add sdk layer: vault client, token store, gitea API

studio/sol

vault.rs — OpenBao client with kubernetes auth, KV v2 operations,
automatic token refresh on 403. proper error handling on all paths.

tokens.rs — vault-backed token storage with expiry validation.
get_valid returns Result<Option> to distinguish vault errors from
missing tokens. username mappings stay in sqlite (not secrets).

gitea.rs — typed gitea API v1 wrapper with per-user PAT
auto-provisioning via admin API. username discovery by direct match
or email search. URL-encoded query params. handles 400 and 422 token
name conflicts with delete+retry.

This commit is contained in:

Sienna Meridian Satterwhite

2026-03-22 14:59:25 +00:00

parent 14022aa7c0

commit f479235a63

4 changed files with 1167 additions and 0 deletions

									
										3

src/sdk/mod.rs
									
										Normal file
									
												View File
												
				@@ -0,0 +1,3 @@

				pub mod gitea;

				pub mod tokens;

				pub mod vault;

add sdk layer: vault client, token store, gitea API

3 src/sdk/mod.rs Normal file Unescape Escape View File

3

src/sdk/mod.rs Normal file

View File