studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity
87 Commits 2 Branches 5 Tags
27536b469554b1d0d398efe836b14454fb4bde8b
Commit Graph

28 Commits

Author SHA1 Message Date
Sienna Meridian Satterwhite
27536b4695 feat: parallel Drive upload with indicatif progress UI 
- Parallel file uploads with --parallel flag (default 4)
- indicatif MultiProgress: overall bar with file count, speed, ETA
- Per-file spinner bars showing filename during upload
- Phase 1: walk tree + create folders sequentially
- Phase 2: upload files concurrently via semaphore
- Summary line on completion (files, bytes, time, speed)
- Fixed DriveFile/DriveFolder types to match actual API fields
- DriveClient now Clone for Arc sharing across tasks
 2026-03-24 13:26:16 +00:00
Sienna Meridian Satterwhite
477006ede2 chore: bump to v1.1.0, update package description 2026-03-24 12:17:08 +00:00
Sienna Meridian Satterwhite
ca0748b109 feat: encrypted vault keystore, JWT auth, Drive upload 
Vault keystore (vault_keystore.rs):
- AES-256-GCM encrypted local storage for root tokens + unseal keys
- Argon2id KDF with machine-specific salt, 0600 permissions
- save/load/verify/export API with 26 unit tests
- Integrated into seed flow: save after init, load as fallback,
  backfill from cluster, restore K8s Secret if wiped

Vault CLI:
- vault reinit: wipe and re-initialize vault with confirmation
- vault keys: show local keystore status
- vault export-keys: plaintext export for machine migration
- vault status: now shows keystore status + uses JWT auth
- Fixed seal_status() bypassing request() (missing auth headers)

Vault OIDC auth:
- JWT auth method enabled on OpenBao via seed script
- cli-admin role: full access for users with admin:true JWT claim
- cli-reader role: read-only for non-admin SSO users
- BaoClient.with_proxy_auth(): sends both Bearer (proxy) and
  X-Vault-Token (vault) headers
- SunbeamClient.bao() authenticates via JWT login, falls back
  to local keystore root token

Drive:
- SDK client uses /items/ endpoint (was /files/ and /folders/)
- Added create_child, upload_ended, upload_to_s3 methods
- Added recursive drive upload command (--path, --folder-id)
- Switched all La Suite clients to /external_api/v1.0/

Infrastructure:
- Removed openbao-keys-placeholder.yaml from kustomization
- Added sunbeam.dev/managed-by label to programmatic secrets
- kv_patch→kv_put fallback for fresh vault initialization
- Hydra/Kratos secrets combined (new,old) for key rotation
 2026-03-24 12:09:01 +00:00
Sienna Meridian Satterwhite
13e3f5d42e fix opensearch pod resolution + sol-agent vault policy 
os_api: resolve pod name by label instead of hardcoded opensearch-0.
added find_pod_by_label helper to kube.rs.

secrets.py: sol-agent policy (read/write sol-tokens/*) and k8s auth
role bound to matrix namespace default SA.
 2026-03-23 08:48:33 +00:00
Sienna Meridian Satterwhite
faf525522c feat: async SunbeamClient factory with unified auth resolution 
SunbeamClient accessors are now async and resolve auth per-client:
- SSO bearer (get_token) for admin APIs, Matrix, La Suite, OpenSearch
- Gitea PAT (get_gitea_token) for VCS
- None for Prometheus, Loki, S3, LiveKit

Fixes client URLs to match deployed routes: hydra→hydra.{domain},
matrix→messages.{domain}, grafana→metrics.{domain},
prometheus→systemmetrics.{domain}, loki→systemlogs.{domain}.

Removes all ad-hoc token helpers from CLI modules (matrix_with_token,
os_client, people_client, etc). Every dispatch just calls
client.service().await?.
 2026-03-22 18:57:22 +00:00
Sienna Meridian Satterwhite
34647e6bcb feat: seed Sol agent vault policy + gitea creds, bump v1.0.1 
Patches gitea admin credentials into secret/sol for Sol's Gitea
integration. Adds sol-agent vault policy with read/write access
to sol-tokens/* for user impersonation PATs, plus k8s auth role
bound to the matrix namespace.
 2026-03-22 13:46:15 +00:00
Sienna Meridian Satterwhite
051e17ddf1 chore: bump to v1.0.0, drop native-tls for pure rustls 
Removes openssl-sys transitive dep by disabling reqwest default
features, enabling static musl cross-compilation for Linux.
 2026-03-21 22:29:13 +00:00
Sienna Meridian Satterwhite
f867805280 feat: CLI modules for all 25+ service clients 
One cli.rs per SDK module, gated behind #[cfg(feature = "cli")]:
- auth (identity + hydra): identity, session, recovery, schema,
  courier, health, client, jwk, issuer, token, SSO passthrough
- vcs (gitea): repo, issue, pr, branch, org, user, file, notification
- chat (matrix): room, message, state, profile, device, user, sync
- search (opensearch): doc, query, count, index, cluster, node,
  ingest pipeline, snapshot
- storage (s3): bucket, object
- media (livekit): room, participant, egress, token
- mon (prometheus, loki, grafana): queries, dashboards, datasources,
  folders, annotations, alerts, org
- vault (openbao): status, init, unseal, kv, policy, auth, secrets
- la suite (people, docs, meet, drive, mail, cal, find)

All dispatch functions take (cmd, &SunbeamClient, OutputFormat).
 2026-03-21 22:18:58 +00:00
Sienna Meridian Satterwhite
3d7a2d5d34 feat: OutputFormat enum + render/render_list/read_json_input helpers 
Adds -o json|yaml|table output support to the SDK output module.
OutputFormat derives clap::ValueEnum behind the cli feature gate.
 2026-03-21 22:17:10 +00:00
Sienna Meridian Satterwhite
97976e0686 fix: include build module (was gitignored) 
Bump: sunbeam-sdk v0.12.1
 2026-03-21 20:37:54 +00:00
Sienna Meridian Satterwhite
f06a167496 feat: BuildKit client + integration test suite (651 tests) 
BuildKitClient CLI wrapper for buildctl.
Docker compose stack (9 services) for integration testing.
Comprehensive test suite: wiremock tests for Matrix/La Suite/S3/client,
integration tests for Kratos/Hydra/Gitea/OpenSearch/Prometheus/Loki/
Grafana/LiveKit.

Bump: sunbeam-sdk v0.12.0
 2026-03-21 20:35:59 +00:00
Sienna Meridian Satterwhite
b60e22edee feat: La Suite clients — 7 DRF services (75 endpoints) 
PeopleClient, DocsClient, MeetClient, DriveClient, MessagesClient,
CalendarsClient, FindClient — all with DRFPage<T> pagination and
Bearer token auth.

Bump: sunbeam-sdk v0.11.0
 2026-03-21 20:34:32 +00:00
Sienna Meridian Satterwhite
915f0b254d feat: monitoring clients — Prometheus, Loki, Grafana (57 endpoints) 
PrometheusClient (18 endpoints): query, metadata, targets, status.
LokiClient (11 endpoints): query, labels, series, push, index.
GrafanaClient (29 endpoints): dashboards, datasources, folders,
annotations, alerts, org.

Bump: sunbeam-sdk v0.10.0
 2026-03-21 20:30:24 +00:00
Sienna Meridian Satterwhite
21f9e18610 feat: LiveKitClient — real-time media API (15 endpoints + JWT) 
Typed LiveKit Twirp API covering rooms, participants, egress,
and HMAC-SHA256 access token generation.

Bump: sunbeam-sdk v0.9.0
 2026-03-21 20:29:44 +00:00
Sienna Meridian Satterwhite
a33697c2fb feat: S3Client — object storage API (21 endpoints) 
Typed S3-compatible API covering buckets, objects, multipart uploads,
tagging, versioning, lifecycle, CORS, ACL, and policies.

Bump: sunbeam-sdk v0.8.0
 2026-03-21 20:28:49 +00:00
Sienna Meridian Satterwhite
329c18bd1d feat: OpenSearchClient — search and analytics API (60 endpoints) 
Typed OpenSearch API covering documents, search, indices, cluster,
nodes, cat, ingest pipelines, and snapshots.

Bump: sunbeam-sdk v0.7.0
 2026-03-21 20:27:55 +00:00
Sienna Meridian Satterwhite
2888d59537 feat: MatrixClient — chat and collaboration API (80 endpoints) 
Typed Matrix client/server API covering auth, rooms, messages, state,
profiles, media, devices, E2EE, push, presence, and spaces.

Bump: sunbeam-sdk v0.6.0
 2026-03-21 20:26:39 +00:00
Sienna Meridian Satterwhite
890d7b80ac feat: GiteaClient — unified git forge API (50+ endpoints) 
Typed Gitea REST API client with PAT auth covering repos, issues, PRs,
branches, orgs, users, file content, and notifications.

Bump: sunbeam-sdk v0.5.0
 2026-03-21 20:24:48 +00:00
Sienna Meridian Satterwhite
c597234cd9 feat: HydraClient — OAuth2/OIDC admin API (35 endpoints) 
Typed Hydra admin API client covering OAuth2 clients, login/consent/logout
flows, JWK sets, trusted JWT issuers, sessions, and token introspection.

Bump: sunbeam-sdk v0.4.0
 2026-03-21 20:22:39 +00:00
Sienna Meridian Satterwhite
f0bc363755 feat: KratosClient — identity management (30 endpoints) 
Typed Kratos admin API client covering identities, sessions,
recovery, schemas, courier messages, and health checks.

Bump: sunbeam-sdk v0.3.0
 2026-03-21 20:20:08 +00:00
Sienna Meridian Satterwhite
6823772055 feat: ServiceClient trait, HttpTransport, and SunbeamClient factory 
Foundation layer for unified service client wrappers:
- AuthMethod enum (None, Bearer, Header, Token)
- ServiceClient trait with service_name(), base_url(), from_parts()
- HttpTransport with json(), json_opt(), send(), bytes() helpers
- SunbeamClient lazy factory with OnceLock-cached per-service clients
- Feature flags for all service modules (identity, gitea, matrix, etc.)

Bump: sunbeam-sdk v0.2.0
 2026-03-21 20:15:11 +00:00
Sienna Meridian Satterwhite
31fde1a8c6 fix: forge URL derivation for bare IP hosts, add Cargo registry config 
forge_url() now checks active context domain first before falling back
to production_host. Bare IP addresses are skipped in the host heuristic.
Adds .cargo/config.toml for the sunbeam Gitea Cargo registry.
 2026-03-21 15:17:47 +00:00
Sienna Meridian Satterwhite
8e5d295902 refactor: SDK small command modules — services, cluster, manifests, gitea, update, auth 2026-03-21 14:38:25 +00:00
Sienna Meridian Satterwhite
6c7e1cd064 refactor: SDK users, pm, and checks modules with submodule splits 
Split users.rs (1157L) into mod.rs + provisioning.rs (mailbox,
projects user, welcome email). Split pm.rs (1664L) into mod.rs +
planka.rs (PlankaClient) + gitea_issues.rs (GiteaClient). Split
checks.rs (1214L) into mod.rs + probes.rs (11 check functions + S3).
 2026-03-21 14:38:18 +00:00
Sienna Meridian Satterwhite
bc65b9157d refactor: SDK images and secrets modules with submodule splits 
Split images.rs (1809L) into mod.rs + builders.rs (per-service build
functions). Split secrets.rs (1727L) into mod.rs + seeding.rs (KV
get_or_create, seed_openbao) + db_engine.rs (PostgreSQL static roles).
Moves BuildTarget enum from cli.rs into images/mod.rs with conditional
clap::ValueEnum derive behind the "cli" feature.
 2026-03-21 14:37:47 +00:00
Sienna Meridian Satterwhite
8e51e0b3ae refactor: SDK kube, openbao, and tools modules 
Move kube (client, apply, exec, secrets, kustomize_build) into kube/
submodule with tools.rs as a child. Move openbao BaoClient into
openbao/ submodule.
 2026-03-21 14:35:43 +00:00
Sienna Meridian Satterwhite
b92700d363 refactor: SDK core modules — error, config, output, constants 
Move foundational modules into sunbeam-sdk. All crate-internal references
remain unchanged since these are sibling modules within the SDK crate.
 2026-03-21 14:34:23 +00:00
Sienna Meridian Satterwhite
2ffedb95cb refactor: workspace scaffolding — sunbeam-sdk + sunbeam binary crate 
Convert the single binary crate into a Cargo workspace with two members:
sunbeam-sdk (library) and sunbeam (thin binary). Moves build.rs to the
SDK with adjusted .git/HEAD path for the nested layout.
 2026-03-21 14:34:15 +00:00