Set of I/O-free Rust coroutines to retrieve secrets from different sources, based on io-process and io-keyring.
This library allows you to retrieve secrets from different sources using an I/O-agnostic approach, based on 3 concepts:
A coroutine is an I/O-free, resumable and composable state machine that emits I/O requests. A coroutine is considered terminated when it does not emit I/O requests anymore.
See available coroutines at ./src/coroutines.
A runtime contains all the I/O logic, and is responsible for processing I/O requests emitted by coroutines.
See available runtimes at io-process and io-keyring.
The loop is the glue between coroutines and runtimes. It makes the coroutine progress while allowing runtime to process I/O.
use io_keyring::{runtimes::std::handle as handle_keyring};
use io_process::{runtimes::std::handle as handle_process};
use io_secret::{Io, Secret};
let secret: Secret;
let mut arg = None;
let mut read = Read::new(secret);
let secret = loop {
match read.resume(arg) {
Ok(secret) => break secret,
Err(Io::Keyring(io)) => arg = Some(Io::Keyring(handle_keyring(io).unwrap())),
Err(Io::Command(io)) => arg = Some(Io::Command(handle_process(io).unwrap())),
Err(Io::Error(err)) => panic!("{err}"),
}
}See complete example at ./examples/read.
Have a look at projects built on the top of this library:
- TODO
Special thanks to the NLnet foundation and the European Commission that helped the project to receive financial support from various programs:
- NGI Assure in 2022
- NGI Zero Entrust in 2023
- NGI Zero Core in 2024 (still ongoing)
If you appreciate the project, feel free to donate using one of the following providers:
