a3c602f7ec202ca9e353d310fb9a002" +dependencies = [ + "yoke", + "zerofrom", + "zerovec-derive", +] + +[[package]] +name = "zerovec-derive" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eadce39539ca5cb3985590102671f2567e659fca9666581ad3411d59207951f3" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "zmij" +version = "1.0.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8848ee67ecc8aedbaf3e4122217aff892639231befc6a1b58d29fff4c2cabaa" diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 0000000..9938579 --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,33 @@ +[package] +name = "initium" +version = "0.1.0" +edition = "2021" +description = "Swiss-army toolbox for Kubernetes initContainers" +license = "Apache-2.0" + +[[bin]] +name = "initium" +path = "src/main.rs" + +[dependencies] +clap = { version = "4", features = ["derive"] } +serde = { version = "1", features = ["derive"] } +serde_json = "1" +regex = "1" +chrono = { version = "0.4", default-features = false, features = ["clock"] } +rand = "0.8" +ureq = { version = "2", features = ["tls"] } +rustls = "0.23" +minijinja = "2" + +[dev-dependencies] +tempfile = "3" +tiny_http = "0.12" + +[profile.release] +opt-level = "z" +lto = true +codegen-units = 1 +strip = true +panic = "abort" + diff --git a/Dockerfile b/Dockerfile index f6f2369..3ff7981 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,15 @@ -FROM --platform=$BUILDPLATFORM golang:1.25-alpine AS builder - -ARG TARGETOS -ARG TARGETARCH +FROM rust:1.85-alpine AS builder ARG VERSION=dev - +RUN apk add --no-cache musl-dev WORKDIR /src -COPY go.mod go.sum ./ -RUN go mod download - +COPY Cargo.toml Cargo.lock ./ +RUN mkdir src && echo 'fn main() {}' > src/main.rs && cargo build --release && rm -rf src COPY . . -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} \ - go build -trimpath -ldflags="-s -w -X main.version=${VERSION}" \ - -o /initium ./cmd/initium - +RUN touch src/main.rs && \ + cargo build --release && \ + cp target/release/initium /initium FROM scratch - COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=builder /initium /initium - USER 65534:65534 - ENTRYPOINT ["/initium"] - diff --git a/FAQ.md b/FAQ.md index 8c55a7b..1213d3b 100644 --- a/FAQ.md +++ b/FAQ.md @@ -280,7 +280,7 @@ A `scratch` base image contains zero OS packages, zero libraries, zero shells. T - **Zero CVEs** from base image packages — nothing to scan, nothing to patch - **No shell** for attackers to use if the container is compromised -- **Tiny image** — the final image is ~10MB (just the Go binary + CA certificates) +- **Tiny image** — the final image is ~2MB (just the Rust binary + CA certificates) The trade-off is that you cannot `kubectl exec` into the container for debugging. This is acceptable for initContainers, which run once and exit. @@ -424,9 +424,9 @@ Then reference your internal registry in the pod spec. If your registry requires ```bash git clone https://github.com/KitStream/initium.git cd initium -make build # produces bin/initium -make test # runs all unit tests with race detector -make lint # runs go vet + staticcheck +make build # produces target/release/initium +make test # runs all unit tests +make lint # runs cargo clippy + cargo fmt --check ``` ### How do I build a custom Docker image? diff --git a/Makefile b/Makefile index 2511f48..964128b 100644 --- a/Makefile +++ b/Makefile @@ -1,31 +1,19 @@ BINARY := initium -MODULE := github.com/kitstream/initium VERSION ?= dev -LDFLAGS := -s -w -X main.version=$(VERSION) - .PHONY: all build test lint clean - all: lint test build - build: - CGO_ENABLED=0 go build -trimpath -ldflags="$(LDFLAGS)" -o bin/$(BINARY) ./cmd/initium - +cargo build --release +cp target/release/$(BINARY) bin/$(BINARY) test: - go test ./... -count=1 -timeout 60s -race - +cargo test lint: - go vet ./... - @command -v staticcheck >/dev/null 2>&1 && staticcheck ./... || echo "staticcheck not installed, skipping" - +cargo clippy -- -D warnings +cargo fmt --check clean: - rm -rf bin/ - +cargo clean +rm -rf bin/ docker-build: - docker buildx build --platform linux/amd64,linux/arm64 \ - --build-arg VERSION=$(VERSION) \ - -t ghcr.io/kitstream/initium:$(VERSION) . - +docker build -t ghcr.io/kitstream/initium:$(VERSION) . docker-push: - docker buildx build --platform linux/amd64,linux/arm64 \ - --build-arg VERSION=$(VERSION) \ - -t ghcr.io/kitstream/initium:$(VERSION) --push . +docker push ghcr.io/kitstream/initium:$(VERSION) diff --git a/README.md b/README.md index b2ae70a..e1048ce 100644 --- a/README.md +++ b/README.md @@ -44,8 +44,8 @@ kubectl apply -f https://raw.githubusercontent.com/kitstream/initium/main/exampl | **Structured logging** | `echo` statements | JSON or text with timestamps | | **Security** | Runs as root, full shell | Non-root, no shell, read-only FS | | **Secret handling** | Easily leaked in logs | Automatic redaction | -| **Multiple tools** | Install curl, netcat, psql… | Single 10MB image | -| **Reproducibility** | Shell differences across distros | Single Go binary, `FROM scratch` | +| **Multiple tools** | Install curl, netcat, psql… | Single 2MB image | +| **Reproducibility** | Shell differences across distros | Single Rust binary, `FROM scratch` | | **Vulnerability surface** | Full OS + shell utils | Zero OS packages | ## Subcommands diff --git a/cmd/initium/context.go b/cmd/initium/context.go deleted file mode 100644 index 82a38f1..0000000 --- a/cmd/initium/context.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "context" - - "github.com/kitstream/initium/internal/logging" -) - -type loggerKey struct{} - -// withLogger returns a new context.Context that carries a logger. -func withLogger(ctx context.Context, log *logging.Logger) context.Context { - return context.WithValue(ctx, loggerKey{}, log) -} diff --git a/cmd/initium/main.go b/cmd/initium/main.go deleted file mode 100644 index ce2dfcc..0000000 --- a/cmd/initium/main.go +++ /dev/null @@ -1,45 +0,0 @@ -package main - -import ( - "context" - "github.com/kitstream/initium/internal/cmd" - "github.com/kitstream/initium/internal/logging" - "github.com/spf13/cobra" - "os" -) - -var version = "dev" - -func main() { - var jsonLogs bool - root := &cobra.Command{ - Use: "initium", - Short: "Swiss-army toolbox for Kubernetes initContainers", - Long: `Initium is a multi-tool CLI for Kubernetes initContainers. -It provides subcommands to wait for dependencies, run migrations, -seed databases, render config templates, fetch secrets, and execute -arbitrary commands — all with safe defaults, structured logging, -and security guardrails.`, - Version: version, - SilenceErrors: true, - PersistentPreRun: func(c *cobra.Command, args []string) { - if l, ok := c.Context().Value(loggerKey{}).(*logging.Logger); ok { - l.SetJSON(jsonLogs) - } - }, - } - root.PersistentFlags().BoolVar(&jsonLogs, "json", false, "Enable JSON log output") - log := logging.Default() - ctx := withLogger(context.Background(), log) - root.SetContext(ctx) - root.AddCommand(cmd.NewWaitForCmd(log)) - root.AddCommand(cmd.NewMigrateCmd(log)) - root.AddCommand(cmd.NewSeedCmd(log)) - root.AddCommand(cmd.NewRenderCmd(log)) - root.AddCommand(cmd.NewFetchCmd(log)) - root.AddCommand(cmd.NewExecCmd(log)) - if err := root.Execute(); err != nil { - log.Error(err.Error()) - os.Exit(1) - } -} diff --git a/docs/design.md b/docs/design.md index e5c41ba..7191bb3 100644 --- a/docs/design.md +++ b/docs/design.md @@ -2,14 +2,14 @@ ## Overview -Initium is a single Go binary with multiple subcommands, each addressing a common initContainer use case. It follows the Unix philosophy: each subcommand does one thing well, with composability via sequential initContainers in a pod spec. +Initium is a single Rust binary with multiple subcommands, each addressing a common initContainer use case. It follows the Unix philosophy: each subcommand does one thing well, with composability via sequential initContainers in a pod spec. ``` ┌─────────────────────────────────────────┐ -│ cmd/initium/main.go │ -│ (CLI root, cobra commands) │ +│ src/main.rs │ +│ (CLI root, clap commands) │ ├─────────────────────────────────────────┤ -│ internal/cmd/ │ +│ src/cmd/ │ │ ┌──────────┬──────────┬────────────┐ │ │ │ wait-for │ migrate │ render │ │ │ │ seed │ fetch │ exec │ │ @@ -26,14 +26,20 @@ Initium is a single Go binary with multiple subcommands, each addressing a commo ## Directory Structure ``` -cmd/initium/ CLI entrypoint -internal/ +src/ + main.rs CLI entrypoint cmd/ Subcommand implementations (one file per command) - retry/ Retry logic with exponential backoff and jitter - render/ Template rendering (envsubst + Go templates) - fetch/ HTTP fetch with auth support - logging/ Structured logging (text + JSON) - safety/ Path validation and security guardrails + mod.rs Shared command execution helpers + wait_for.rs Wait for endpoints + migrate.rs Database migrations + seed.rs Database seeding + render.rs Template rendering + fetch.rs HTTP fetch + exec.rs Arbitrary command execution + retry.rs Retry logic with exponential backoff and jitter + render.rs Template rendering (envsubst + Jinja2 templates) + logging.rs Structured logging (text + JSON) + safety.rs Path validation and security guardrails charts/initium/ Helm chart examples/ Ready-to-use Kubernetes manifests docs/ Documentation @@ -42,7 +48,7 @@ tests/ Integration tests ## Design Principles -1. **Single binary, zero runtime dependencies**: Built `FROM scratch` with statically-linked Go binary +1. **Single binary, zero runtime dependencies**: Built `FROM scratch` with statically-linked Rust binary (musl) 2. **Explicit over implicit**: All targets, paths, and behaviors must be explicitly configured 3. **Fail fast with actionable errors**: Errors include context about what went wrong and how to fix it 4. **Security by default**: Restrictive defaults that require opt-in for any relaxation @@ -52,62 +58,58 @@ tests/ Integration tests ### 1. Create the command file -Create `internal/cmd/yourcommand.go`: +Create `src/cmd/your_command.rs`: -```go -package cmd +```rust +use crate::logging::Logger; -import ( - "github.com/kitstream/initium/internal/logging" - "github.com/spf13/cobra" -) +pub fn run(log: &Logger, /* flags */) -> Result<(), String> { + log.info("starting your-command", &[]); + // Implementation here + Ok(()) +} +``` -func NewYourCommandCmd(log *logging.Logger) *cobra.Command { - cmd := &cobra.Command{ - Use: "your-command", - Short: "One-line description", - Long: `Detailed description with usage context.`, - Example: ` initium your-command --flag value`, - RunE: func(cmd *cobra.Command, args []string) error { - // Implementation here - return nil - }, - } +### 2. Register the module - // Add flags - cmd.Flags().StringVar(&someVar, "flag", "default", "Description") +In `src/cmd/mod.rs`, add: - return cmd -} +```rust +pub mod your_command; ``` -### 2. Register the command +### 3. Add the subcommand variant -In `cmd/initium/main.go`, add: +In `src/main.rs`, add a variant to the `Commands` enum and dispatch it in the `match`: -```go -root.AddCommand(cmd.NewYourCommandCmd(log)) +```rust +#[derive(Subcommand)] +enum Commands { + // ...existing variants... + /// Your command description + YourCommand { + #[arg(long, help = "Description")] + flag: String, + }, +} ``` -### 3. Write tests +### 4. Write tests -Create `internal/cmd/yourcommand_test.go` with: -- Unit tests for core logic -- Tests for invalid inputs and edge cases -- Tests for the cobra command execution +Add `#[cfg(test)]` tests in the relevant module, or create integration tests. -### 4. Add documentation +### 5. Add documentation - Update `docs/usage.md` with flags, examples, and failure modes - Add an example in `examples/` - Update `CHANGELOG.md` -### 5. Verify +### 6. Verify ```bash make test make build -./bin/initium your-command --help +./target/release/initium your-command --help ``` ## Retry System diff --git a/docs/usage.md b/docs/usage.md index d2b26bb..05fa442 100644 --- a/docs/usage.md +++ b/docs/usage.md @@ -161,7 +161,7 @@ Render a template file into a config file using environment variable substitutio Two modes are supported: - **envsubst** (default) — replaces `${VAR}` and `$VAR` patterns with environment variable values. Missing variables are left as-is. -- **gotemplate** — full Go `text/template` support with environment variables as `.VarName`. Missing variables produce empty strings. +- **gotemplate** — Jinja2-style templates via minijinja with environment variables accessible as `{{ env.VAR }}`. Missing variables produce empty strings. Output files are written relative to `--workdir` with path traversal prevention. Intermediate directories are created automatically. @@ -169,7 +169,7 @@ Output files are written relative to `--workdir` with path traversal prevention. # envsubst mode (default) initium render --template /templates/app.conf.tmpl --output app.conf -# Go template mode +# Jinja2 template mode initium render --mode gotemplate --template /templates/app.conf.tmpl --output app.conf # Custom workdir diff --git a/go.mod b/go.mod deleted file mode 100644 index beeb2b0..0000000 --- a/go.mod +++ /dev/null @@ -1,10 +0,0 @@ -module github.com/kitstream/initium - -go 1.25 - -require github.com/spf13/cobra v1.8.1 - -require ( - github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/spf13/pflag v1.0.5 // indirect -) diff --git a/go.sum b/go.sum deleted file mode 100644 index 912390a..0000000 --- a/go.sum +++ /dev/null @@ -1,10 +0,0 @@ -github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= -github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= -github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/internal/cmd/exec.go b/internal/cmd/exec.go deleted file mode 100644 index e4da567..0000000 --- a/internal/cmd/exec.go +++ /dev/null @@ -1,82 +0,0 @@ -package cmd - -import ( - "fmt" - - "github.com/kitstream/initium/internal/logging" - "github.com/spf13/cobra" -) - -func NewExecCmd(log *logging.Logger) *cobra.Command { - var ( - workdir string - jsonLogs bool - ) - - cmd := &cobra.Command{ - Use: "exec -- COMMAND [ARGS...]", - Short: "Run arbitrary commands with structured logging", - Long: `Execute an arbitrary command with structured logging and exit code forwarding. - -The command is executed directly via execve (no shell). Use "--" to separate -initium flags from the command and its arguments. - -stdout and stderr are captured and logged with timestamps. The child process -exit code is forwarded. If --workdir is set, the child process working -directory is changed accordingly.`, - Example: ` # Run a setup script - initium exec -- /bin/setup.sh - - # Run with JSON logs - initium exec --json -- python3 /scripts/init.py - - # Run in a specific directory - initium exec --workdir /app -- ./prepare.sh - - # Generate a private key with openssl - initium exec --workdir /certs -- openssl genrsa -out key.pem 4096`, - SilenceUsage: true, - SilenceErrors: true, - RunE: func(cmd *cobra.Command, args []string) error { - if jsonLogs { - log.SetJSON(true) - } - - if len(args) == 0 { - return fmt.Errorf("command is required after \"--\"") - } - - log.Info("executing command", "command", args[0]) - - exitCode, err := runCommandInDir(log, args, workdir) - if err != nil { - return fmt.Errorf("exec failed: %w", err) - } - - if exitCode != 0 { - return fmt.Errorf("command exited with code %d", exitCode) - } - - log.Info("command completed successfully") - return nil - }, - } - - cmd.Flags().StringVar(&workdir, "workdir", "", "Working directory for the child process (default: inherit)") - cmd.Flags().BoolVar(&jsonLogs, "json", false, "Enable JSON log output") - - return cmd -} - -func runCommandInDir(log *logging.Logger, args []string, dir string) (int, error) { - if dir == "" { - return runCommand(log, args) - } - return runCommandWithDir(log, args, dir) -} - -func runCommandWithDir(log *logging.Logger, args []string, dir string) (int, error) { - c := newExecCommand(args[0], args[1:]...) - c.Dir = dir - return executeAndStream(log, c) -} diff --git a/internal/cmd/exec_test.go b/internal/cmd/exec_test.go deleted file mode 100644 index 5fece70..0000000 --- a/internal/cmd/exec_test.go +++ /dev/null @@ -1,230 +0,0 @@ -package cmd - -import ( - "bytes" - "os" - "path/filepath" - "runtime" - "strings" - "testing" - - "github.com/kitstream/initium/internal/logging" -) - -func TestExecCmdNoArgs(t *testing.T) { - lg := logging.Default() - c := NewExecCmd(lg) - c.SetArgs([]string{}) - err := c.Execute() - if err == nil { - t.Fatal("expected error when no command specified") - } - if !strings.Contains(err.Error(), "command is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestExecCmdSuccess(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--", "echo", "hello exec"}) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "hello exec") { - t.Fatalf("expected command output in logs, got: %s", output) - } - if !strings.Contains(output, "command completed successfully") { - t.Fatalf("expected completion message, got: %s", output) - } -} - -func TestExecCmdExitCode(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--", "sh", "-c", "exit 42"}) - - err := c.Execute() - if err == nil { - t.Fatal("expected error for non-zero exit code") - } - if !strings.Contains(err.Error(), "exited with code 42") { - t.Fatalf("expected exit code 42, got: %v", err) - } -} - -func TestExecCmdStdoutStderr(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--", "sh", "-c", "echo out-line; echo err-line >&2"}) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "out-line") { - t.Fatalf("expected stdout line, got: %s", output) - } - if !strings.Contains(output, "err-line") { - t.Fatalf("expected stderr line, got: %s", output) - } -} - -func TestExecCmdJSONOutput(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--json", "--", "echo", "json-test"}) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, `"msg"`) { - t.Fatalf("expected JSON output, got: %s", output) - } -} - -func TestExecCmdWorkdir(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - dir := t.TempDir() - markerFile := filepath.Join(dir, "marker.txt") - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--workdir", dir, "--", "sh", "-c", "pwd > marker.txt"}) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - content, err := os.ReadFile(markerFile) - if err != nil { - t.Fatalf("failed to read marker file: %v", err) - } - got := strings.TrimSpace(string(content)) - if got != dir { - t.Fatalf("expected workdir %q, got %q", dir, got) - } -} - -func TestExecCmdCommandNotFound(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--", "/nonexistent/command"}) - - err := c.Execute() - if err == nil { - t.Fatal("expected error for command not found") - } -} - -func TestExecCmdMultipleArgs(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--", "echo", "arg1", "arg2", "arg3"}) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "arg1 arg2 arg3") { - t.Fatalf("expected all args in output, got: %s", output) - } -} - -func TestExecCmdExitCode1(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--", "sh", "-c", "exit 1"}) - - err := c.Execute() - if err == nil { - t.Fatal("expected error for exit code 1") - } - if !strings.Contains(err.Error(), "exited with code 1") { - t.Fatalf("expected exit code 1, got: %v", err) - } -} - -func TestExecCmdStartMessage(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewExecCmd(lg) - c.SetArgs([]string{"--", "echo", "hi"}) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "executing command") { - t.Fatalf("expected start message, got: %s", output) - } -} - -func TestExecCmdHelpOutput(t *testing.T) { - lg := logging.Default() - c := NewExecCmd(lg) - - if c.Use != "exec -- COMMAND [ARGS...]" { - t.Fatalf("unexpected Use: %s", c.Use) - } - if !strings.Contains(c.Short, "arbitrary") { - t.Fatalf("Short should mention arbitrary: %s", c.Short) - } -} diff --git a/internal/cmd/fetch.go b/internal/cmd/fetch.go deleted file mode 100644 index 77af744..0000000 --- a/internal/cmd/fetch.go +++ /dev/null @@ -1,130 +0,0 @@ -package cmd - -import ( - "context" - "fmt" - "time" - - "github.com/kitstream/initium/internal/fetch" - "github.com/kitstream/initium/internal/logging" - "github.com/kitstream/initium/internal/retry" - "github.com/spf13/cobra" -) - -func NewFetchCmd(log *logging.Logger) *cobra.Command { - var ( - urlFlag string - output string - workdir string - authEnv string - insecureTLS bool - followRedirects bool - allowCrossSiteRedirect bool - timeout time.Duration - maxAttempts int - initialDelay time.Duration - maxDelay time.Duration - backoffFactor float64 - jitterFraction float64 - jsonLogs bool - ) - - cmd := &cobra.Command{ - Use: "fetch", - Short: "Fetch secrets or config from HTTP(S) endpoints", - Long: `Fetch a resource from an HTTP(S) endpoint and write the response body to a -file within the working directory. - -Supports optional authentication via an environment variable (to avoid leaking -credentials in process argument lists), TLS verification skipping, redirect -control, and retries with exponential backoff.`, - Example: ` # Fetch a config file - initium fetch --url http://config-service:8080/app.json --output app.json - - # Fetch from Vault with auth token - initium fetch --url https://vault:8200/v1/secret/data/app --output secrets.json \ - --auth-env VAULT_TOKEN --insecure-tls - - # Fetch with retries - initium fetch --url http://api:8080/config --output config.json \ - --max-attempts 10 --initial-delay 2s - - # Follow redirects (same-site only by default) - initium fetch --url http://cdn/config --output config.json --follow-redirects`, - SilenceUsage: true, - SilenceErrors: true, - RunE: func(cmd *cobra.Command, args []string) error { - if jsonLogs { - log.SetJSON(true) - } - - if urlFlag == "" { - return fmt.Errorf("--url is required") - } - if output == "" { - return fmt.Errorf("--output is required") - } - - retryCfg := retry.Config{ - MaxAttempts: maxAttempts, - InitialDelay: initialDelay, - MaxDelay: maxDelay, - BackoffFactor: backoffFactor, - JitterFraction: jitterFraction, - } - if err := retryCfg.Validate(); err != nil { - return fmt.Errorf("invalid retry config: %w", err) - } - - fetchCfg := fetch.Config{ - URL: urlFlag, - OutputPath: output, - Workdir: workdir, - AuthEnv: authEnv, - InsecureTLS: insecureTLS, - FollowRedirects: followRedirects, - AllowCrossSiteRedirect: allowCrossSiteRedirect, - Timeout: timeout, - } - - if err := fetchCfg.Validate(); err != nil { - return err - } - - ctx, cancel := context.WithTimeout(cmd.Context(), timeout) - defer cancel() - - log.Info("fetching", "url", urlFlag, "output", output) - - result := retry.Do(ctx, retryCfg, func(ctx context.Context, attempt int) error { - log.Debug("fetch attempt", "attempt", fmt.Sprintf("%d", attempt+1)) - return fetch.Do(ctx, fetchCfg) - }) - - if result.Err != nil { - log.Error("fetch failed", "url", urlFlag, "error", result.Err.Error()) - return fmt.Errorf("fetch %s failed: %w", urlFlag, result.Err) - } - - log.Info("fetch completed", "url", urlFlag, "output", output, "attempts", fmt.Sprintf("%d", result.Attempt+1)) - return nil - }, - } - - cmd.Flags().StringVar(&urlFlag, "url", "", "Target URL to fetch (required)") - cmd.Flags().StringVar(&output, "output", "", "Output file path relative to workdir (required)") - cmd.Flags().StringVar(&workdir, "workdir", "/work", "Working directory for output files") - cmd.Flags().StringVar(&authEnv, "auth-env", "", "Name of env var containing the Authorization header value") - cmd.Flags().BoolVar(&insecureTLS, "insecure-tls", false, "Skip TLS certificate verification") - cmd.Flags().BoolVar(&followRedirects, "follow-redirects", false, "Follow HTTP redirects") - cmd.Flags().BoolVar(&allowCrossSiteRedirect, "allow-cross-site-redirects", false, "Allow cross-site redirects (requires --follow-redirects)") - cmd.Flags().DurationVar(&timeout, "timeout", 5*time.Minute, "Overall timeout") - cmd.Flags().IntVar(&maxAttempts, "max-attempts", 3, "Maximum retry attempts") - cmd.Flags().DurationVar(&initialDelay, "initial-delay", time.Second, "Initial delay between retries") - cmd.Flags().DurationVar(&maxDelay, "max-delay", 30*time.Second, "Maximum delay between retries") - cmd.Flags().Float64Var(&backoffFactor, "backoff-factor", 2.0, "Backoff multiplier") - cmd.Flags().Float64Var(&jitterFraction, "jitter", 0.1, "Jitter fraction (0.0-1.0)") - cmd.Flags().BoolVar(&jsonLogs, "json", false, "Enable JSON log output") - - return cmd -} diff --git a/internal/cmd/fetch_test.go b/internal/cmd/fetch_test.go deleted file mode 100644 index fad9533..0000000 --- a/internal/cmd/fetch_test.go +++ /dev/null @@ -1,225 +0,0 @@ -package cmd - -import ( - "bytes" - "net/http" - "net/http/httptest" - "os" - "path/filepath" - "strings" - "testing" - - "github.com/kitstream/initium/internal/logging" -) - -func TestFetchCmdNoURL(t *testing.T) { - log := logging.Default() - c := NewFetchCmd(log) - c.SetArgs([]string{"--output", "out.json"}) - err := c.Execute() - if err == nil { - t.Fatal("expected error when --url not specified") - } - if !strings.Contains(err.Error(), "--url is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestFetchCmdNoOutput(t *testing.T) { - log := logging.Default() - c := NewFetchCmd(log) - c.SetArgs([]string{"--url", "http://example.com"}) - err := c.Execute() - if err == nil { - t.Fatal("expected error when --output not specified") - } - if !strings.Contains(err.Error(), "--output is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestFetchCmdSuccess(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - _, _ = w.Write([]byte(`{"fetched":true}`)) - })) - defer srv.Close() - - workdir := t.TempDir() - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewFetchCmd(lg) - c.SetArgs([]string{ - "--url", srv.URL, - "--output", "result.json", - "--workdir", workdir, - "--max-attempts", "1", - "--timeout", "5s", - }) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "result.json")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - if string(content) != `{"fetched":true}` { - t.Fatalf("expected JSON body, got %q", string(content)) - } - - output := buf.String() - if !strings.Contains(output, "fetch completed") { - t.Fatalf("expected completion message, got: %s", output) - } -} - -func TestFetchCmdWithAuth(t *testing.T) { - var gotAuth string - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - gotAuth = r.Header.Get("Authorization") - w.WriteHeader(http.StatusOK) - _, _ = w.Write([]byte("ok")) - })) - defer srv.Close() - - t.Setenv("TEST_FETCH_CMD_AUTH", "Bearer test-token-123") - - workdir := t.TempDir() - lg := logging.Default() - c := NewFetchCmd(lg) - c.SetArgs([]string{ - "--url", srv.URL, - "--output", "out.txt", - "--workdir", workdir, - "--auth-env", "TEST_FETCH_CMD_AUTH", - "--max-attempts", "1", - "--timeout", "5s", - }) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - if gotAuth != "Bearer test-token-123" { - t.Fatalf("expected auth header, got %q", gotAuth) - } -} - -func TestFetchCmdPathTraversal(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - })) - defer srv.Close() - - workdir := t.TempDir() - lg := logging.Default() - c := NewFetchCmd(lg) - c.SetArgs([]string{ - "--url", srv.URL, - "--output", "../../../etc/passwd", - "--workdir", workdir, - "--max-attempts", "1", - "--timeout", "5s", - }) - - err := c.Execute() - if err == nil { - t.Fatal("expected error for path traversal") - } -} - -func TestFetchCmdHTTPError(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusForbidden) - })) - defer srv.Close() - - workdir := t.TempDir() - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewFetchCmd(lg) - c.SetArgs([]string{ - "--url", srv.URL, - "--output", "out.txt", - "--workdir", workdir, - "--max-attempts", "1", - "--initial-delay", "10ms", - "--timeout", "5s", - }) - - err := c.Execute() - if err == nil { - t.Fatal("expected error for 403 status") - } -} - -func TestFetchCmdJSONOutput(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - _, _ = w.Write([]byte("ok")) - })) - defer srv.Close() - - workdir := t.TempDir() - - var buf bytes.Buffer - lg := logging.New(&buf, false, logging.LevelInfo) - c := NewFetchCmd(lg) - c.SetArgs([]string{ - "--json", - "--url", srv.URL, - "--output", "out.txt", - "--workdir", workdir, - "--max-attempts", "1", - "--timeout", "5s", - }) - - err := c.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, `"msg"`) { - t.Fatalf("expected JSON output, got: %s", output) - } -} - -func TestFetchCmdInvalidRetryConfig(t *testing.T) { - lg := logging.Default() - c := NewFetchCmd(lg) - c.SetArgs([]string{ - "--url", "http://example.com", - "--output", "out.txt", - "--max-attempts", "0", - }) - - err := c.Execute() - if err == nil { - t.Fatal("expected error for invalid retry config") - } -} - -func TestFetchCmdCrossSiteWithoutFollowRedirects(t *testing.T) { - lg := logging.Default() - c := NewFetchCmd(lg) - c.SetArgs([]string{ - "--url", "http://example.com", - "--output", "out.txt", - "--allow-cross-site-redirects", - }) - - err := c.Execute() - if err == nil { - t.Fatal("expected error for allow-cross-site-redirects without follow-redirects") - } - if !strings.Contains(err.Error(), "requires --follow-redirects") { - t.Fatalf("unexpected error: %v", err) - } -} diff --git a/internal/cmd/migrate.go b/internal/cmd/migrate.go deleted file mode 100644 index 80ee6b1..0000000 --- a/internal/cmd/migrate.go +++ /dev/null @@ -1,196 +0,0 @@ -package cmd - -import ( - "bufio" - "fmt" - "io" - "os" - "os/exec" - "sync" - "syscall" - - "github.com/kitstream/initium/internal/logging" - "github.com/kitstream/initium/internal/safety" - "github.com/spf13/cobra" -) - -func NewMigrateCmd(log *logging.Logger) *cobra.Command { - var ( - workdir string - lockFile string - jsonLogs bool - ) - - cmd := &cobra.Command{ - Use: "migrate -- COMMAND [ARGS...]", - Short: "Run a database migration command with structured logging", - Long: `Execute a database migration command with structured logging, exit code -forwarding, and optional idempotency via a lock file. - -The command is executed directly via execve (no shell). Use "--" to separate -initium flags from the migration command and its arguments. - -If --lock-file is set, the migration is skipped when the lock file already -exists inside --workdir. On successful completion the lock file is created -so subsequent runs become no-ops.`, - Example: ` # Run a flyway migration - initium migrate -- flyway migrate - - # Run with JSON logs - initium migrate --json -- /app/migrate -path /migrations up - - # Idempotent: skip if already migrated - initium migrate --lock-file .migrated --workdir /work -- /app/migrate up`, - SilenceUsage: true, - SilenceErrors: true, - RunE: func(cmd *cobra.Command, args []string) error { - if jsonLogs { - log.SetJSON(true) - } - - if len(args) == 0 { - return fmt.Errorf("migration command is required after \"--\"") - } - - if lockFile != "" { - lockPath, err := safety.ValidateFilePath(workdir, lockFile) - if err != nil { - return fmt.Errorf("invalid lock file path: %w", err) - } - - if _, err := os.Stat(lockPath); err == nil { - log.Info("lock file exists, skipping migration", "lock-file", lockPath) - return nil - } - } - - log.Info("starting migration", "command", args[0]) - - exitCode, err := runCommand(log, args) - if err != nil { - return fmt.Errorf("migration failed: %w", err) - } - - if exitCode != 0 { - return fmt.Errorf("migration exited with code %d", exitCode) - } - - if lockFile != "" { - lockPath, err := safety.ValidateFilePath(workdir, lockFile) - if err != nil { - return fmt.Errorf("invalid lock file path: %w", err) - } - - if err := os.MkdirAll(workdir, 0o755); err != nil { - return fmt.Errorf("creating workdir %s: %w", workdir, err) - } - - if err := os.WriteFile(lockPath, []byte("migrated\n"), 0o644); err != nil { - return fmt.Errorf("writing lock file %s: %w", lockPath, err) - } - log.Info("lock file created", "lock-file", lockPath) - } - - log.Info("migration completed successfully") - return nil - }, - } - - cmd.Flags().StringVar(&workdir, "workdir", "/work", "Working directory for file operations") - cmd.Flags().StringVar(&lockFile, "lock-file", "", "Skip migration if this file exists in workdir (idempotency)") - cmd.Flags().BoolVar(&jsonLogs, "json", false, "Enable JSON log output") - - return cmd -} - -func runCommand(log *logging.Logger, args []string) (int, error) { - c := newExecCommand(args[0], args[1:]...) - return executeAndStream(log, c) -} - -func newExecCommand(name string, args ...string) *exec.Cmd { - c := exec.Command(name, args...) - c.Stdin = nil - return c -} - -func executeAndStream(log *logging.Logger, c *exec.Cmd) (int, error) { - stdoutPipe, err := c.StdoutPipe() - if err != nil { - return -1, fmt.Errorf("creating stdout pipe: %w", err) - } - - stderrPipe, err := c.StderrPipe() - if err != nil { - return -1, fmt.Errorf("creating stderr pipe: %w", err) - } - - if err := c.Start(); err != nil { - return -1, fmt.Errorf("starting command %q: %w", c.Path, err) - } - - var wg sync.WaitGroup - wg.Add(2) - - go func() { - defer wg.Done() - streamLines(log, stdoutPipe, "stdout") - }() - - go func() { - defer wg.Done() - streamLines(log, stderrPipe, "stderr") - }() - - wg.Wait() - - err = c.Wait() - if err == nil { - return 0, nil - } - - var exitErr *exec.ExitError - if ok := asExitError(err, &exitErr); ok { - return exitErr.ExitCode(), nil - } - - return -1, err -} - -func asExitError(err error, target **exec.ExitError) bool { - if e, ok := err.(*exec.ExitError); ok { - *target = e - return true - } - return false -} - -func streamLines(log *logging.Logger, r io.Reader, stream string) { - scanner := bufio.NewScanner(r) - for scanner.Scan() { - log.Info(scanner.Text(), "stream", stream) - } -} - -// ExitCodeFromError extracts the exit code from a command error. -// Used by callers that need to propagate exit codes (e.g., os.Exit). -func ExitCodeFromError(err error) int { - if err == nil { - return 0 - } - - // Check if the error message contains an exit code pattern - var exitCode int - if n, _ := fmt.Sscanf(err.Error(), "migration exited with code %d", &exitCode); n == 1 { - return exitCode - } - - // Check for underlying process exit status - if exitErr, ok := err.(*exec.ExitError); ok { - if status, ok := exitErr.Sys().(syscall.WaitStatus); ok { - return status.ExitStatus() - } - } - - return 1 -} diff --git a/internal/cmd/migrate_test.go b/internal/cmd/migrate_test.go deleted file mode 100644 index 4c4a8cc..0000000 --- a/internal/cmd/migrate_test.go +++ /dev/null @@ -1,300 +0,0 @@ -package cmd - -import ( - "bytes" - "fmt" - "os" - "path/filepath" - "runtime" - "strings" - "testing" - - "github.com/kitstream/initium/internal/logging" -) - -func TestMigrateCmdNoArgs(t *testing.T) { - log := logging.Default() - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{}) - err := cmd.Execute() - if err == nil { - t.Fatal("expected error when no command specified") - } - if !strings.Contains(err.Error(), "migration command is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestMigrateCmdSuccess(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{"--", "echo", "hello migration"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "migration completed successfully") { - t.Fatalf("expected completion message, got: %s", output) - } - if !strings.Contains(output, "hello migration") { - t.Fatalf("expected command output in logs, got: %s", output) - } -} - -func TestMigrateCmdExitCode(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{"--", "sh", "-c", "exit 42"}) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for non-zero exit code") - } - if !strings.Contains(err.Error(), "exited with code 42") { - t.Fatalf("expected exit code 42, got: %v", err) - } -} - -func TestMigrateCmdStdoutStderr(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{"--", "sh", "-c", "echo out-line; echo err-line >&2"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "out-line") { - t.Fatalf("expected stdout line in logs, got: %s", output) - } - if !strings.Contains(output, "err-line") { - t.Fatalf("expected stderr line in logs, got: %s", output) - } -} - -func TestMigrateCmdJSONOutput(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{"--json", "--", "echo", "json-test"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, `"msg"`) { - t.Fatalf("expected JSON output, got: %s", output) - } -} - -func TestMigrateCmdLockFileSkip(t *testing.T) { - workdir := t.TempDir() - lockPath := filepath.Join(workdir, ".migrated") - if err := os.WriteFile(lockPath, []byte("done"), 0o644); err != nil { - t.Fatalf("failed to create lock file: %v", err) - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{ - "--workdir", workdir, - "--lock-file", ".migrated", - "--", - "sh", "-c", "echo should-not-run", - }) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success (skip), got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "lock file exists, skipping migration") { - t.Fatalf("expected skip message, got: %s", output) - } - if strings.Contains(output, "should-not-run") { - t.Fatal("command should not have been executed when lock file exists") - } -} - -func TestMigrateCmdLockFileCreated(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - workdir := t.TempDir() - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{ - "--workdir", workdir, - "--lock-file", ".migrated", - "--", - "echo", "migrating", - }) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - lockPath := filepath.Join(workdir, ".migrated") - if _, err := os.Stat(lockPath); os.IsNotExist(err) { - t.Fatal("expected lock file to be created after successful migration") - } - - output := buf.String() - if !strings.Contains(output, "lock file created") { - t.Fatalf("expected lock file created message, got: %s", output) - } -} - -func TestMigrateCmdLockFileNotCreatedOnFailure(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - workdir := t.TempDir() - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{ - "--workdir", workdir, - "--lock-file", ".migrated", - "--", - "sh", "-c", "exit 1", - }) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for failed migration") - } - - lockPath := filepath.Join(workdir, ".migrated") - if _, err := os.Stat(lockPath); !os.IsNotExist(err) { - t.Fatal("lock file should not be created when migration fails") - } -} - -func TestMigrateCmdLockFilePathTraversal(t *testing.T) { - workdir := t.TempDir() - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{ - "--workdir", workdir, - "--lock-file", "../../../etc/passwd", - "--", - "echo", "hello", - }) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for path traversal in lock file") - } - if !strings.Contains(err.Error(), "path traversal") { - t.Fatalf("expected path traversal error, got: %v", err) - } -} - -func TestMigrateCmdCommandNotFound(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewMigrateCmd(log) - cmd.SetArgs([]string{"--", "/nonexistent/command"}) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for command not found") - } -} - -func TestExitCodeFromError(t *testing.T) { - tests := []struct { - name string - err error - expected int - }{ - {"nil error", nil, 0}, - {"generic error", fmt.Errorf("something went wrong"), 1}, - {"exit code error", fmt.Errorf("migration exited with code 42"), 42}, - {"exit code 0 error", fmt.Errorf("migration exited with code 0"), 0}, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - code := ExitCodeFromError(tt.err) - if code != tt.expected { - t.Fatalf("expected exit code %d, got %d", tt.expected, code) - } - }) - } -} - -func TestRunCommandSuccess(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - - exitCode, err := runCommand(log, []string{"echo", "test"}) - if err != nil { - t.Fatalf("expected no error, got: %v", err) - } - if exitCode != 0 { - t.Fatalf("expected exit code 0, got: %d", exitCode) - } -} - -func TestRunCommandFailure(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - - exitCode, err := runCommand(log, []string{"sh", "-c", "exit 7"}) - if err != nil { - t.Fatalf("expected no error (exit code returned), got: %v", err) - } - if exitCode != 7 { - t.Fatalf("expected exit code 7, got: %d", exitCode) - } -} diff --git a/internal/cmd/render.go b/internal/cmd/render.go deleted file mode 100644 index 4717538..0000000 --- a/internal/cmd/render.go +++ /dev/null @@ -1,102 +0,0 @@ -package cmd - -import ( - "fmt" - "os" - "path/filepath" - - "github.com/kitstream/initium/internal/logging" - "github.com/kitstream/initium/internal/render" - "github.com/kitstream/initium/internal/safety" - "github.com/spf13/cobra" -) - -func NewRenderCmd(log *logging.Logger) *cobra.Command { - var ( - templatePath string - outputPath string - workdir string - mode string - jsonLogs bool - ) - - cmd := &cobra.Command{ - Use: "render", - Short: "Render templates into config files", - Long: `Render a template file into a config file using environment variable -substitution. Supports two modes: - - envsubst — replaces ${VAR} and $VAR patterns (default) - gotemplate — full Go text/template with env vars as .VarName - -Output files are written relative to --workdir with path traversal prevention. -Intermediate directories are created automatically.`, - Example: ` # envsubst mode (default) - initium render --template /templates/app.conf.tmpl --output app.conf - - # Go template mode - initium render --mode gotemplate --template /templates/app.conf.tmpl --output app.conf - - # Custom workdir - initium render --template /tpl/nginx.conf.tmpl --output nginx.conf --workdir /etc/nginx`, - SilenceUsage: true, - SilenceErrors: true, - RunE: func(cmd *cobra.Command, args []string) error { - if jsonLogs { - log.SetJSON(true) - } - - if templatePath == "" { - return fmt.Errorf("--template is required") - } - if outputPath == "" { - return fmt.Errorf("--output is required") - } - if mode != "envsubst" && mode != "gotemplate" { - return fmt.Errorf("--mode must be envsubst or gotemplate, got %q", mode) - } - - outPath, err := safety.ValidateFilePath(workdir, outputPath) - if err != nil { - return fmt.Errorf("invalid output path: %w", err) - } - - data, err := os.ReadFile(templatePath) - if err != nil { - return fmt.Errorf("reading template %s: %w", templatePath, err) - } - - log.Info("rendering template", "template", templatePath, "output", outPath, "mode", mode) - - var result string - switch mode { - case "envsubst": - result = render.Envsubst(string(data)) - case "gotemplate": - result, err = render.GoTemplate(string(data)) - if err != nil { - return fmt.Errorf("rendering template: %w", err) - } - } - - if err := os.MkdirAll(filepath.Dir(outPath), 0o755); err != nil { - return fmt.Errorf("creating output directory: %w", err) - } - - if err := os.WriteFile(outPath, []byte(result), 0o644); err != nil { - return fmt.Errorf("writing output %s: %w", outPath, err) - } - - log.Info("render completed", "output", outPath) - return nil - }, - } - - cmd.Flags().StringVar(&templatePath, "template", "", "Path to template file (required)") - cmd.Flags().StringVar(&outputPath, "output", "", "Output file path relative to workdir (required)") - cmd.Flags().StringVar(&workdir, "workdir", "/work", "Working directory for output files") - cmd.Flags().StringVar(&mode, "mode", "envsubst", "Template mode: envsubst or gotemplate") - cmd.Flags().BoolVar(&jsonLogs, "json", false, "Enable JSON log output") - - return cmd -} diff --git a/internal/cmd/render_test.go b/internal/cmd/render_test.go deleted file mode 100644 index bbea4ef..0000000 --- a/internal/cmd/render_test.go +++ /dev/null @@ -1,273 +0,0 @@ -package cmd - -import ( - "bytes" - "os" - "path/filepath" - "strings" - "testing" - - "github.com/kitstream/initium/internal/logging" -) - -func TestRenderCmdNoTemplate(t *testing.T) { - log := logging.Default() - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{"--output", "out.conf"}) - err := cmd.Execute() - if err == nil { - t.Fatal("expected error when --template not specified") - } - if !strings.Contains(err.Error(), "--template is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestRenderCmdNoOutput(t *testing.T) { - log := logging.Default() - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{"--template", "/tmp/some.tmpl"}) - err := cmd.Execute() - if err == nil { - t.Fatal("expected error when --output not specified") - } - if !strings.Contains(err.Error(), "--output is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestRenderCmdInvalidMode(t *testing.T) { - log := logging.Default() - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{"--template", "/tmp/t.tmpl", "--output", "o.conf", "--mode", "invalid"}) - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for invalid mode") - } - if !strings.Contains(err.Error(), "must be envsubst or gotemplate") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestRenderCmdEnvsubst(t *testing.T) { - t.Setenv("RENDER_TEST_HOST", "db.local") - t.Setenv("RENDER_TEST_PORT", "3306") - - tmplDir := t.TempDir() - tmplFile := filepath.Join(tmplDir, "app.conf.tmpl") - os.WriteFile(tmplFile, []byte("host=${RENDER_TEST_HOST}\nport=$RENDER_TEST_PORT\n"), 0o644) - - workdir := t.TempDir() - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--template", tmplFile, - "--output", "app.conf", - "--workdir", workdir, - }) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "app.conf")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - - expected := "host=db.local\nport=3306\n" - if string(content) != expected { - t.Fatalf("expected %q, got %q", expected, string(content)) - } -} - -func TestRenderCmdGoTemplate(t *testing.T) { - t.Setenv("RENDER_TEST_NAME", "myapp") - - tmplDir := t.TempDir() - tmplFile := filepath.Join(tmplDir, "app.conf.tmpl") - os.WriteFile(tmplFile, []byte("name={{.RENDER_TEST_NAME}}\n"), 0o644) - - workdir := t.TempDir() - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--template", tmplFile, - "--output", "app.conf", - "--workdir", workdir, - "--mode", "gotemplate", - }) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "app.conf")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - - if string(content) != "name=myapp\n" { - t.Fatalf("expected %q, got %q", "name=myapp\n", string(content)) - } -} - -func TestRenderCmdPathTraversal(t *testing.T) { - tmplDir := t.TempDir() - tmplFile := filepath.Join(tmplDir, "t.tmpl") - os.WriteFile(tmplFile, []byte("hello"), 0o644) - - workdir := t.TempDir() - - log := logging.Default() - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--template", tmplFile, - "--output", "../../../etc/passwd", - "--workdir", workdir, - }) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for path traversal") - } - if !strings.Contains(err.Error(), "path traversal") { - t.Fatalf("expected path traversal error, got: %v", err) - } -} - -func TestRenderCmdMissingTemplate(t *testing.T) { - workdir := t.TempDir() - - log := logging.Default() - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--template", "/nonexistent/template.tmpl", - "--output", "out.conf", - "--workdir", workdir, - }) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for missing template file") - } -} - -func TestRenderCmdNestedOutputDir(t *testing.T) { - t.Setenv("RENDER_TEST_VAL", "nested") - - tmplDir := t.TempDir() - tmplFile := filepath.Join(tmplDir, "t.tmpl") - os.WriteFile(tmplFile, []byte("val=${RENDER_TEST_VAL}"), 0o644) - - workdir := t.TempDir() - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--template", tmplFile, - "--output", "sub/dir/out.conf", - "--workdir", workdir, - }) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "sub", "dir", "out.conf")) - if err != nil { - t.Fatalf("failed to read nested output: %v", err) - } - if string(content) != "val=nested" { - t.Fatalf("expected %q, got %q", "val=nested", string(content)) - } -} - -func TestRenderCmdGoTemplateInvalidSyntax(t *testing.T) { - tmplDir := t.TempDir() - tmplFile := filepath.Join(tmplDir, "bad.tmpl") - os.WriteFile(tmplFile, []byte("{{.broken"), 0o644) - - workdir := t.TempDir() - - log := logging.Default() - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--template", tmplFile, - "--output", "out.conf", - "--workdir", workdir, - "--mode", "gotemplate", - }) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for invalid go template syntax") - } -} - -func TestRenderCmdJSONOutput(t *testing.T) { - t.Setenv("RENDER_TEST_J", "jval") - - tmplDir := t.TempDir() - tmplFile := filepath.Join(tmplDir, "t.tmpl") - os.WriteFile(tmplFile, []byte("v=$RENDER_TEST_J"), 0o644) - - workdir := t.TempDir() - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--json", - "--template", tmplFile, - "--output", "out.conf", - "--workdir", workdir, - }) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, `"msg"`) { - t.Fatalf("expected JSON output, got: %s", output) - } -} - -func TestRenderCmdEmptyTemplate(t *testing.T) { - tmplDir := t.TempDir() - tmplFile := filepath.Join(tmplDir, "empty.tmpl") - os.WriteFile(tmplFile, []byte(""), 0o644) - - workdir := t.TempDir() - - log := logging.Default() - cmd := NewRenderCmd(log) - cmd.SetArgs([]string{ - "--template", tmplFile, - "--output", "empty.conf", - "--workdir", workdir, - }) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success for empty template, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "empty.conf")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - if string(content) != "" { - t.Fatalf("expected empty output, got %q", string(content)) - } -} diff --git a/internal/cmd/seed.go b/internal/cmd/seed.go deleted file mode 100644 index 7a8c6c9..0000000 --- a/internal/cmd/seed.go +++ /dev/null @@ -1,61 +0,0 @@ -package cmd - -import ( - "fmt" - - "github.com/kitstream/initium/internal/logging" - "github.com/spf13/cobra" -) - -func NewSeedCmd(log *logging.Logger) *cobra.Command { - var jsonLogs bool - - cmd := &cobra.Command{ - Use: "seed -- COMMAND [ARGS...]", - Short: "Run a database seed command with structured logging", - Long: `Execute a database seed command with structured logging and exit code forwarding. - -The command is executed directly via execve (no shell). Use "--" to separate -initium flags from the seed command and its arguments. - -Unlike migrate, seed has no idempotency hints — it is the caller's responsibility -to ensure seed operations are safe to repeat or are only run once.`, - Example: ` # Seed from a SQL file - initium seed -- psql -f /seeds/data.sql - - # Seed with a custom script - initium seed -- /app/seed --file /seeds/data.sql - - # Seed with JSON logs - initium seed --json -- python3 /scripts/seed.py`, - SilenceUsage: true, - SilenceErrors: true, - RunE: func(cmd *cobra.Command, args []string) error { - if jsonLogs { - log.SetJSON(true) - } - - if len(args) == 0 { - return fmt.Errorf("seed command is required after \"--\"") - } - - log.Info("starting seed", "command", args[0]) - - exitCode, err := runCommand(log, args) - if err != nil { - return fmt.Errorf("seed failed: %w", err) - } - - if exitCode != 0 { - return fmt.Errorf("seed exited with code %d", exitCode) - } - - log.Info("seed completed successfully") - return nil - }, - } - - cmd.Flags().BoolVar(&jsonLogs, "json", false, "Enable JSON log output") - - return cmd -} diff --git a/internal/cmd/seed_test.go b/internal/cmd/seed_test.go deleted file mode 100644 index e9969ee..0000000 --- a/internal/cmd/seed_test.go +++ /dev/null @@ -1,214 +0,0 @@ -package cmd - -import ( - "bytes" - "fmt" - "runtime" - "strings" - "testing" - - "github.com/kitstream/initium/internal/logging" -) - -func TestSeedCmdNoArgs(t *testing.T) { - log := logging.Default() - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{}) - err := cmd.Execute() - if err == nil { - t.Fatal("expected error when no command specified") - } - if !strings.Contains(err.Error(), "seed command is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestSeedCmdSuccess(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--", "echo", "seeding data"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "seed completed successfully") { - t.Fatalf("expected completion message, got: %s", output) - } - if !strings.Contains(output, "seeding data") { - t.Fatalf("expected command output in logs, got: %s", output) - } -} - -func TestSeedCmdExitCode(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--", "sh", "-c", "exit 42"}) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for non-zero exit code") - } - if !strings.Contains(err.Error(), "exited with code 42") { - t.Fatalf("expected exit code 42, got: %v", err) - } -} - -func TestSeedCmdStdoutStderr(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--", "sh", "-c", "echo out-line; echo err-line >&2"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "out-line") { - t.Fatalf("expected stdout line in logs, got: %s", output) - } - if !strings.Contains(output, "err-line") { - t.Fatalf("expected stderr line in logs, got: %s", output) - } -} - -func TestSeedCmdJSONOutput(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--json", "--", "echo", "json-test"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, `"msg"`) { - t.Fatalf("expected JSON output, got: %s", output) - } -} - -func TestSeedCmdCommandNotFound(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--", "/nonexistent/command"}) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for command not found") - } -} - -func TestSeedCmdMultipleArgs(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--", "echo", "arg1", "arg2", "arg3"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "arg1 arg2 arg3") { - t.Fatalf("expected all args in output, got: %s", output) - } -} - -func TestSeedCmdStartMessage(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--", "echo", "hello"}) - - err := cmd.Execute() - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - output := buf.String() - if !strings.Contains(output, "starting seed") { - t.Fatalf("expected starting seed message, got: %s", output) - } -} - -func TestSeedCmdFailureExitCode1(t *testing.T) { - if runtime.GOOS == "windows" { - t.Skip("skipping on windows") - } - - var buf bytes.Buffer - log := logging.New(&buf, false, logging.LevelInfo) - cmd := NewSeedCmd(log) - cmd.SetArgs([]string{"--", "sh", "-c", "exit 1"}) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for exit code 1") - } - if !strings.Contains(err.Error(), "exited with code 1") { - t.Fatalf("expected exit code 1 in error, got: %v", err) - } -} - -func TestSeedCmdNoIdempotency(t *testing.T) { - // Verify seed has no --lock-file flag (unlike migrate) - log := logging.Default() - cmd := NewSeedCmd(log) - flag := cmd.Flags().Lookup("lock-file") - if flag != nil { - t.Fatal("seed should not have a --lock-file flag; idempotency is migrate-only") - } -} - -func TestSeedCmdHelpOutput(t *testing.T) { - log := logging.Default() - cmd := NewSeedCmd(log) - - if cmd.Use != "seed -- COMMAND [ARGS...]" { - t.Fatalf("unexpected Use: %s", cmd.Use) - } - if !strings.Contains(cmd.Short, "seed") { - t.Fatalf("Short should mention seed: %s", cmd.Short) - } -} - -// Remove unused import warning - fmt is used via TestSeedCmdNoArgs error check -var _ = fmt.Sprintf diff --git a/internal/cmd/waitfor.go b/internal/cmd/waitfor.go deleted file mode 100644 index f4320f0..0000000 --- a/internal/cmd/waitfor.go +++ /dev/null @@ -1,162 +0,0 @@ -package cmd - -import ( - "context" - "crypto/tls" - "fmt" - "net" - "net/http" - "time" - - "github.com/kitstream/initium/internal/logging" - "github.com/kitstream/initium/internal/retry" - "github.com/spf13/cobra" -) - -func NewWaitForCmd(log *logging.Logger) *cobra.Command { - var ( - targets []string - timeout time.Duration - maxAttempts int - initialDelay time.Duration - maxDelay time.Duration - backoffFactor float64 - jitterFraction float64 - httpStatus int - insecureTLS bool - ) - - cmd := &cobra.Command{ - Use: "wait-for", - Short: "Wait for TCP or HTTP(S) endpoints to become available", - Long: `Wait for one or more endpoints to become reachable before proceeding. -Supports TCP connectivity checks and HTTP(S) health checks with configurable -retries, exponential backoff, and jitter. - -Targets use the format: tcp://host:port or http(s)://host:port/path`, - Example: ` # Wait for Postgres - initium wait-for --target tcp://postgres:5432 - - # Wait for multiple services - initium wait-for --target tcp://postgres:5432 --target http://api:8080/healthz - - # Wait for HTTPS endpoint allowing self-signed certs - initium wait-for --target https://vault:8200/v1/sys/health --insecure-tls`, - RunE: func(cmd *cobra.Command, args []string) error { - if len(targets) == 0 { - return fmt.Errorf("at least one --target is required") - } - - cfg := retry.Config{ - MaxAttempts: maxAttempts, - InitialDelay: initialDelay, - MaxDelay: maxDelay, - BackoffFactor: backoffFactor, - JitterFraction: jitterFraction, - } - if err := cfg.Validate(); err != nil { - return fmt.Errorf("invalid retry config: %w", err) - } - - ctx, cancel := context.WithTimeout(cmd.Context(), timeout) - defer cancel() - - for _, target := range targets { - log.Info("waiting for target", "target", target) - checker, err := newChecker(target, httpStatus, insecureTLS, timeout) - if err != nil { - return err - } - - result := retry.Do(ctx, cfg, func(ctx context.Context, attempt int) error { - log.Debug("attempt", "target", target, "attempt", fmt.Sprintf("%d", attempt+1)) - return checker(ctx) - }) - - if result.Err != nil { - log.Error("target not reachable", "target", target, "error", result.Err.Error()) - return fmt.Errorf("target %s not reachable: %w", target, result.Err) - } - - log.Info("target is reachable", "target", target, "attempts", fmt.Sprintf("%d", result.Attempt+1)) - } - - log.Info("all targets reachable") - return nil - }, - } - - cmd.Flags().StringArrayVar(&targets, "target", nil, "Target endpoint (tcp://host:port or http(s)://...)") - cmd.Flags().DurationVar(&timeout, "timeout", 5*time.Minute, "Overall timeout for all targets") - cmd.Flags().IntVar(&maxAttempts, "max-attempts", 60, "Maximum number of retry attempts per target") - cmd.Flags().DurationVar(&initialDelay, "initial-delay", time.Second, "Initial delay between retries") - cmd.Flags().DurationVar(&maxDelay, "max-delay", 30*time.Second, "Maximum delay between retries") - cmd.Flags().Float64Var(&backoffFactor, "backoff-factor", 2.0, "Backoff multiplier") - cmd.Flags().Float64Var(&jitterFraction, "jitter", 0.1, "Jitter fraction (0.0-1.0)") - cmd.Flags().IntVar(&httpStatus, "http-status", 200, "Expected HTTP status code for HTTP(S) targets") - cmd.Flags().BoolVar(&insecureTLS, "insecure-tls", false, "Allow insecure TLS connections (skip certificate verification)") - - return cmd -} - -type checkerFunc func(ctx context.Context) error - -func newChecker(target string, expectedStatus int, insecureTLS bool, timeout time.Duration) (checkerFunc, error) { - switch { - case len(target) >= 6 && target[:6] == "tcp://": - addr := target[6:] - return newTCPChecker(addr), nil - case len(target) >= 7 && target[:7] == "http://": - return newHTTPChecker(target, expectedStatus, false, timeout), nil - case len(target) >= 8 && target[:8] == "https://": - return newHTTPChecker(target, expectedStatus, insecureTLS, timeout), nil - default: - return nil, fmt.Errorf("unsupported target scheme in %q; use tcp://, http://, or https://", target) - } -} - -func newTCPChecker(addr string) checkerFunc { - return func(ctx context.Context) error { - var d net.Dialer - conn, err := d.DialContext(ctx, "tcp", addr) - if err != nil { - return fmt.Errorf("tcp dial %s: %w", addr, err) - } - conn.Close() - return nil - } -} - -func newHTTPChecker(url string, expectedStatus int, insecure bool, timeout time.Duration) checkerFunc { - perRequestTimeout := 5 * time.Second - if timeout < perRequestTimeout { - perRequestTimeout = timeout - } - - transport := &http.Transport{} - if insecure { - transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true} //nolint:gosec // user-opt-in via --insecure-tls - } - client := &http.Client{ - Timeout: perRequestTimeout, - Transport: transport, - } - - return func(ctx context.Context) error { - req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil) - if err != nil { - return fmt.Errorf("creating request for %s: %w", url, err) - } - - resp, err := client.Do(req) - if err != nil { - return fmt.Errorf("http request to %s: %w", url, err) - } - resp.Body.Close() - - if resp.StatusCode != expectedStatus { - return fmt.Errorf("http %s returned status %d, expected %d", url, resp.StatusCode, expectedStatus) - } - return nil - } -} diff --git a/internal/cmd/waitfor_test.go b/internal/cmd/waitfor_test.go deleted file mode 100644 index 96d395f..0000000 --- a/internal/cmd/waitfor_test.go +++ /dev/null @@ -1,193 +0,0 @@ -package cmd - -import ( - "context" - "fmt" - "net" - "net/http" - "net/http/httptest" - "testing" - "time" - - "github.com/kitstream/initium/internal/logging" -) - -func TestNewCheckerTCP(t *testing.T) { - listener, err := net.Listen("tcp", "127.0.0.1:0") - if err != nil { - t.Fatalf("failed to create listener: %v", err) - } - defer listener.Close() - - checker, err := newChecker("tcp://"+listener.Addr().String(), 200, false, 5*time.Second) - if err != nil { - t.Fatalf("newChecker failed: %v", err) - } - - if err := checker(context.Background()); err != nil { - t.Fatalf("TCP check failed: %v", err) - } -} - -func TestNewCheckerTCPUnreachable(t *testing.T) { - checker, err := newChecker("tcp://127.0.0.1:1", 200, false, 5*time.Second) - if err != nil { - t.Fatalf("newChecker failed: %v", err) - } - - err = checker(context.Background()) - if err == nil { - t.Fatal("expected error for unreachable TCP target") - } -} - -func TestNewCheckerHTTP(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - })) - defer srv.Close() - - checker, err := newChecker(srv.URL, 200, false, 5*time.Second) - if err != nil { - t.Fatalf("newChecker failed: %v", err) - } - - if err := checker(context.Background()); err != nil { - t.Fatalf("HTTP check failed: %v", err) - } -} - -func TestNewCheckerHTTPWrongStatus(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusServiceUnavailable) - })) - defer srv.Close() - - checker, err := newChecker(srv.URL, 200, false, 5*time.Second) - if err != nil { - t.Fatalf("newChecker failed: %v", err) - } - - err = checker(context.Background()) - if err == nil { - t.Fatal("expected error for wrong HTTP status") - } -} - -func TestNewCheckerHTTPS(t *testing.T) { - srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - })) - defer srv.Close() - - checker, err := newChecker(srv.URL, 200, false, 5*time.Second) - if err != nil { - t.Fatalf("newChecker failed: %v", err) - } - if err := checker(context.Background()); err == nil { - t.Fatal("expected error for self-signed cert without insecure-tls") - } - - checker2, err := newChecker(srv.URL, 200, true, 5*time.Second) - if err != nil { - t.Fatalf("newChecker failed: %v", err) - } - if err := checker2(context.Background()); err != nil { - t.Fatalf("HTTPS check with insecure-tls failed: %v", err) - } -} - -func TestNewCheckerInvalidScheme(t *testing.T) { - _, err := newChecker("ftp://example.com", 200, false, 5*time.Second) - if err == nil { - t.Fatal("expected error for unsupported scheme") - } -} - -func TestWaitForCmdNoTargets(t *testing.T) { - log := logging.Default() - cmd := NewWaitForCmd(log) - cmd.SetArgs([]string{}) - err := cmd.Execute() - if err == nil { - t.Fatal("expected error when no targets specified") - } -} - -func TestWaitForCmdTCPSuccess(t *testing.T) { - listener, err := net.Listen("tcp", "127.0.0.1:0") - if err != nil { - t.Fatalf("failed to create listener: %v", err) - } - defer listener.Close() - - log := logging.Default() - cmd := NewWaitForCmd(log) - cmd.SetArgs([]string{ - "--target", fmt.Sprintf("tcp://%s", listener.Addr().String()), - "--max-attempts", "3", - "--initial-delay", "10ms", - "--max-delay", "50ms", - "--timeout", "5s", - }) - - if err := cmd.Execute(); err != nil { - t.Fatalf("wait-for failed: %v", err) - } -} - -func TestWaitForCmdHTTPSuccess(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - })) - defer srv.Close() - - log := logging.Default() - cmd := NewWaitForCmd(log) - cmd.SetArgs([]string{ - "--target", srv.URL, - "--max-attempts", "3", - "--initial-delay", "10ms", - "--max-delay", "50ms", - "--timeout", "5s", - }) - - if err := cmd.Execute(); err != nil { - t.Fatalf("wait-for HTTP failed: %v", err) - } -} - -func TestWaitForCmdTCPFailure(t *testing.T) { - log := logging.Default() - cmd := NewWaitForCmd(log) - cmd.SilenceUsage = true - cmd.SilenceErrors = true - cmd.SetArgs([]string{ - "--target", "tcp://127.0.0.1:1", - "--max-attempts", "2", - "--initial-delay", "10ms", - "--max-delay", "50ms", - "--timeout", "2s", - }) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for unreachable target") - } -} - -func TestWaitForCmdInvalidRetryConfig(t *testing.T) { - log := logging.Default() - cmd := NewWaitForCmd(log) - cmd.SilenceUsage = true - cmd.SilenceErrors = true - cmd.SetArgs([]string{ - "--target", "tcp://localhost:1234", - "--max-attempts", "0", - }) - - err := cmd.Execute() - if err == nil { - t.Fatal("expected error for invalid retry config") - } -} diff --git a/internal/fetch/fetch.go b/internal/fetch/fetch.go deleted file mode 100644 index 556ac55..0000000 --- a/internal/fetch/fetch.go +++ /dev/null @@ -1,132 +0,0 @@ -package fetch - -import ( - "context" - "crypto/tls" - "fmt" - "io" - "net/http" - "net/url" - "os" - "path/filepath" - "time" - - "github.com/kitstream/initium/internal/safety" -) - -type Config struct { - URL string - OutputPath string - Workdir string - AuthEnv string - InsecureTLS bool - FollowRedirects bool - AllowCrossSiteRedirect bool - Timeout time.Duration -} - -func (c Config) Validate() error { - if c.URL == "" { - return fmt.Errorf("url is required") - } - if c.OutputPath == "" { - return fmt.Errorf("output is required") - } - if c.AllowCrossSiteRedirect && !c.FollowRedirects { - return fmt.Errorf("--allow-cross-site-redirects requires --follow-redirects") - } - return nil -} - -func Do(ctx context.Context, cfg Config) error { - if err := cfg.Validate(); err != nil { - return err - } - - outPath, err := safety.ValidateFilePath(cfg.Workdir, cfg.OutputPath) - if err != nil { - return fmt.Errorf("invalid output path: %w", err) - } - - client := buildClient(cfg) - - req, err := http.NewRequestWithContext(ctx, http.MethodGet, cfg.URL, nil) - if err != nil { - return fmt.Errorf("creating request: %w", err) - } - - if cfg.AuthEnv != "" { - authVal := os.Getenv(cfg.AuthEnv) - if authVal == "" { - return fmt.Errorf("auth env var %q is empty or not set", cfg.AuthEnv) - } - req.Header.Set("Authorization", authVal) - } - - resp, err := client.Do(req) - if err != nil { - return fmt.Errorf("HTTP request to %s: %w", cfg.URL, err) - } - defer resp.Body.Close() - - if resp.StatusCode < 200 || resp.StatusCode >= 300 { - return fmt.Errorf("HTTP %s returned status %d", cfg.URL, resp.StatusCode) - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return fmt.Errorf("reading response body: %w", err) - } - - if err := os.MkdirAll(filepath.Dir(outPath), 0o755); err != nil { - return fmt.Errorf("creating output directory: %w", err) - } - - if err := os.WriteFile(outPath, body, 0o644); err != nil { - return fmt.Errorf("writing output %s: %w", outPath, err) - } - - return nil -} - -func buildClient(cfg Config) *http.Client { - transport := &http.Transport{} - if cfg.InsecureTLS { - transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true} //nolint:gosec // user-opt-in via --insecure-tls - } - - client := &http.Client{ - Timeout: cfg.Timeout, - Transport: transport, - } - - if !cfg.FollowRedirects { - client.CheckRedirect = func(req *http.Request, via []*http.Request) error { - return http.ErrUseLastResponse - } - } else if !cfg.AllowCrossSiteRedirect { - client.CheckRedirect = sameSiteRedirectPolicy - } - - return client -} - -func sameSiteRedirectPolicy(req *http.Request, via []*http.Request) error { - if len(via) >= 10 { - return fmt.Errorf("too many redirects") - } - if len(via) == 0 { - return nil - } - origHost := hostFromURL(via[0].URL) - newHost := hostFromURL(req.URL) - if origHost != newHost { - return fmt.Errorf("cross-site redirect from %s to %s is not allowed; use --allow-cross-site-redirects to permit", origHost, newHost) - } - return nil -} - -func hostFromURL(u *url.URL) string { - h := u.Hostname() - return h -} diff --git a/internal/fetch/fetch_test.go b/internal/fetch/fetch_test.go deleted file mode 100644 index cc4caba..0000000 --- a/internal/fetch/fetch_test.go +++ /dev/null @@ -1,348 +0,0 @@ -package fetch - -import ( - "context" - "net/http" - "net/http/httptest" - "os" - "path/filepath" - "strings" - "testing" - "time" -) - -func TestDoSuccess(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - w.Write([]byte(`{"key":"value"}`)) - })) - defer srv.Close() - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "out.json", - Workdir: workdir, - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "out.json")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - if string(content) != `{"key":"value"}` { - t.Fatalf("expected JSON body, got %q", string(content)) - } -} - -func TestDoAuthHeader(t *testing.T) { - var gotAuth string - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - gotAuth = r.Header.Get("Authorization") - w.WriteHeader(http.StatusOK) - w.Write([]byte("ok")) - })) - defer srv.Close() - - t.Setenv("TEST_FETCH_AUTH", "Bearer my-token") - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "out.txt", - Workdir: workdir, - AuthEnv: "TEST_FETCH_AUTH", - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - if gotAuth != "Bearer my-token" { - t.Fatalf("expected auth header 'Bearer my-token', got %q", gotAuth) - } -} - -func TestDoAuthEnvEmpty(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - })) - defer srv.Close() - - os.Unsetenv("TEST_FETCH_AUTH_EMPTY") - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "out.txt", - Workdir: workdir, - AuthEnv: "TEST_FETCH_AUTH_EMPTY", - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err == nil { - t.Fatal("expected error for empty auth env var") - } - if !strings.Contains(err.Error(), "empty or not set") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestDoMissingURL(t *testing.T) { - cfg := Config{ - OutputPath: "out.txt", - Workdir: "/tmp", - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err == nil { - t.Fatal("expected error for missing URL") - } - if !strings.Contains(err.Error(), "url is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestDoMissingOutput(t *testing.T) { - cfg := Config{ - URL: "http://example.com", - Workdir: "/tmp", - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err == nil { - t.Fatal("expected error for missing output") - } - if !strings.Contains(err.Error(), "output is required") { - t.Fatalf("unexpected error: %v", err) - } -} - -func TestDoPathTraversal(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - })) - defer srv.Close() - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "../../../etc/passwd", - Workdir: workdir, - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err == nil { - t.Fatal("expected error for path traversal") - } - if !strings.Contains(err.Error(), "path traversal") { - t.Fatalf("expected path traversal error, got: %v", err) - } -} - -func TestDoHTTPError(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusInternalServerError) - })) - defer srv.Close() - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "out.txt", - Workdir: workdir, - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err == nil { - t.Fatal("expected error for 500 status") - } - if !strings.Contains(err.Error(), "status 500") { - t.Fatalf("expected status 500 error, got: %v", err) - } -} - -func TestDoInsecureTLS(t *testing.T) { - srv := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - w.Write([]byte("tls-ok")) - })) - defer srv.Close() - - workdir := t.TempDir() - - // Without insecure TLS: should fail - cfg := Config{ - URL: srv.URL, - OutputPath: "out.txt", - Workdir: workdir, - InsecureTLS: false, - Timeout: 5 * time.Second, - } - err := Do(context.Background(), cfg) - if err == nil { - t.Fatal("expected error for self-signed cert without insecure-tls") - } - - // With insecure TLS: should succeed - cfg.InsecureTLS = true - err = Do(context.Background(), cfg) - if err != nil { - t.Fatalf("expected success with insecure-tls, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "out.txt")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - if string(content) != "tls-ok" { - t.Fatalf("expected 'tls-ok', got %q", string(content)) - } -} - -func TestDoNoFollowRedirects(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == "/" { - http.Redirect(w, r, "/target", http.StatusFound) - return - } - w.WriteHeader(http.StatusOK) - w.Write([]byte("redirected")) - })) - defer srv.Close() - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "out.txt", - Workdir: workdir, - FollowRedirects: false, - Timeout: 5 * time.Second, - } - - // Without follow-redirects, a 302 is a non-2xx status → error - err := Do(context.Background(), cfg) - if err == nil { - t.Fatal("expected error for redirect without follow-redirects") - } - if !strings.Contains(err.Error(), "status 302") { - t.Fatalf("expected status 302 error, got: %v", err) - } -} - -func TestDoFollowRedirectsSameSite(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == "/" { - http.Redirect(w, r, "/target", http.StatusFound) - return - } - w.WriteHeader(http.StatusOK) - w.Write([]byte("redirected")) - })) - defer srv.Close() - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "out.txt", - Workdir: workdir, - FollowRedirects: true, - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err != nil { - t.Fatalf("expected success for same-site redirect, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "out.txt")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - if string(content) != "redirected" { - t.Fatalf("expected 'redirected', got %q", string(content)) - } -} - -func TestDoNestedOutputDir(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - w.Write([]byte("nested")) - })) - defer srv.Close() - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "sub/dir/out.json", - Workdir: workdir, - Timeout: 5 * time.Second, - } - - err := Do(context.Background(), cfg) - if err != nil { - t.Fatalf("expected success, got: %v", err) - } - - content, err := os.ReadFile(filepath.Join(workdir, "sub", "dir", "out.json")) - if err != nil { - t.Fatalf("failed to read output: %v", err) - } - if string(content) != "nested" { - t.Fatalf("expected 'nested', got %q", string(content)) - } -} - -func TestDoContextCancelled(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - time.Sleep(2 * time.Second) - w.WriteHeader(http.StatusOK) - })) - defer srv.Close() - - ctx, cancel := context.WithTimeout(context.Background(), 100*time.Millisecond) - defer cancel() - - workdir := t.TempDir() - cfg := Config{ - URL: srv.URL, - OutputPath: "out.txt", - Workdir: workdir, - Timeout: 10 * time.Second, - } - - err := Do(ctx, cfg) - if err == nil { - t.Fatal("expected error for cancelled context") - } -} - -func TestValidateAllowCrossSiteWithoutFollowRedirects(t *testing.T) { - cfg := Config{ - URL: "http://example.com", - OutputPath: "out.txt", - Workdir: "/tmp", - AllowCrossSiteRedirect: true, - FollowRedirects: false, - } - - err := cfg.Validate() - if err == nil { - t.Fatal("expected error when allow-cross-site-redirects is set without follow-redirects") - } - if !strings.Contains(err.Error(), "requires --follow-redirects") { - t.Fatalf("unexpected error: %v", err) - } -} diff --git a/internal/logging/logging.go b/internal/logging/logging.go deleted file mode 100644 index 5862e8a..0000000 --- a/internal/logging/logging.go +++ /dev/null @@ -1,116 +0,0 @@ -package logging - -import ( - "encoding/json" - "fmt" - "io" - "os" - "strings" - "sync" - "time" -) - -type Level int - -const ( - LevelDebug Level = iota - LevelInfo - LevelWarn - LevelError -) - -func (l Level) String() string { - switch l { - case LevelDebug: - return "DEBUG" - case LevelInfo: - return "INFO" - case LevelWarn: - return "WARN" - case LevelError: - return "ERROR" - default: - return "UNKNOWN" - } -} - -type Logger struct { - mu sync.Mutex - out io.Writer - jsonMode bool - level Level -} - -func New(out io.Writer, jsonMode bool, level Level) *Logger { - return &Logger{ - out: out, - jsonMode: jsonMode, - level: level, - } -} - -func Default() *Logger { - return New(os.Stderr, false, LevelInfo) -} - -func (l *Logger) SetJSON(enabled bool) { - l.mu.Lock() - defer l.mu.Unlock() - l.jsonMode = enabled -} - -func (l *Logger) log(level Level, msg string, kvs ...string) { - if level < l.level { - return - } - - l.mu.Lock() - defer l.mu.Unlock() - - now := time.Now().UTC().Format(time.RFC3339) - - if l.jsonMode { - entry := map[string]string{ - "time": now, - "level": level.String(), - "msg": msg, - } - for i := 0; i+1 < len(kvs); i += 2 { - entry[kvs[i]] = RedactValue(kvs[i], kvs[i+1]) - } - data, _ := json.Marshal(entry) - fmt.Fprintf(l.out, "%s\n", data) - } else { - var sb strings.Builder - fmt.Fprintf(&sb, "%s [%s] %s", now, level, msg) - for i := 0; i+1 < len(kvs); i += 2 { - fmt.Fprintf(&sb, " %s=%s", kvs[i], RedactValue(kvs[i], kvs[i+1])) - } - fmt.Fprintln(l.out, sb.String()) - } -} - -func (l *Logger) Debug(msg string, kvs ...string) { l.log(LevelDebug, msg, kvs...) } -func (l *Logger) Info(msg string, kvs ...string) { l.log(LevelInfo, msg, kvs...) } -func (l *Logger) Warn(msg string, kvs ...string) { l.log(LevelWarn, msg, kvs...) } -func (l *Logger) Error(msg string, kvs ...string) { l.log(LevelError, msg, kvs...) } - -var sensitiveKeys = map[string]bool{ - "password": true, - "secret": true, - "token": true, - "authorization": true, - "auth": true, - "api_key": true, - "apikey": true, -} - -func RedactValue(key, value string) string { - if sensitiveKeys[strings.ToLower(key)] { - if len(value) == 0 { - return "" - } - return "REDACTED" - } - return value -} diff --git a/internal/logging/logging_test.go b/internal/logging/logging_test.go deleted file mode 100644 index c64ca02..0000000 --- a/internal/logging/logging_test.go +++ /dev/null @@ -1,79 +0,0 @@ -package logging - -import ( - "bytes" - "encoding/json" - "strings" - "testing" -) - -func TestTextOutput(t *testing.T) { - var buf bytes.Buffer - l := New(&buf, false, LevelInfo) - l.Info("hello", "key", "value") - out := buf.String() - if !strings.Contains(out, "[INFO] hello") { - t.Fatalf("expected INFO log, got: %s", out) - } - if !strings.Contains(out, "key=value") { - t.Fatalf("expected key=value, got: %s", out) - } -} - -func TestJSONOutput(t *testing.T) { - var buf bytes.Buffer - l := New(&buf, true, LevelInfo) - l.Info("hello", "key", "value") - - var entry map[string]string - if err := json.Unmarshal(buf.Bytes(), &entry); err != nil { - t.Fatalf("invalid JSON: %v", err) - } - if entry["msg"] != "hello" { - t.Fatalf("expected msg=hello, got %s", entry["msg"]) - } - if entry["key"] != "value" { - t.Fatalf("expected key=value, got %s", entry["key"]) - } -} - -func TestRedaction(t *testing.T) { - var buf bytes.Buffer - l := New(&buf, false, LevelInfo) - l.Info("auth", "token", "supersecret") - out := buf.String() - if strings.Contains(out, "supersecret") { - t.Fatalf("secret was not redacted: %s", out) - } - if !strings.Contains(out, "REDACTED") { - t.Fatalf("expected REDACTED in output: %s", out) - } -} - -func TestLevelFiltering(t *testing.T) { - var buf bytes.Buffer - l := New(&buf, false, LevelWarn) - l.Info("should not appear") - l.Warn("should appear") - out := buf.String() - if strings.Contains(out, "should not appear") { - t.Fatalf("info should be filtered at warn level") - } - if !strings.Contains(out, "should appear") { - t.Fatalf("warn should not be filtered at warn level") - } -} - -func TestRedactEmptyValue(t *testing.T) { - result := RedactValue("token", "") - if result != "" { - t.Fatalf("expected empty string for empty secret, got %s", result) - } -} - -func TestRedactNonSensitive(t *testing.T) { - result := RedactValue("host", "example.com") - if result != "example.com" { - t.Fatalf("expected example.com, got %s", result) - } -} diff --git a/internal/render/render.go b/internal/render/render.go deleted file mode 100644 index 914dcc9..0000000 --- a/internal/render/render.go +++ /dev/null @@ -1,55 +0,0 @@ -package render - -import ( - "bytes" - "fmt" - "os" - "regexp" - "text/template" -) - -var envsubstPattern = regexp.MustCompile(`\$\{([a-zA-Z_][a-zA-Z0-9_]*)\}|\$([a-zA-Z_][a-zA-Z0-9_]*)`) - -func Envsubst(input string) string { - return envsubstPattern.ReplaceAllStringFunc(input, func(match string) string { - var name string - if match[1] == '{' { - name = match[2 : len(match)-1] - } else { - name = match[1:] - } - if val, ok := os.LookupEnv(name); ok { - return val - } - return match - }) -} - -func GoTemplate(input string) (string, error) { - envMap := envToMap() - - tmpl, err := template.New("initium").Option("missingkey=zero").Parse(input) - if err != nil { - return "", fmt.Errorf("parsing template: %w", err) - } - - var buf bytes.Buffer - if err := tmpl.Execute(&buf, envMap); err != nil { - return "", fmt.Errorf("executing template: %w", err) - } - - return buf.String(), nil -} - -func envToMap() map[string]string { - m := make(map[string]string) - for _, entry := range os.Environ() { - for i := 0; i < len(entry); i++ { - if entry[i] == '=' { - m[entry[:i]] = entry[i+1:] - break - } - } - } - return m -} diff --git a/internal/render/render_test.go b/internal/render/render_test.go deleted file mode 100644 index 99b6918..0000000 --- a/internal/render/render_test.go +++ /dev/null @@ -1,184 +0,0 @@ -package render - -import ( - "os" - "strings" - "testing" -) - -func TestEnvsubstBasic(t *testing.T) { - t.Setenv("RENDER_HOST", "localhost") - t.Setenv("RENDER_PORT", "5432") - - input := "host=${RENDER_HOST} port=$RENDER_PORT" - got := Envsubst(input) - expected := "host=localhost port=5432" - if got != expected { - t.Fatalf("expected %q, got %q", expected, got) - } -} - -func TestEnvsubstMissingVar(t *testing.T) { - os.Unsetenv("RENDER_MISSING_XYZ") - - input := "val=${RENDER_MISSING_XYZ}" - got := Envsubst(input) - if got != input { - t.Fatalf("expected unchanged %q, got %q", input, got) - } -} - -func TestEnvsubstEmpty(t *testing.T) { - got := Envsubst("") - if got != "" { - t.Fatalf("expected empty string, got %q", got) - } -} - -func TestEnvsubstNoVars(t *testing.T) { - input := "no variables here" - got := Envsubst(input) - if got != input { - t.Fatalf("expected %q, got %q", input, got) - } -} - -func TestEnvsubstEmptyValue(t *testing.T) { - t.Setenv("RENDER_EMPTY", "") - - input := "val=${RENDER_EMPTY}end" - got := Envsubst(input) - if got != "val=end" { - t.Fatalf("expected %q, got %q", "val=end", got) - } -} - -func TestEnvsubstSpecialChars(t *testing.T) { - t.Setenv("RENDER_SPECIAL", "hello world & \"quotes\"") - - input := "val=${RENDER_SPECIAL}" - got := Envsubst(input) - expected := "val=hello world & \"quotes\"" - if got != expected { - t.Fatalf("expected %q, got %q", expected, got) - } -} - -func TestEnvsubstMultiline(t *testing.T) { - t.Setenv("RENDER_DB", "mydb") - - input := "line1=${RENDER_DB}\nline2=$RENDER_DB\n" - got := Envsubst(input) - expected := "line1=mydb\nline2=mydb\n" - if got != expected { - t.Fatalf("expected %q, got %q", expected, got) - } -} - -func TestEnvsubstAdjacentVars(t *testing.T) { - t.Setenv("RENDER_A", "foo") - t.Setenv("RENDER_B", "bar") - - input := "${RENDER_A}${RENDER_B}" - got := Envsubst(input) - if got != "foobar" { - t.Fatalf("expected %q, got %q", "foobar", got) - } -} - -func TestEnvsubstUnderscoreInName(t *testing.T) { - t.Setenv("RENDER_MY_VAR_123", "works") - - got := Envsubst("${RENDER_MY_VAR_123}") - if got != "works" { - t.Fatalf("expected %q, got %q", "works", got) - } -} - -func TestGoTemplateBasic(t *testing.T) { - t.Setenv("RENDER_HOST", "localhost") - t.Setenv("RENDER_PORT", "5432") - - input := "host={{.RENDER_HOST}} port={{.RENDER_PORT}}" - got, err := GoTemplate(input) - if err != nil { - t.Fatalf("unexpected error: %v", err) - } - expected := "host=localhost port=5432" - if got != expected { - t.Fatalf("expected %q, got %q", expected, got) - } -} - -func TestGoTemplateMissingVar(t *testing.T) { - os.Unsetenv("RENDER_NONEXISTENT_VAR_XYZ") - - input := "val={{.RENDER_NONEXISTENT_VAR_XYZ}}" - got, err := GoTemplate(input) - if err != nil { - t.Fatalf("unexpected error: %v", err) - } - if got != "val=" { - t.Fatalf("expected %q, got %q", "val=", got) - } -} - -func TestGoTemplateEmpty(t *testing.T) { - got, err := GoTemplate("") - if err != nil { - t.Fatalf("unexpected error: %v", err) - } - if got != "" { - t.Fatalf("expected empty string, got %q", got) - } -} - -func TestGoTemplateInvalidSyntax(t *testing.T) { - _, err := GoTemplate("{{.broken") - if err == nil { - t.Fatal("expected error for invalid template syntax") - } -} - -func TestGoTemplateConditional(t *testing.T) { - t.Setenv("RENDER_ENABLED", "true") - - input := `{{if .RENDER_ENABLED}}on{{else}}off{{end}}` - got, err := GoTemplate(input) - if err != nil { - t.Fatalf("unexpected error: %v", err) - } - if got != "on" { - t.Fatalf("expected %q, got %q", "on", got) - } -} - -func TestGoTemplateSpecialChars(t *testing.T) { - t.Setenv("RENDER_JSON", `{"key":"value"}`) - - input := "data={{.RENDER_JSON}}" - got, err := GoTemplate(input) - if err != nil { - t.Fatalf("unexpected error: %v", err) - } - if !strings.Contains(got, `{"key":"value"}`) { - t.Fatalf("expected JSON content, got %q", got) - } -} - -func TestEnvToMap(t *testing.T) { - t.Setenv("RENDER_TEST_MAP", "mapval") - - m := envToMap() - if m["RENDER_TEST_MAP"] != "mapval" { - t.Fatalf("expected mapval, got %q", m["RENDER_TEST_MAP"]) - } -} - -func TestEnvsubstDollarWithoutVar(t *testing.T) { - input := "price is $5.00" - got := Envsubst(input) - if got != input { - t.Fatalf("expected %q, got %q", input, got) - } -} diff --git a/internal/retry/retry.go b/internal/retry/retry.go deleted file mode 100644 index 867472f..0000000 --- a/internal/retry/retry.go +++ /dev/null @@ -1,87 +0,0 @@ -package retry - -import ( - "context" - "fmt" - "math" - "math/rand/v2" - "time" -) - -type Config struct { - MaxAttempts int - InitialDelay time.Duration - MaxDelay time.Duration - BackoffFactor float64 - JitterFraction float64 // 0.0–1.0: fraction of delay to add as random jitter -} - -func DefaultConfig() Config { - return Config{ - MaxAttempts: 60, - InitialDelay: time.Second, - MaxDelay: 30 * time.Second, - BackoffFactor: 2.0, - JitterFraction: 0.1, - } -} - -func (c Config) Validate() error { - if c.MaxAttempts < 1 { - return fmt.Errorf("max-attempts must be >= 1, got %d", c.MaxAttempts) - } - if c.InitialDelay <= 0 { - return fmt.Errorf("initial-delay must be > 0, got %s", c.InitialDelay) - } - if c.MaxDelay < c.InitialDelay { - return fmt.Errorf("max-delay (%s) must be >= initial-delay (%s)", c.MaxDelay, c.InitialDelay) - } - if c.BackoffFactor < 1.0 { - return fmt.Errorf("backoff-factor must be >= 1.0, got %f", c.BackoffFactor) - } - if c.JitterFraction < 0 || c.JitterFraction > 1 { - return fmt.Errorf("jitter-fraction must be in [0, 1], got %f", c.JitterFraction) - } - return nil -} - -func Delay(cfg Config, attempt int) time.Duration { - delay := float64(cfg.InitialDelay) * math.Pow(cfg.BackoffFactor, float64(attempt)) - if delay > float64(cfg.MaxDelay) { - delay = float64(cfg.MaxDelay) - } - - if cfg.JitterFraction > 0 { - jitter := delay * cfg.JitterFraction * rand.Float64() - delay += jitter - } - - return time.Duration(delay) -} - -type Result struct { - Attempt int - Err error -} - -func Do(ctx context.Context, cfg Config, fn func(ctx context.Context, attempt int) error) Result { - for attempt := range cfg.MaxAttempts { - err := fn(ctx, attempt) - if err == nil { - return Result{Attempt: attempt, Err: nil} - } - - if attempt == cfg.MaxAttempts-1 { - return Result{Attempt: attempt, Err: fmt.Errorf("all %d attempts failed, last error: %w", cfg.MaxAttempts, err)} - } - - delay := Delay(cfg, attempt) - select { - case <-ctx.Done(): - return Result{Attempt: attempt, Err: fmt.Errorf("context cancelled after attempt %d: %w", attempt+1, ctx.Err())} - case <-time.After(delay): - } - } - - return Result{Err: fmt.Errorf("max attempts reached")} -} diff --git a/internal/retry/retry_test.go b/internal/retry/retry_test.go deleted file mode 100644 index 6a00c98..0000000 --- a/internal/retry/retry_test.go +++ /dev/null @@ -1,196 +0,0 @@ -package retry - -import ( - "context" - "errors" - "testing" - "time" -) - -func TestDefaultConfigValid(t *testing.T) { - cfg := DefaultConfig() - if err := cfg.Validate(); err != nil { - t.Fatalf("default config should be valid: %v", err) - } -} - -func TestConfigValidation(t *testing.T) { - tests := []struct { - name string - cfg Config - wantErr bool - }{ - {"valid", DefaultConfig(), false}, - {"zero attempts", Config{MaxAttempts: 0, InitialDelay: time.Second, MaxDelay: time.Second, BackoffFactor: 1.0}, true}, - {"negative delay", Config{MaxAttempts: 1, InitialDelay: -1, MaxDelay: time.Second, BackoffFactor: 1.0}, true}, - {"max < initial", Config{MaxAttempts: 1, InitialDelay: 2 * time.Second, MaxDelay: time.Second, BackoffFactor: 1.0}, true}, - {"backoff < 1", Config{MaxAttempts: 1, InitialDelay: time.Second, MaxDelay: time.Second, BackoffFactor: 0.5}, true}, - {"jitter negative", Config{MaxAttempts: 1, InitialDelay: time.Second, MaxDelay: time.Second, BackoffFactor: 1.0, JitterFraction: -0.1}, true}, - {"jitter > 1", Config{MaxAttempts: 1, InitialDelay: time.Second, MaxDelay: time.Second, BackoffFactor: 1.0, JitterFraction: 1.5}, true}, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - err := tt.cfg.Validate() - if tt.wantErr && err == nil { - t.Fatal("expected error") - } - if !tt.wantErr && err != nil { - t.Fatalf("unexpected error: %v", err) - } - }) - } -} - -func TestDelayExponentialBackoff(t *testing.T) { - cfg := Config{ - MaxAttempts: 10, - InitialDelay: 100 * time.Millisecond, - MaxDelay: 10 * time.Second, - BackoffFactor: 2.0, - JitterFraction: 0, - } - - d0 := Delay(cfg, 0) - d1 := Delay(cfg, 1) - d2 := Delay(cfg, 2) - - if d0 != 100*time.Millisecond { - t.Fatalf("expected 100ms, got %s", d0) - } - if d1 != 200*time.Millisecond { - t.Fatalf("expected 200ms, got %s", d1) - } - if d2 != 400*time.Millisecond { - t.Fatalf("expected 400ms, got %s", d2) - } -} - -func TestDelayCapped(t *testing.T) { - cfg := Config{ - MaxAttempts: 10, - InitialDelay: time.Second, - MaxDelay: 5 * time.Second, - BackoffFactor: 10.0, - JitterFraction: 0, - } - - d := Delay(cfg, 5) - if d > 5*time.Second { - t.Fatalf("delay %s exceeds max %s", d, 5*time.Second) - } -} - -func TestDelayWithJitter(t *testing.T) { - cfg := Config{ - MaxAttempts: 10, - InitialDelay: time.Second, - MaxDelay: 30 * time.Second, - BackoffFactor: 2.0, - JitterFraction: 0.5, - } - - d := Delay(cfg, 0) - if d < time.Second { - t.Fatalf("delay with jitter should be >= base: got %s", d) - } - if d > time.Second+500*time.Millisecond { - t.Fatalf("delay with 0.5 jitter should be <= 1.5s: got %s", d) - } -} - -func TestDoSuccess(t *testing.T) { - cfg := Config{ - MaxAttempts: 5, - InitialDelay: time.Millisecond, - MaxDelay: 10 * time.Millisecond, - BackoffFactor: 1.0, - JitterFraction: 0, - } - - calls := 0 - result := Do(context.Background(), cfg, func(_ context.Context, _ int) error { - calls++ - return nil - }) - - if result.Err != nil { - t.Fatalf("expected success, got: %v", result.Err) - } - if calls != 1 { - t.Fatalf("expected 1 call, got %d", calls) - } -} - -func TestDoRetryThenSuccess(t *testing.T) { - cfg := Config{ - MaxAttempts: 5, - InitialDelay: time.Millisecond, - MaxDelay: 10 * time.Millisecond, - BackoffFactor: 1.0, - JitterFraction: 0, - } - - calls := 0 - result := Do(context.Background(), cfg, func(_ context.Context, _ int) error { - calls++ - if calls < 3 { - return errors.New("not ready") - } - return nil - }) - - if result.Err != nil { - t.Fatalf("expected success, got: %v", result.Err) - } - if calls != 3 { - t.Fatalf("expected 3 calls, got %d", calls) - } - if result.Attempt != 2 { - t.Fatalf("expected attempt 2, got %d", result.Attempt) - } -} - -func TestDoAllFail(t *testing.T) { - cfg := Config{ - MaxAttempts: 3, - InitialDelay: time.Millisecond, - MaxDelay: 10 * time.Millisecond, - BackoffFactor: 1.0, - JitterFraction: 0, - } - - calls := 0 - result := Do(context.Background(), cfg, func(_ context.Context, _ int) error { - calls++ - return errors.New("fail") - }) - - if result.Err == nil { - t.Fatal("expected error") - } - if calls != 3 { - t.Fatalf("expected 3 calls, got %d", calls) - } -} - -func TestDoContextCancelled(t *testing.T) { - cfg := Config{ - MaxAttempts: 100, - InitialDelay: time.Second, - MaxDelay: time.Second, - BackoffFactor: 1.0, - JitterFraction: 0, - } - - ctx, cancel := context.WithCancel(context.Background()) - cancel() - - result := Do(ctx, cfg, func(_ context.Context, _ int) error { - return errors.New("fail") - }) - - if result.Err == nil { - t.Fatal("expected context error") - } -} diff --git a/internal/safety/path.go b/internal/safety/path.go deleted file mode 100644 index fa7a289..0000000 --- a/internal/safety/path.go +++ /dev/null @@ -1,26 +0,0 @@ -package safety - -import ( - "fmt" - "path/filepath" - "strings" -) - -func ValidateFilePath(workdir, target string) (string, error) { - if workdir == "" { - return "", fmt.Errorf("workdir must not be empty") - } - if filepath.IsAbs(target) { - return "", fmt.Errorf("absolute target path not allowed: %q", target) - } - absWorkdir, err := filepath.Abs(workdir) - if err != nil { - return "", fmt.Errorf("resolving workdir: %w", err) - } - joined := filepath.Join(absWorkdir, target) - cleaned := filepath.Clean(joined) - if !strings.HasPrefix(cleaned, absWorkdir+string(filepath.Separator)) && cleaned != absWorkdir { - return "", fmt.Errorf("path traversal detected: %q escapes workdir %q", target, absWorkdir) - } - return cleaned, nil -} diff --git a/internal/safety/path_test.go b/internal/safety/path_test.go deleted file mode 100644 index 402facb..0000000 --- a/internal/safety/path_test.go +++ /dev/null @@ -1,41 +0,0 @@ -package safety - -import ( - "testing" -) - -func TestValidateFilePath(t *testing.T) { - tests := []struct { - name string - workdir string - target string - wantErr bool - }{ - {"simple file", "/work", "config.yaml", false}, - {"nested file", "/work", "sub/dir/file.txt", false}, - {"path traversal", "/work", "../etc/passwd", true}, - {"absolute escape", "/work", "/etc/passwd", true}, - {"dot-dot in middle", "/work", "sub/../../etc/passwd", true}, - {"workdir itself", "/work", ".", false}, - {"empty workdir", "", "file.txt", true}, - {"empty target", "/work", "", false}, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - result, err := ValidateFilePath(tt.workdir, tt.target) - if tt.wantErr { - if err == nil { - t.Fatalf("expected error for target=%q, got path=%q", tt.target, result) - } - return - } - if err != nil { - t.Fatalf("unexpected error: %v", err) - } - if result == "" { - t.Fatal("expected non-empty result") - } - }) - } -} diff --git a/jyq.Dockerfile b/jyq.Dockerfile index 574c395..1f35e11 100644 --- a/jyq.Dockerfile +++ b/jyq.Dockerfile @@ -1,28 +1,16 @@ -FROM --platform=$BUILDPLATFORM golang:1.25-alpine AS builder - -ARG TARGETOS -ARG TARGETARCH +FROM rust:1.85-alpine AS builder ARG VERSION=dev - +RUN apk add --no-cache musl-dev WORKDIR /src -COPY go.mod go.sum ./ -RUN go mod download - +COPY Cargo.toml Cargo.lock ./ +RUN mkdir src && echo 'fn main() {}' > src/main.rs && cargo build --release && rm -rf src COPY . . -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} \ - go build -trimpath -ldflags="-s -w -X main.version=${VERSION}" \ - -o /initium ./cmd/initium - +RUN touch src/main.rs && \ + cargo build --release && \ + cp target/release/initium /initium FROM alpine:3.21 - RUN apk add --no-cache jq yq ca-certificates \ && rm -rf /var/cache/apk/* - COPY --from=builder /initium /initium - USER 65534:65534 - ENTRYPOINT ["/initium"] - - - diff --git a/src/cmd/exec.rs b/src/cmd/exec.rs new file mode 100644 index 0000000..6da80c6 --- /dev/null +++ b/src/cmd/exec.rs @@ -0,0 +1,18 @@ +use crate::logging::Logger; +pub fn run(log: &Logger, args: &[String], workdir: &str) -> Result<(), String> { + if args.is_empty() { + return Err("command is required after \"--\"".into()); + } + log.info("executing command", &[("command", &args[0])]); + let dir = if workdir.is_empty() { + None + } else { + Some(workdir) + }; + let exit_code = super::run_command_in_dir(log, args, dir)?; + if exit_code != 0 { + return Err(format!("command exited with code {}", exit_code)); + } + log.info("command completed successfully", &[]); + Ok(()) +} diff --git a/src/cmd/fetch.rs b/src/cmd/fetch.rs new file mode 100644 index 0000000..4db3ff3 --- /dev/null +++ b/src/cmd/fetch.rs @@ -0,0 +1,103 @@ +use crate::logging::Logger; +use crate::retry; +use crate::safety; +use std::fs; +use std::io::Read; +use std::time::{Duration, Instant}; +pub struct Config { + pub url: String, + pub output: String, + pub workdir: String, + pub auth_env: String, + pub insecure_tls: bool, + pub follow_redirects: bool, + pub allow_cross_site_redirects: bool, + pub timeout: Duration, +} +impl Config { + pub fn validate(&self) -> Result<(), String> { + if self.url.is_empty() { + return Err("--url is required".into()); + } + if self.output.is_empty() { + return Err("--output is required".into()); + } + if self.allow_cross_site_redirects && !self.follow_redirects { + return Err("--allow-cross-site-redirects requires --follow-redirects".into()); + } + Ok(()) + } +} +pub fn run(log: &Logger, cfg: &Config, retry_cfg: &retry::Config) -> Result<(), String> { + cfg.validate()?; + let deadline = Instant::now() + cfg.timeout; + log.info("fetching", &[("url", &cfg.url), ("output", &cfg.output)]); + let result = retry::do_retry(retry_cfg, Some(deadline), |attempt| { + log.debug("fetch attempt", &[("attempt", &format!("{}", attempt + 1))]); + do_fetch(cfg) + }); + if let Some(e) = result.err { + log.error("fetch failed", &[("url", &cfg.url), ("error", &e)]); + return Err(format!("fetch {} failed: {}", cfg.url, e)); + } + log.info( + "fetch completed", + &[ + ("url", &cfg.url), + ("output", &cfg.output), + ("attempts", &format!("{}", result.attempt + 1)), + ], + ); + Ok(()) +} +fn do_fetch(cfg: &Config) -> Result<(), String> { + let out_path = safety::validate_file_path(&cfg.workdir, &cfg.output)?; + let agent = if cfg.insecure_tls { + use std::sync::Arc; + let crypto_provider = rustls::crypto::ring::default_provider(); + let tls_config = rustls::ClientConfig::builder_with_provider(Arc::new(crypto_provider)) + .with_safe_default_protocol_versions() + .unwrap() + .dangerous() + .with_custom_certificate_verifier(Arc::new(super::wait_for::NoVerifier)) + .with_no_client_auth(); + ureq::AgentBuilder::new() + .timeout(cfg.timeout) + .tls_config(Arc::new(tls_config)) + .redirects(if cfg.follow_redirects { 10 } else { 0 }) + .build() + } else { + ureq::AgentBuilder::new() + .timeout(cfg.timeout) + .redirects(if cfg.follow_redirects { 10 } else { 0 }) + .build() + }; + let mut req = agent.get(&cfg.url); + if !cfg.auth_env.is_empty() { + let auth_val = std::env::var(&cfg.auth_env) + .map_err(|_| format!("auth env var {:?} is empty or not set", cfg.auth_env))?; + if auth_val.is_empty() { + return Err(format!( + "auth env var {:?} is empty or not set", + cfg.auth_env + )); + } + req = req.set("Authorization", &auth_val); + } + let resp = req + .call() + .map_err(|e| format!("HTTP request to {}: {}", cfg.url, e))?; + let status = resp.status(); + if !(200..300).contains(&status) { + return Err(format!("HTTP {} returned status {}", cfg.url, status)); + } + let mut body = Vec::new(); + resp.into_reader() + .read_to_end(&mut body) + .map_err(|e| format!("reading response body: {}", e))?; + if let Some(parent) = out_path.parent() { + fs::create_dir_all(parent).map_err(|e| format!("creating output directory: {}", e))?; + } + fs::write(&out_path, &body).map_err(|e| format!("writing output {:?}: {}", out_path, e))?; + Ok(()) +} diff --git a/src/cmd/migrate.rs b/src/cmd/migrate.rs new file mode 100644 index 0000000..b9b2f24 --- /dev/null +++ b/src/cmd/migrate.rs @@ -0,0 +1,35 @@ +use crate::logging::Logger; +use crate::safety; +use std::fs; +pub fn run(log: &Logger, args: &[String], workdir: &str, lock_file: &str) -> Result<(), String> { + if args.is_empty() { + return Err("migration command is required after \"--\"".into()); + } + if !lock_file.is_empty() { + let lock_path = safety::validate_file_path(workdir, lock_file)?; + if lock_path.exists() { + log.info( + "lock file exists, skipping migration", + &[("lock-file", lock_path.to_str().unwrap_or(""))], + ); + return Ok(()); + } + } + log.info("starting migration", &[("command", &args[0])]); + let exit_code = super::run_command(log, args)?; + if exit_code != 0 { + return Err(format!("migration exited with code {}", exit_code)); + } + if !lock_file.is_empty() { + let lock_path = safety::validate_file_path(workdir, lock_file)?; + fs::create_dir_all(workdir).map_err(|e| format!("creating workdir {}: {}", workdir, e))?; + fs::write(&lock_path, "migrated\n") + .map_err(|e| format!("writing lock file {:?}: {}", lock_path, e))?; + log.info( + "lock file created", + &[("lock-file", lock_path.to_str().unwrap_or(""))], + ); + } + log.info("migration completed successfully", &[]); + Ok(()) +} diff --git a/src/cmd/mod.rs b/src/cmd/mod.rs new file mode 100644 index 0000000..2e8951a --- /dev/null +++ b/src/cmd/mod.rs @@ -0,0 +1,51 @@ +pub mod exec; +pub mod fetch; +pub mod migrate; +pub mod render; +pub mod seed; +pub mod wait_for; +use crate::logging::Logger; +use std::io::{BufRead, BufReader, Read}; +use std::process::Command; +pub fn run_command(log: &Logger, args: &[String]) -> Result { + run_command_in_dir(log, args, None) +} +pub fn run_command_in_dir(log: &Logger, args: &[String], dir: Option<&str>) -> Result { + let mut cmd = Command::new(&args[0]); + cmd.args(&args[1..]); + if let Some(d) = dir { + cmd.current_dir(d); + } + cmd.stdin(std::process::Stdio::null()); + cmd.stdout(std::process::Stdio::piped()); + cmd.stderr(std::process::Stdio::piped()); + let mut child = cmd + .spawn() + .map_err(|e| format!("starting command {:?}: {}", args[0], e))?; + let stdout = child.stdout.take(); + let stderr = child.stderr.take(); + std::thread::scope(|s| { + let h1 = s.spawn(|| { + if let Some(r) = stdout { + stream_lines(log, r, "stdout"); + } + }); + let h2 = s.spawn(|| { + if let Some(r) = stderr { + stream_lines(log, r, "stderr"); + } + }); + h1.join().ok(); + h2.join().ok(); + }); + let status = child + .wait() + .map_err(|e| format!("waiting for command: {}", e))?; + Ok(status.code().unwrap_or(-1)) +} +fn stream_lines(log: &Logger, reader: R, stream: &str) { + let buf = BufReader::new(reader); + for l in buf.lines().map_while(Result::ok) { + log.info(&l, &[("stream", stream)]); + } +} diff --git a/src/cmd/render.rs b/src/cmd/render.rs new file mode 100644 index 0000000..8904e96 --- /dev/null +++ b/src/cmd/render.rs @@ -0,0 +1,54 @@ +use crate::logging::Logger; +use crate::render as render_lib; +use crate::safety; +use std::fs; + +pub fn run( + log: &Logger, + template: &str, + output: &str, + workdir: &str, + mode: &str, +) -> Result<(), String> { + if template.is_empty() { + return Err("--template is required".into()); + } + if output.is_empty() { + return Err("--output is required".into()); + } + if mode != "envsubst" && mode != "gotemplate" { + return Err(format!( + "--mode must be envsubst or gotemplate, got {:?}", + mode + )); + } + + let out_path = safety::validate_file_path(workdir, output)?; + let data = fs::read_to_string(template) + .map_err(|e| format!("reading template {}: {}", template, e))?; + + log.info( + "rendering template", + &[ + ("template", template), + ("output", out_path.to_str().unwrap_or("")), + ("mode", mode), + ], + ); + + let result = match mode { + "envsubst" => render_lib::envsubst(&data), + "gotemplate" => render_lib::template_render(&data)?, + _ => unreachable!(), + }; + + if let Some(parent) = out_path.parent() { + fs::create_dir_all(parent).map_err(|e| format!("creating output directory: {}", e))?; + } + fs::write(&out_path, result).map_err(|e| format!("writing output {:?}: {}", out_path, e))?; + log.info( + "render completed", + &[("output", out_path.to_str().unwrap_or(""))], + ); + Ok(()) +} diff --git a/src/cmd/seed.rs b/src/cmd/seed.rs new file mode 100644 index 0000000..38b4db9 --- /dev/null +++ b/src/cmd/seed.rs @@ -0,0 +1,13 @@ +use crate::logging::Logger; +pub fn run(log: &Logger, args: &[String]) -> Result<(), String> { + if args.is_empty() { + return Err("seed command is required after \"--\"".into()); + } + log.info("starting seed", &[("command", &args[0])]); + let exit_code = super::run_command(log, args)?; + if exit_code != 0 { + return Err(format!("seed exited with code {}", exit_code)); + } + log.info("seed completed successfully", &[]); + Ok(()) +} diff --git a/src/cmd/wait_for.rs b/src/cmd/wait_for.rs new file mode 100644 index 0000000..9ad7d11 --- /dev/null +++ b/src/cmd/wait_for.rs @@ -0,0 +1,149 @@ +use crate::logging::Logger; +use crate::retry; +use std::net::TcpStream; +use std::time::{Duration, Instant}; +pub fn run( + log: &Logger, + targets: &[String], + cfg: &retry::Config, + timeout: Duration, + http_status: u16, + insecure_tls: bool, +) -> Result<(), String> { + if targets.is_empty() { + return Err("at least one --target is required".into()); + } + let deadline = Instant::now() + timeout; + for target in targets { + log.info("waiting for target", &[("target", target)]); + let result = retry::do_retry(cfg, Some(deadline), |attempt| { + log.debug( + "attempt", + &[("target", target), ("attempt", &format!("{}", attempt + 1))], + ); + check_target(target, http_status, insecure_tls, timeout) + }); + if let Some(e) = result.err { + log.error("target not reachable", &[("target", target), ("error", &e)]); + return Err(format!("target {} not reachable: {}", target, e)); + } + log.info( + "target is reachable", + &[ + ("target", target), + ("attempts", &format!("{}", result.attempt + 1)), + ], + ); + } + log.info("all targets reachable", &[]); + Ok(()) +} +fn check_target( + target: &str, + expected_status: u16, + insecure_tls: bool, + timeout: Duration, +) -> Result<(), String> { + if let Some(addr) = target.strip_prefix("tcp://") { + check_tcp(addr, timeout) + } else if target.starts_with("http://") || target.starts_with("https://") { + check_http(target, expected_status, insecure_tls, timeout) + } else { + Err(format!( + "unsupported target scheme in {:?}; use tcp://, http://, or https://", + target + )) + } +} +fn check_tcp(addr: &str, timeout: Duration) -> Result<(), String> { + let per_req = timeout.min(Duration::from_secs(5)); + let addrs: Vec = addr + .to_socket_addrs_safe() + .map_err(|e| format!("resolving {}: {}", addr, e))?; + if addrs.is_empty() { + return Err(format!("could not resolve {}", addr)); + } + TcpStream::connect_timeout(&addrs[0], per_req) + .map_err(|e| format!("tcp dial {}: {}", addr, e))?; + Ok(()) +} +fn check_http( + url: &str, + expected_status: u16, + insecure_tls: bool, + timeout: Duration, +) -> Result<(), String> { + let per_req = timeout.min(Duration::from_secs(5)); + let agent = if insecure_tls { + use std::sync::Arc; + let crypto_provider = rustls::crypto::ring::default_provider(); + let tls_config = rustls::ClientConfig::builder_with_provider(Arc::new(crypto_provider)) + .with_safe_default_protocol_versions() + .unwrap() + .dangerous() + .with_custom_certificate_verifier(Arc::new(NoVerifier)) + .with_no_client_auth(); + ureq::AgentBuilder::new() + .timeout(per_req) + .tls_config(Arc::new(tls_config)) + .build() + } else { + ureq::AgentBuilder::new().timeout(per_req).build() + }; + let resp = agent + .get(url) + .call() + .map_err(|e| format!("http request to {}: {}", url, e))?; + let status = resp.status(); + if status != expected_status { + return Err(format!( + "http {} returned status {}, expected {}", + url, status, expected_status + )); + } + Ok(()) +} +trait ToSocketAddrs { + fn to_socket_addrs_safe(&self) -> std::io::Result>; +} +impl ToSocketAddrs for str { + fn to_socket_addrs_safe(&self) -> std::io::Result> { + use std::net::ToSocketAddrs; + Ok(self.to_socket_addrs()?.collect()) + } +} +#[derive(Debug)] +pub struct NoVerifier; +impl rustls::client::danger::ServerCertVerifier for NoVerifier { + fn verify_server_cert( + &self, + _: &rustls::pki_types::CertificateDer<'_>, + _: &[rustls::pki_types::CertificateDer<'_>], + _: &rustls::pki_types::ServerName<'_>, + _: &[u8], + _: rustls::pki_types::UnixTime, + ) -> Result { + Ok(rustls::client::danger::ServerCertVerified::assertion()) + } + fn verify_tls12_signature( + &self, + _: &[u8], + _: &rustls::pki_types::CertificateDer<'_>, + _: &rustls::DigitallySignedStruct, + ) -> Result { + Ok(rustls::client::danger::HandshakeSignatureValid::assertion()) + } + fn verify_tls13_signature( + &self, + _: &[u8], + _: &rustls::pki_types::CertificateDer<'_>, + _: &rustls::DigitallySignedStruct, + ) -> Result { + Ok(rustls::client::danger::HandshakeSignatureValid::assertion()) + } + fn supported_verify_schemes(&self) -> Vec { + rustls::crypto::ring::default_provider() + .signature_verification_algorithms + .supported_schemes() + } +} diff --git a/src/logging.rs b/src/logging.rs new file mode 100644 index 0000000..0cb483d --- /dev/null +++ b/src/logging.rs @@ -0,0 +1,185 @@ +use chrono::Utc; +use std::io::Write; +use std::sync::Mutex; + +#[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord)] +#[allow(dead_code)] +pub enum Level { + Debug, + Info, + Warn, + Error, +} + +impl std::fmt::Display for Level { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + match self { + Level::Debug => write!(f, "DEBUG"), + Level::Info => write!(f, "INFO"), + Level::Warn => write!(f, "WARN"), + Level::Error => write!(f, "ERROR"), + } + } +} + +pub struct Logger { + out: Mutex>, + json_mode: Mutex, + level: Level, +} + +impl Logger { + pub fn new(out: Box, json_mode: bool, level: Level) -> Self { + Self { + out: Mutex::new(out), + json_mode: Mutex::new(json_mode), + level, + } + } + + pub fn default_logger() -> Self { + Self::new(Box::new(std::io::stderr()), false, Level::Info) + } + + pub fn set_json(&self, enabled: bool) { + *self.json_mode.lock().unwrap() = enabled; + } + + fn log(&self, level: Level, msg: &str, kvs: &[(&str, &str)]) { + if level < self.level { + return; + } + let now = Utc::now().format("%Y-%m-%dT%H:%M:%SZ").to_string(); + let json_mode = *self.json_mode.lock().unwrap(); + let mut out = self.out.lock().unwrap(); + + if json_mode { + let mut map = serde_json::Map::new(); + map.insert("time".into(), serde_json::Value::String(now)); + map.insert("level".into(), serde_json::Value::String(level.to_string())); + map.insert("msg".into(), serde_json::Value::String(msg.into())); + for (k, v) in kvs { + map.insert((*k).into(), serde_json::Value::String(redact_value(k, v))); + } + let _ = writeln!(out, "{}", serde_json::Value::Object(map)); + } else { + let mut line = format!("{} [{}] {}", now, level, msg); + for (k, v) in kvs { + line.push_str(&format!(" {}={}", k, redact_value(k, v))); + } + let _ = writeln!(out, "{}", line); + } + } + + pub fn debug(&self, msg: &str, kvs: &[(&str, &str)]) { + self.log(Level::Debug, msg, kvs); + } + pub fn info(&self, msg: &str, kvs: &[(&str, &str)]) { + self.log(Level::Info, msg, kvs); + } + #[allow(dead_code)] + pub fn warn(&self, msg: &str, kvs: &[(&str, &str)]) { + self.log(Level::Warn, msg, kvs); + } + pub fn error(&self, msg: &str, kvs: &[(&str, &str)]) { + self.log(Level::Error, msg, kvs); + } +} + +const SENSITIVE_KEYS: &[&str] = &[ + "password", + "secret", + "token", + "authorization", + "auth", + "api_key", + "apikey", +]; + +pub fn redact_value(key: &str, value: &str) -> String { + if SENSITIVE_KEYS.contains(&key.to_lowercase().as_str()) { + if value.is_empty() { + return String::new(); + } + return "REDACTED".into(); + } + value.into() +} + +#[cfg(test)] +mod tests { + use super::*; + use std::sync::Arc; + + fn capture_logger(json: bool, level: Level) -> (Arc, Arc>>) { + let buf = Arc::new(Mutex::new(Vec::new())); + struct SharedBuf(Arc>>); + impl Write for SharedBuf { + fn write(&mut self, data: &[u8]) -> std::io::Result { + self.0.lock().unwrap().write(data) + } + fn flush(&mut self) -> std::io::Result<()> { + Ok(()) + } + } + let logger = Arc::new(Logger::new(Box::new(SharedBuf(buf.clone())), json, level)); + (logger, buf) + } + + #[test] + fn test_text_output() { + let (log, buf) = capture_logger(false, Level::Info); + log.info("hello world", &[]); + let output = String::from_utf8(buf.lock().unwrap().clone()).unwrap(); + assert!(output.contains("[INFO]")); + assert!(output.contains("hello world")); + } + + #[test] + fn test_json_output() { + let (log, buf) = capture_logger(true, Level::Info); + log.info("test message", &[("key", "val")]); + let output = String::from_utf8(buf.lock().unwrap().clone()).unwrap(); + assert!(output.contains("\"msg\"")); + assert!(output.contains("test message")); + assert!(output.contains("\"key\"")); + } + + #[test] + fn test_level_filtering() { + let (log, buf) = capture_logger(false, Level::Warn); + log.info("should not appear", &[]); + log.warn("should appear", &[]); + let output = String::from_utf8(buf.lock().unwrap().clone()).unwrap(); + assert!(!output.contains("should not appear")); + assert!(output.contains("should appear")); + } + + #[test] + fn test_redact_sensitive() { + assert_eq!(redact_value("password", "secret123"), "REDACTED"); + assert_eq!(redact_value("Token", "abc"), "REDACTED"); + assert_eq!(redact_value("normal", "value"), "value"); + assert_eq!(redact_value("password", ""), ""); + } + + #[test] + fn test_set_json() { + let (log, buf) = capture_logger(false, Level::Info); + log.info("text mode", &[]); + log.set_json(true); + log.info("json mode", &[]); + let output = String::from_utf8(buf.lock().unwrap().clone()).unwrap(); + assert!(output.contains("[INFO] text mode")); + assert!(output.contains("\"msg\"")); + } + + #[test] + fn test_kvs_in_text() { + let (log, buf) = capture_logger(false, Level::Info); + log.info("msg", &[("k1", "v1"), ("k2", "v2")]); + let output = String::from_utf8(buf.lock().unwrap().clone()).unwrap(); + assert!(output.contains("k1=v1")); + assert!(output.contains("k2=v2")); + } +} diff --git a/src/main.rs b/src/main.rs new file mode 100644 index 0000000..93a1cf5 --- /dev/null +++ b/src/main.rs @@ -0,0 +1,222 @@ +mod cmd; +mod logging; +mod render; +mod retry; +mod safety; + +use clap::{Parser, Subcommand}; +use std::time::Duration; + +#[derive(Parser)] +#[command( + name = "initium", + version, + about = "Swiss-army toolbox for Kubernetes initContainers" +)] +#[command( + long_about = "Initium is a multi-tool CLI for Kubernetes initContainers.\nIt provides subcommands to wait for dependencies, run migrations,\nseed databases, render config templates, fetch secrets, and execute\narbitrary commands -- all with safe defaults, structured logging,\nand security guardrails." +)] +struct Cli { + #[arg(long, global = true, help = "Enable JSON log output")] + json: bool, + + #[command(subcommand)] + command: Commands, +} + +#[derive(Subcommand)] +enum Commands { + /// Wait for TCP or HTTP(S) endpoints to become available + WaitFor { + #[arg( + long, + required = true, + help = "Target endpoint (tcp://host:port or http(s)://...)" + )] + target: Vec, + #[arg(long, default_value = "300", help = "Overall timeout in seconds")] + timeout: u64, + #[arg(long, default_value = "60", help = "Maximum retry attempts")] + max_attempts: u32, + #[arg(long, default_value = "1000", help = "Initial delay in milliseconds")] + initial_delay: u64, + #[arg(long, default_value = "30000", help = "Maximum delay in milliseconds")] + max_delay: u64, + #[arg(long, default_value = "2.0", help = "Backoff multiplier")] + backoff_factor: f64, + #[arg(long, default_value = "0.1", help = "Jitter fraction (0.0-1.0)")] + jitter: f64, + #[arg(long, default_value = "200", help = "Expected HTTP status code")] + http_status: u16, + #[arg(long, help = "Allow insecure TLS connections")] + insecure_tls: bool, + }, + + /// Run a database migration command with structured logging + Migrate { + #[arg(long, default_value = "/work", help = "Working directory")] + workdir: String, + #[arg(long, default_value = "", help = "Lock file for idempotency")] + lock_file: String, + #[arg(trailing_var_arg = true, allow_hyphen_values = true)] + args: Vec, + }, + + /// Run a database seed command with structured logging + Seed { + #[arg(trailing_var_arg = true, allow_hyphen_values = true)] + args: Vec, + }, + + /// Render templates into config files + Render { + #[arg(long, help = "Path to template file")] + template: String, + #[arg(long, help = "Output file path relative to workdir")] + output: String, + #[arg(long, default_value = "/work", help = "Working directory")] + workdir: String, + #[arg( + long, + default_value = "envsubst", + help = "Template mode: envsubst or gotemplate" + )] + mode: String, + }, + + /// Fetch secrets or config from HTTP(S) endpoints + Fetch { + #[arg(long, help = "URL to fetch")] + url: String, + #[arg(long, help = "Output file path relative to workdir")] + output: String, + #[arg(long, default_value = "/work", help = "Working directory")] + workdir: String, + #[arg(long, default_value = "", help = "Env var containing auth header")] + auth_env: String, + #[arg(long, help = "Skip TLS verification")] + insecure_tls: bool, + #[arg(long, help = "Follow HTTP redirects")] + follow_redirects: bool, + #[arg(long, help = "Allow cross-site redirects")] + allow_cross_site_redirects: bool, + #[arg(long, default_value = "300", help = "Timeout in seconds")] + timeout: u64, + #[arg(long, default_value = "3", help = "Max retry attempts")] + max_attempts: u32, + #[arg(long, default_value = "1000", help = "Initial delay in ms")] + initial_delay: u64, + #[arg(long, default_value = "30000", help = "Max delay in ms")] + max_delay: u64, + #[arg(long, default_value = "2.0", help = "Backoff factor")] + backoff_factor: f64, + #[arg(long, default_value = "0.1", help = "Jitter fraction")] + jitter: f64, + }, + + /// Run arbitrary commands with structured logging + Exec { + #[arg(long, default_value = "", help = "Working directory")] + workdir: String, + #[arg(trailing_var_arg = true, allow_hyphen_values = true)] + args: Vec, + }, +} + +fn main() { + let cli = Cli::parse(); + let log = logging::Logger::default_logger(); + if cli.json { + log.set_json(true); + } + + let result = match cli.command { + Commands::WaitFor { + target, + timeout, + max_attempts, + initial_delay, + max_delay, + backoff_factor, + jitter, + http_status, + insecure_tls, + } => { + let cfg = retry::Config { + max_attempts, + initial_delay: Duration::from_millis(initial_delay), + max_delay: Duration::from_millis(max_delay), + backoff_factor, + jitter_fraction: jitter, + }; + if let Err(e) = cfg.validate() { + Err(format!("invalid retry config: {}", e)) + } else { + cmd::wait_for::run( + &log, + &target, + &cfg, + Duration::from_secs(timeout), + http_status, + insecure_tls, + ) + } + } + Commands::Migrate { + workdir, + lock_file, + args, + } => cmd::migrate::run(&log, &args, &workdir, &lock_file), + Commands::Seed { args } => cmd::seed::run(&log, &args), + Commands::Render { + template, + output, + workdir, + mode, + } => cmd::render::run(&log, &template, &output, &workdir, &mode), + Commands::Fetch { + url, + output, + workdir, + auth_env, + insecure_tls, + follow_redirects, + allow_cross_site_redirects, + timeout, + max_attempts, + initial_delay, + max_delay, + backoff_factor, + jitter, + } => { + let fetch_cfg = cmd::fetch::Config { + url, + output, + workdir, + auth_env, + insecure_tls, + follow_redirects, + allow_cross_site_redirects, + timeout: Duration::from_secs(timeout), + }; + let retry_cfg = retry::Config { + max_attempts, + initial_delay: Duration::from_millis(initial_delay), + max_delay: Duration::from_millis(max_delay), + backoff_factor, + jitter_fraction: jitter, + }; + if let Err(e) = retry_cfg.validate() { + Err(format!("invalid retry config: {}", e)) + } else { + cmd::fetch::run(&log, &fetch_cfg, &retry_cfg) + } + } + Commands::Exec { workdir, args } => cmd::exec::run(&log, &args, &workdir), + }; + + if let Err(e) = result { + log.error(&e, &[]); + std::process::exit(1); + } +} diff --git a/src/render.rs b/src/render.rs new file mode 100644 index 0000000..9084603 --- /dev/null +++ b/src/render.rs @@ -0,0 +1,99 @@ +use regex::Regex; +use std::env; +pub fn envsubst(input: &str) -> String { + let re = Regex::new(r"\$\{([a-zA-Z_][a-zA-Z0-9_]*)\}|\$([a-zA-Z_][a-zA-Z0-9_]*)").unwrap(); + re.replace_all(input, |caps: ®ex::Captures| { + let name = caps.get(1).or_else(|| caps.get(2)).unwrap().as_str(); + match env::var(name) { + Ok(val) => val, + Err(_) => caps[0].to_string(), + } + }) + .into_owned() +} +pub fn template_render(input: &str) -> Result { + let env_map: std::collections::HashMap = env::vars().collect(); + let mut jinja_env = minijinja::Environment::new(); + jinja_env.set_undefined_behavior(minijinja::UndefinedBehavior::Lenient); + jinja_env + .add_template("t", input) + .map_err(|e| format!("parsing template: {}", e))?; + let tmpl = jinja_env + .get_template("t") + .map_err(|e| format!("getting template: {}", e))?; + tmpl.render(minijinja::context!(env => env_map)) + .map_err(|e| format!("executing template: {}", e)) +} +#[cfg(test)] +mod tests { + use super::*; + #[test] + fn test_envsubst_basic() { + env::set_var("TEST_RENDER_VAR", "hello"); + assert_eq!(envsubst("say ${TEST_RENDER_VAR}"), "say hello"); + assert_eq!(envsubst("say $TEST_RENDER_VAR"), "say hello"); + } + #[test] + fn test_envsubst_missing() { + env::remove_var("MISSING_VAR_XYZ"); + assert_eq!(envsubst("${MISSING_VAR_XYZ}"), "${MISSING_VAR_XYZ}"); + } + #[test] + fn test_envsubst_empty() { + assert_eq!(envsubst(""), ""); + } + #[test] + fn test_envsubst_no_vars() { + assert_eq!(envsubst("no vars here"), "no vars here"); + } + #[test] + fn test_envsubst_empty_value() { + env::set_var("TEST_EMPTY_VAR", ""); + assert_eq!(envsubst("${TEST_EMPTY_VAR}"), ""); + } + #[test] + fn test_envsubst_special_chars() { + env::set_var("TEST_SPECIAL", "a=b&c"); + assert_eq!(envsubst("${TEST_SPECIAL}"), "a=b&c"); + } + #[test] + fn test_envsubst_multiline() { + env::set_var("TEST_ML", "val"); + let input = "line1 ${TEST_ML}\nline2 $TEST_ML"; + let output = envsubst(input); + assert!(output.contains("line1 val")); + assert!(output.contains("line2 val")); + } + #[test] + fn test_envsubst_adjacent() { + env::set_var("TEST_A", "X"); + env::set_var("TEST_B", "Y"); + assert_eq!(envsubst("${TEST_A}${TEST_B}"), "XY"); + } + #[test] + fn test_template_basic() { + env::set_var("TEST_TPL_VAR", "world"); + let result = template_render("hello {{ env.TEST_TPL_VAR }}").unwrap(); + assert_eq!(result, "hello world"); + } + #[test] + fn test_template_missing() { + let result = template_render("{{ env.NONEXISTENT_TPL_VAR_XYZ }}").unwrap(); + assert_eq!(result.trim(), ""); + } + #[test] + fn test_template_empty() { + assert_eq!(template_render("").unwrap(), ""); + } + #[test] + fn test_template_invalid() { + let result = template_render("{{ invalid %}"); + assert!(result.is_err()); + } + #[test] + fn test_template_conditional() { + env::set_var("TEST_COND", "yes"); + let result = template_render("{% if env.TEST_COND %}ok{% endif %}").unwrap(); + assert_eq!(result, "ok"); + } +} diff --git a/src/retry.rs b/src/retry.rs new file mode 100644 index 0000000..fad814e --- /dev/null +++ b/src/retry.rs @@ -0,0 +1,211 @@ +use std::time::{Duration, Instant}; + +pub struct Config { + pub max_attempts: u32, + pub initial_delay: Duration, + pub max_delay: Duration, + pub backoff_factor: f64, + pub jitter_fraction: f64, +} + +impl Config { + pub fn validate(&self) -> Result<(), String> { + if self.max_attempts < 1 { + return Err(format!( + "max-attempts must be >= 1, got {}", + self.max_attempts + )); + } + if self.initial_delay.is_zero() { + return Err("initial-delay must be > 0".into()); + } + if self.max_delay < self.initial_delay { + return Err(format!( + "max-delay ({:?}) must be >= initial-delay ({:?})", + self.max_delay, self.initial_delay + )); + } + if self.backoff_factor < 1.0 { + return Err(format!( + "backoff-factor must be >= 1.0, got {}", + self.backoff_factor + )); + } + if !(0.0..=1.0).contains(&self.jitter_fraction) { + return Err(format!( + "jitter-fraction must be in [0, 1], got {}", + self.jitter_fraction + )); + } + Ok(()) + } +} + +pub fn delay(cfg: &Config, attempt: u32) -> Duration { + let base = cfg.initial_delay.as_secs_f64() * cfg.backoff_factor.powi(attempt as i32); + let capped = base.min(cfg.max_delay.as_secs_f64()); + let jitter = if cfg.jitter_fraction > 0.0 { + capped * cfg.jitter_fraction * rand::random::() + } else { + 0.0 + }; + Duration::from_secs_f64(capped + jitter) +} + +pub struct RetryResult { + pub attempt: u32, + pub err: Option, +} + +pub fn do_retry(cfg: &Config, deadline: Option, mut f: F) -> RetryResult +where + F: FnMut(u32) -> std::result::Result<(), String>, +{ + for attempt in 0..cfg.max_attempts { + match f(attempt) { + Ok(()) => return RetryResult { attempt, err: None }, + Err(e) => { + if attempt == cfg.max_attempts - 1 { + return RetryResult { + attempt, + err: Some(format!( + "all {} attempts failed, last error: {}", + cfg.max_attempts, e + )), + }; + } + let d = delay(cfg, attempt); + if let Some(dl) = deadline { + if Instant::now() + d > dl { + return RetryResult { + attempt, + err: Some(format!("deadline exceeded after attempt {}", attempt + 1)), + }; + } + } + std::thread::sleep(d); + } + } + } + RetryResult { + attempt: 0, + err: Some("max attempts reached".into()), + } +} + +#[cfg(test)] +mod tests { + use super::*; + + fn test_config() -> Config { + Config { + max_attempts: 3, + initial_delay: Duration::from_millis(10), + max_delay: Duration::from_millis(100), + backoff_factor: 2.0, + jitter_fraction: 0.0, + } + } + + #[test] + fn test_validate_ok() { + assert!(test_config().validate().is_ok()); + } + + #[test] + fn test_validate_max_attempts() { + let mut cfg = test_config(); + cfg.max_attempts = 0; + assert!(cfg.validate().is_err()); + } + + #[test] + fn test_validate_initial_delay() { + let mut cfg = test_config(); + cfg.initial_delay = Duration::ZERO; + assert!(cfg.validate().is_err()); + } + + #[test] + fn test_validate_max_delay() { + let mut cfg = test_config(); + cfg.max_delay = Duration::from_millis(1); + assert!(cfg.validate().is_err()); + } + + #[test] + fn test_validate_backoff() { + let mut cfg = test_config(); + cfg.backoff_factor = 0.5; + assert!(cfg.validate().is_err()); + } + + #[test] + fn test_validate_jitter() { + let mut cfg = test_config(); + cfg.jitter_fraction = 1.5; + assert!(cfg.validate().is_err()); + } + + #[test] + fn test_delay_exponential() { + let cfg = test_config(); + let d0 = delay(&cfg, 0); + let d1 = delay(&cfg, 1); + let d2 = delay(&cfg, 2); + assert!(d1 > d0); + assert!(d2 > d1); + } + + #[test] + fn test_delay_capped() { + let cfg = test_config(); + let d = delay(&cfg, 100); + assert!(d <= cfg.max_delay + Duration::from_millis(1)); + } + + #[test] + fn test_do_success() { + let cfg = test_config(); + let result = do_retry(&cfg, None, |_| Ok(())); + assert!(result.err.is_none()); + assert_eq!(result.attempt, 0); + } + + #[test] + fn test_do_eventual_success() { + let cfg = test_config(); + let result = do_retry(&cfg, None, |attempt| { + if attempt < 2 { + Err("not yet".into()) + } else { + Ok(()) + } + }); + assert!(result.err.is_none()); + assert_eq!(result.attempt, 2); + } + + #[test] + fn test_do_all_fail() { + let cfg = test_config(); + let result = do_retry(&cfg, None, |_| Err("fail".into())); + assert!(result.err.is_some()); + assert!(result.err.unwrap().contains("all 3 attempts failed")); + } + + #[test] + fn test_do_deadline() { + let cfg = Config { + max_attempts: 100, + initial_delay: Duration::from_millis(50), + max_delay: Duration::from_secs(1), + backoff_factor: 1.0, + jitter_fraction: 0.0, + }; + let deadline = Instant::now() + Duration::from_millis(10); + let result = do_retry(&cfg, Some(deadline), |_| Err("fail".into())); + assert!(result.err.is_some()); + assert!(result.err.unwrap().contains("deadline")); + } +} diff --git a/src/safety.rs b/src/safety.rs new file mode 100644 index 0000000..110d5e3 --- /dev/null +++ b/src/safety.rs @@ -0,0 +1,79 @@ +use std::path::{Path, PathBuf}; +pub fn validate_file_path(workdir: &str, target: &str) -> Result { + if workdir.is_empty() { + return Err("workdir must not be empty".into()); + } + let target_path = Path::new(target); + if target_path.is_absolute() { + return Err(format!("absolute target path not allowed: {:?}", target)); + } + let abs_workdir = std::env::current_dir() + .map_err(|e| format!("getting cwd: {}", e))? + .join(workdir); + let abs_workdir = normalize_path(&abs_workdir); + let joined = abs_workdir.join(target); + let cleaned = normalize_path(&joined); + let workdir_str = abs_workdir.to_string_lossy().to_string(); + let cleaned_str = cleaned.to_string_lossy().to_string(); + if cleaned_str != workdir_str && !cleaned_str.starts_with(&format!("{}/", workdir_str)) { + return Err(format!( + "path traversal detected: {:?} escapes workdir {:?}", + target, workdir_str + )); + } + Ok(cleaned) +} +fn normalize_path(path: &Path) -> PathBuf { + let mut components = Vec::new(); + for component in path.components() { + match component { + std::path::Component::ParentDir => { + if !components.is_empty() { + components.pop(); + } + } + std::path::Component::CurDir => {} + c => components.push(c), + } + } + let mut result = PathBuf::new(); + for c in components { + result.push(c.as_os_str()); + } + result +} +#[cfg(test)] +mod tests { + use super::*; + use tempfile::TempDir; + #[test] + fn test_valid_path() { + let dir = TempDir::new().unwrap(); + let result = validate_file_path(dir.path().to_str().unwrap(), "output.txt"); + assert!(result.is_ok()); + } + #[test] + fn test_traversal_rejected() { + let dir = TempDir::new().unwrap(); + let traversal = ["..", "..", "..", "tmp", "x"].join(&std::path::MAIN_SEPARATOR.to_string()); + let result = validate_file_path(dir.path().to_str().unwrap(), &traversal); + assert!(result.is_err()); + } + #[test] + fn test_absolute_rejected() { + let dir = TempDir::new().unwrap(); + let result = validate_file_path(dir.path().to_str().unwrap(), "/tmp/test"); + assert!(result.is_err()); + } + #[test] + fn test_empty_workdir() { + let result = validate_file_path("", "output.txt"); + assert!(result.is_err()); + } + #[test] + fn test_workdir_itself() { + let dir = TempDir::new().unwrap(); + let result = validate_file_path(dir.path().to_str().unwrap(), "."); + assert!(result.is_ok()); + } +} diff --git a/tests/README.md b/tests/README.md index db4b918..ab4afa4 100644 --- a/tests/README.md +++ b/tests/README.md @@ -4,7 +4,7 @@ This directory contains integration tests for Initium. ## Running -Integration tests require external services (Postgres, HTTP servers, etc.) and are not run in standard `go test`. +Integration tests require external services (Postgres, HTTP servers, etc.) and are not run in standard `cargo test`. ```bash # Run unit tests only (default) @@ -12,6 +12,6 @@ make test # Integration tests require docker-compose (future) # docker-compose -f tests/docker-compose.yml up -d -# go test ./tests/ -tags=integration -count=1 +# cargo test --test integration ```