sunbeam-sdk/Cargo.toml

[package]
name = "sunbeam-sdk"
version = "1.1.1"
edition = "2024"
description = "Sunbeam Studios SDK, CLI, and ecosystem integrations"
repository = "https://src.sunbeam.pt/studio/cli"
license = "MIT"
publish = ["sunbeam"]

[features]
default = ["identity", "gitea"]
identity = []
gitea = []
pm = ["gitea"]
matrix = []
opensearch = []
s3 = []
livekit = []
monitoring = []
lasuite = []
build = []
cli = ["dep:clap"]
all = ["identity", "gitea", "pm", "matrix", "opensearch", "s3", "livekit", "monitoring", "lasuite", "build"]
integration = ["all"]

[dependencies]
# Core
thiserror = "2"
tokio = { version = "1", features = ["full"] }
clap = { version = "4", features = ["derive"], optional = true }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
serde_yaml = "0.9"
tracing = "0.1"

# Kubernetes
kube = { version = "0.99", features = ["client", "runtime", "derive", "ws"] }
k8s-openapi = { version = "0.24", features = ["v1_32"] }

# HTTP + TLS
reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls", "blocking"] }
bytes = "1"

# SSH
russh = "0.46"
russh-keys = "0.46"

# Crypto
rsa = "0.9"
pkcs8 = { version = "0.10", features = ["pem"] }
pkcs1 = { version = "0.7", features = ["pem"] }
sha2 = "0.10"
hmac = "0.12"
base64 = "0.22"
rand = "0.8"
aes-gcm = "0.10"
argon2 = "0.5"
indicatif = { version = "0.17", features = ["tokio"] }

# Certificate generation
rcgen = "0.14"

# SMTP
lettre = { version = "0.11", default-features = false, features = ["smtp-transport", "tokio1-rustls-tls", "builder", "hostname"] }

# Archive handling
flate2 = "1"
tar = "0.4"

# Async
futures = "0.3"
tokio-stream = "0.1"

# Utility
tempfile = "3"
dirs = "5"
chrono = { version = "0.4", features = ["serde"] }

[dev-dependencies]
wiremock = "0.6"

[build-dependencies]
reqwest = { version = "0.12", default-features = false, features = ["blocking", "rustls-tls"] }
sha2 = "0.10"
flate2 = "1"
tar = "0.4"
chrono = "0.4"
refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00			`[package]`
			`name = "sunbeam-sdk"`
chore: bump to v1.1.1, update CHANGELOG 2026-03-24 15:29:05 +00:00			`version = "1.1.1"`
refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00			`edition = "2024"`
chore: bump to v1.1.0, update package description 2026-03-24 12:17:08 +00:00			`description = "Sunbeam Studios SDK, CLI, and ecosystem integrations"`
fix: forge URL derivation for bare IP hosts, add Cargo registry config forge_url() now checks active context domain first before falling back to production_host. Bare IP addresses are skipped in the host heuristic. Adds .cargo/config.toml for the sunbeam Gitea Cargo registry. 2026-03-21 15:17:47 +00:00			`repository = "https://src.sunbeam.pt/studio/cli"`
			`license = "MIT"`
			`publish = ["sunbeam"]`
refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00
			`[features]`
feat: ServiceClient trait, HttpTransport, and SunbeamClient factory Foundation layer for unified service client wrappers: - AuthMethod enum (None, Bearer, Header, Token) - ServiceClient trait with service_name(), base_url(), from_parts() - HttpTransport with json(), json_opt(), send(), bytes() helpers - SunbeamClient lazy factory with OnceLock-cached per-service clients - Feature flags for all service modules (identity, gitea, matrix, etc.) Bump: sunbeam-sdk v0.2.0 2026-03-21 20:11:22 +00:00			`default = ["identity", "gitea"]`
			`identity = []`
			`gitea = []`
			`pm = ["gitea"]`
			`matrix = []`
			`opensearch = []`
			`s3 = []`
			`livekit = []`
			`monitoring = []`
			`lasuite = []`
			`build = []`
			`cli = ["dep:clap"]`
			`all = ["identity", "gitea", "pm", "matrix", "opensearch", "s3", "livekit", "monitoring", "lasuite", "build"]`
			`integration = ["all"]`
refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00
			`[dependencies]`
			`# Core`
			`thiserror = "2"`
			`tokio = { version = "1", features = ["full"] }`
			`clap = { version = "4", features = ["derive"], optional = true }`
			`serde = { version = "1", features = ["derive"] }`
			`serde_json = "1"`
			`serde_yaml = "0.9"`
			`tracing = "0.1"`

			`# Kubernetes`
			`kube = { version = "0.99", features = ["client", "runtime", "derive", "ws"] }`
			`k8s-openapi = { version = "0.24", features = ["v1_32"] }`

			`# HTTP + TLS`
chore: bump to v1.0.0, drop native-tls for pure rustls Removes openssl-sys transitive dep by disabling reqwest default features, enabling static musl cross-compilation for Linux. 2026-03-21 22:29:13 +00:00			`reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls", "blocking"] }`
feat: ServiceClient trait, HttpTransport, and SunbeamClient factory Foundation layer for unified service client wrappers: - AuthMethod enum (None, Bearer, Header, Token) - ServiceClient trait with service_name(), base_url(), from_parts() - HttpTransport with json(), json_opt(), send(), bytes() helpers - SunbeamClient lazy factory with OnceLock-cached per-service clients - Feature flags for all service modules (identity, gitea, matrix, etc.) Bump: sunbeam-sdk v0.2.0 2026-03-21 20:11:22 +00:00			`bytes = "1"`
refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00
			`# SSH`
			`russh = "0.46"`
			`russh-keys = "0.46"`

			`# Crypto`
			`rsa = "0.9"`
			`pkcs8 = { version = "0.10", features = ["pem"] }`
			`pkcs1 = { version = "0.7", features = ["pem"] }`
			`sha2 = "0.10"`
			`hmac = "0.12"`
			`base64 = "0.22"`
			`rand = "0.8"`
feat: encrypted vault keystore, JWT auth, Drive upload Vault keystore (vault_keystore.rs): - AES-256-GCM encrypted local storage for root tokens + unseal keys - Argon2id KDF with machine-specific salt, 0600 permissions - save/load/verify/export API with 26 unit tests - Integrated into seed flow: save after init, load as fallback, backfill from cluster, restore K8s Secret if wiped Vault CLI: - vault reinit: wipe and re-initialize vault with confirmation - vault keys: show local keystore status - vault export-keys: plaintext export for machine migration - vault status: now shows keystore status + uses JWT auth - Fixed seal_status() bypassing request() (missing auth headers) Vault OIDC auth: - JWT auth method enabled on OpenBao via seed script - cli-admin role: full access for users with admin:true JWT claim - cli-reader role: read-only for non-admin SSO users - BaoClient.with_proxy_auth(): sends both Bearer (proxy) and X-Vault-Token (vault) headers - SunbeamClient.bao() authenticates via JWT login, falls back to local keystore root token Drive: - SDK client uses /items/ endpoint (was /files/ and /folders/) - Added create_child, upload_ended, upload_to_s3 methods - Added recursive drive upload command (--path, --folder-id) - Switched all La Suite clients to /external_api/v1.0/ Infrastructure: - Removed openbao-keys-placeholder.yaml from kustomization - Added sunbeam.dev/managed-by label to programmatic secrets - kv_patch→kv_put fallback for fresh vault initialization - Hydra/Kratos secrets combined (new,old) for key rotation 2026-03-24 12:09:01 +00:00			`aes-gcm = "0.10"`
			`argon2 = "0.5"`
feat: parallel Drive upload with indicatif progress UI - Parallel file uploads with --parallel flag (default 4) - indicatif MultiProgress: overall bar with file count, speed, ETA - Per-file spinner bars showing filename during upload - Phase 1: walk tree + create folders sequentially - Phase 2: upload files concurrently via semaphore - Summary line on completion (files, bytes, time, speed) - Fixed DriveFile/DriveFolder types to match actual API fields - DriveClient now Clone for Arc sharing across tasks 2026-03-24 13:26:16 +00:00			`indicatif = { version = "0.17", features = ["tokio"] }`
refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00
			`# Certificate generation`
			`rcgen = "0.14"`

			`# SMTP`
			`lettre = { version = "0.11", default-features = false, features = ["smtp-transport", "tokio1-rustls-tls", "builder", "hostname"] }`

			`# Archive handling`
			`flate2 = "1"`
			`tar = "0.4"`

			`# Async`
			`futures = "0.3"`
			`tokio-stream = "0.1"`

			`# Utility`
			`tempfile = "3"`
			`dirs = "5"`
			`chrono = { version = "0.4", features = ["serde"] }`

feat: ServiceClient trait, HttpTransport, and SunbeamClient factory Foundation layer for unified service client wrappers: - AuthMethod enum (None, Bearer, Header, Token) - ServiceClient trait with service_name(), base_url(), from_parts() - HttpTransport with json(), json_opt(), send(), bytes() helpers - SunbeamClient lazy factory with OnceLock-cached per-service clients - Feature flags for all service modules (identity, gitea, matrix, etc.) Bump: sunbeam-sdk v0.2.0 2026-03-21 20:11:22 +00:00			`[dev-dependencies]`
			`wiremock = "0.6"`

refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00			`[build-dependencies]`
chore: bump to v1.0.0, drop native-tls for pure rustls Removes openssl-sys transitive dep by disabling reqwest default features, enabling static musl cross-compilation for Linux. 2026-03-21 22:29:13 +00:00			`reqwest = { version = "0.12", default-features = false, features = ["blocking", "rustls-tls"] }`
refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate Convert the single binary crate into a Cargo workspace with two members: sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the SDK with adjusted .git/HEAD path for the nested layout. 2026-03-21 14:34:15 +00:00			`sha2 = "0.10"`
			`flate2 = "1"`
			`tar = "0.4"`
			`chrono = "0.4"`