Merge pull request #4298 from gitbutlerapp/extract-secret

move secret module out of core into own crate
2024-12-13 15:34:13 +03:00 · 2024-07-09 12:26:09 +02:00 · 2024-07-09 12:26:09 +02:00 · 7de2a5061f
commit 7de2a5061f
parent 601387f168 25ec331791
17 changed files with 64 additions and 29 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2345,6 +2345,17 @@ dependencies = [
 "tracing",
 ]

+[[package]]
+name = "gitbutler-secret"
+version = "0.0.0"
+dependencies = [
+ "anyhow",
+ "gix",
+ "keyring",
+ "serde",
+ "tracing",
+]
+
 [[package]]
 name = "gitbutler-serde"
 version = "0.0.0"
@ -2394,6 +2405,7 @@ dependencies = [
 "gitbutler-project",
 "gitbutler-reference",
 "gitbutler-repo",
+ "gitbutler-secret",
 "gitbutler-testsupport",
 "gitbutler-user",
 "gitbutler-virtual",
@ -2449,6 +2461,7 @@ version = "0.0.0"
 dependencies = [
 "anyhow",
 "gitbutler-core",
+ "gitbutler-secret",
 "keyring",
 "serde",
 "serde_json",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -20,7 +20,8 @@ members = [
    "crates/gitbutler-branch",
    "crates/gitbutler-reference",
    "crates/gitbutler-error",
-    "crates/gitbutler-serde",
+    "crates/gitbutler-serde", 
+    "crates/gitbutler-secret",
 ]
 resolver = "2"

@ -53,6 +54,7 @@ gitbutler-branch = { path = "crates/gitbutler-branch" }
 gitbutler-reference = { path = "crates/gitbutler-reference" }
 gitbutler-error = { path = "crates/gitbutler-error" }
 gitbutler-serde = { path = "crates/gitbutler-serde" }
+gitbutler-secret = { path = "crates/gitbutler-secret" }

 [profile.release]
 codegen-units = 1 # Compile crates one after another so the compiler can optimize better
--- a/crates/gitbutler-core/src/lib.rs
+++ b/crates/gitbutler-core/src/lib.rs
@ -17,7 +17,6 @@ pub mod fs;
 pub mod git;
 pub mod id;
 pub mod path;
-pub mod secret;
 pub mod ssh;
 pub mod storage;
 pub mod time;
--- a/crates/gitbutler-core/src/types/mod.rs
+++ b/crates/gitbutler-core/src/types/mod.rs
@ -1,13 +1,4 @@
 pub mod default_true;

-/// A type to clearly mark sensitive information using the type-system. As such, it should
-///
-/// * *not* be logged
-/// * *not* be stored in plain text
-/// * *not* be presented in any way unless the user explicitly confirmed it to be displayed.
-pub struct Sensitive<T>(pub T);
-
-mod sensitive;
-
 mod tagged_string;
 pub use tagged_string::*;
--- a/crates/gitbutler-core/tests/types/mod.rs
+++ b/crates/gitbutler-core/tests/types/mod.rs
@ -1,5 +1,4 @@
 use gitbutler_core::types::default_true::DefaultTrue;
-use gitbutler_core::types::Sensitive;

 #[test]
 #[allow(clippy::bool_assert_comparison)]
@ -18,9 +17,3 @@ fn default_true() {
    *default_true = false;
    assert!(!default_true);
 }
-
-#[test]
-fn sensitive_does_not_debug_print_itself() {
-    let s = Sensitive("password");
-    assert_eq!(format!("{s:?}"), "\"<redacted>\"");
-}
--- a/crates/gitbutler-secret/Cargo.toml
+++ b/crates/gitbutler-secret/Cargo.toml
@ -0,0 +1,19 @@
+[package]
+name = "gitbutler-secret"
+version = "0.0.0"
+edition = "2021"
+authors = ["GitButler <gitbutler@gitbutler.com>"]
+publish = false
+
+[dependencies]
+anyhow = "1.0.86"
+tracing = "0.1.40"
+serde = { workspace = true, features = ["std"]}
+gix = { workspace = true, features = ["dirwalk", "credentials", "parallel"] }
+keyring.workspace = true
+
+[[test]]
+name="secret"
+path = "tests/mod.rs"
+
+[dev-dependencies]
--- a/crates/gitbutler-secret/src/lib.rs
+++ b/crates/gitbutler-secret/src/lib.rs
@ -0,0 +1,9 @@
+pub mod secret;
+pub mod sensitive;
+
+/// A type to clearly mark sensitive information using the type-system. As such, it should
+///
+/// * *not* be logged
+/// * *not* be stored in plain text
+/// * *not* be presented in any way unless the user explicitly confirmed it to be displayed.
+pub struct Sensitive<T>(pub T);
--- a/crates/gitbutler-secret/src/secret.rs
+++ b/crates/gitbutler-secret/src/secret.rs
@ -3,7 +3,7 @@
 //! These are stateless and global, while discouraging storing secrets
 //! in memory beyond their use.

-use crate::types::Sensitive;
+use crate::Sensitive;
 use anyhow::Result;
 use std::sync::Mutex;

--- a/crates/gitbutler-core/src/types/sensitive.rs
+++ b/crates/gitbutler-core/src/types/sensitive.rs
@ -1,4 +1,4 @@
-use crate::types::Sensitive;
+use crate::Sensitive;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use std::ops::{Deref, DerefMut};

--- a/crates/gitbutler-secret/tests/mod.rs
+++ b/crates/gitbutler-secret/tests/mod.rs
@ -0,0 +1,7 @@
+use gitbutler_secret::Sensitive;
+
+#[test]
+fn sensitive_does_not_debug_print_itself() {
+    let s = Sensitive("password");
+    assert_eq!(format!("{s:?}"), "\"<redacted>\"");
+}
--- a/crates/gitbutler-tauri/Cargo.toml
+++ b/crates/gitbutler-tauri/Cargo.toml
@ -59,6 +59,7 @@ gitbutler-user.workspace = true
 gitbutler-branch.workspace = true
 gitbutler-reference.workspace = true
 gitbutler-error.workspace = true
+gitbutler-secret.workspace = true
 open = "5"

 [dependencies.tauri]
--- a/crates/gitbutler-tauri/src/main.rs
+++ b/crates/gitbutler-tauri/src/main.rs
@ -25,7 +25,7 @@ use tauri_plugin_log::LogTarget;

 fn main() {
    let tauri_context = generate_context!();
-    gitbutler_core::secret::set_application_namespace(
+    gitbutler_secret::secret::set_application_namespace(
        &tauri_context.config().tauri.bundle.identifier,
    );

@ -76,7 +76,7 @@ fn main() {
                    // This isn't an issue for actual release build (i.e. nightly, production),
                    // hence the specific condition.
                    if cfg!(debug_assertions) && cfg!(target_os = "macos") {
-                        gitbutler_core::secret::git_credentials::setup().ok();
+                        gitbutler_secret::secret::git_credentials::setup().ok();
                    }

                    // SAFETY(qix-): This is safe because we're initializing the askpass broker here,
--- a/crates/gitbutler-tauri/src/secret.rs
+++ b/crates/gitbutler-tauri/src/secret.rs
@ -1,6 +1,6 @@
 use crate::error::Error;
-use gitbutler_core::secret;
-use gitbutler_core::types::Sensitive;
+use gitbutler_secret::secret;
+use gitbutler_secret::Sensitive;
 use std::sync::Mutex;
 use tracing::instrument;

--- a/crates/gitbutler-user/Cargo.toml
+++ b/crates/gitbutler-user/Cargo.toml
@ -7,6 +7,7 @@ publish = false

 [dependencies]
 gitbutler-core.workspace = true
+gitbutler-secret.workspace = true
 anyhow = "1.0.86"
 serde = { workspace = true, features = ["std"]}
 serde_json = { version = "1.0", features = [ "std", "arbitrary_precision" ] }
--- a/crates/gitbutler-user/src/controller.rs
+++ b/crates/gitbutler-user/src/controller.rs
@ -1,7 +1,7 @@
 use super::{storage::Storage, User};
 use anyhow::Context;
 use anyhow::Result;
-use gitbutler_core::secret;
+use gitbutler_secret::secret;
 use std::path::PathBuf;

 /// TODO(ST): rename to `Login` - seems more akin to what it does
--- a/crates/gitbutler-user/src/user.rs
+++ b/crates/gitbutler-user/src/user.rs
@ -1,6 +1,6 @@
 use anyhow::{Context, Result};
-use gitbutler_core::secret;
-use gitbutler_core::types::Sensitive;
+use gitbutler_secret::secret;
+use gitbutler_secret::Sensitive;
 use serde::{Deserialize, Serialize};
 use std::cell::RefCell;

--- a/crates/gitbutler-user/tests/secret/mod.rs
+++ b/crates/gitbutler-user/tests/secret/mod.rs
@ -1,8 +1,8 @@
 //! Note that these tests *must* be run in their own process, as they rely on having a deterministic
 //! credential store. Due to its global nature, tests cannot run in parallel
 //! (or mixed with parallel tests that set their own credential store)
-use gitbutler_core::secret;
-use gitbutler_core::types::Sensitive;
+use gitbutler_secret::secret;
+use gitbutler_secret::Sensitive;
 use serial_test::serial;

 #[test]