From 7bebc5861569c3dcbcc48bf4689bf459624d1fe5 Mon Sep 17 00:00:00 2001 From: Jean-Gabriel Gill-Couture Date: Tue, 17 Jun 2025 18:28:04 +0000 Subject: [PATCH] feat: add tenant credential management (#63) Adds the foundation for managing tenant credentials, including: - `TenantCredentialScore` for scoring credential-related operations. - `TenantCredentialManager` trait for creating users. - `CredentialMetadata` struct to store credential information. - `CredentialData` enum to hold credential content. - `TenantCredentialBundle` struct to encapsulate metadata and content. This provides a starting point for implementing credential creation, storage, and retrieval within the harmony system. Reviewed-on: https://git.nationtech.io/NationTech/harmony/pulls/63 Co-authored-by: Jean-Gabriel Gill-Couture Co-committed-by: Jean-Gabriel Gill-Couture --- Cargo.lock | 1 + Cargo.toml | 1 + harmony/Cargo.toml | 1 + harmony/src/modules/tenant/credentials.rs | 50 +++++++++++++++++++++++ harmony/src/modules/tenant/mod.rs | 3 ++ 5 files changed, 56 insertions(+) create mode 100644 harmony/src/modules/tenant/credentials.rs diff --git a/Cargo.lock b/Cargo.lock index 3252aa2..58c8700 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1422,6 +1422,7 @@ name = "harmony" version = "0.1.0" dependencies = [ "async-trait", + "chrono", "cidr", "convert_case", "derive-new", diff --git a/Cargo.toml b/Cargo.toml index 1512154..96d630a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -36,6 +36,7 @@ serde-value = "0.7.0" http = "1.2.0" inquire = "0.7.5" convert_case = "0.8.0" +chrono = "0.4" [workspace.dependencies.uuid] version = "1.11.0" diff --git a/harmony/Cargo.toml b/harmony/Cargo.toml index b98ec49..54cf36d 100644 --- a/harmony/Cargo.toml +++ b/harmony/Cargo.toml @@ -42,6 +42,7 @@ dockerfile_builder = "0.1.5" temp-file = "0.1.9" convert_case.workspace = true email_address = "0.2.9" +chrono.workspace = true fqdn = { version = "0.4.6", features = [ "domain-label-cannot-start-or-end-with-hyphen", "domain-label-length-limited-to-63", diff --git a/harmony/src/modules/tenant/credentials.rs b/harmony/src/modules/tenant/credentials.rs new file mode 100644 index 0000000..0e5917a --- /dev/null +++ b/harmony/src/modules/tenant/credentials.rs @@ -0,0 +1,50 @@ +use async_trait::async_trait; +use chrono::{DateTime, Utc}; +use serde::Serialize; + +use crate::{interpret::InterpretError, score::Score, topology::Topology}; + +/// Create and manage Tenant Credentials. +/// +/// This is meant to be used by cluster administrators who need to provide their tenant users and +/// services with credentials to access their resources. +#[derive(Debug, Clone, Serialize)] +pub struct TenantCredentialScore; + +impl Score for TenantCredentialScore { + fn create_interpret(&self) -> Box> { + todo!() + } + + fn name(&self) -> String { + todo!() + } +} + +#[async_trait] +pub trait TenantCredentialManager { + async fn create_user(&self) -> Result; +} + +#[derive(Debug, Clone)] +pub struct CredentialMetadata { + pub tenant_id: String, + pub credential_id: String, + pub description: String, + pub created_at: DateTime, + pub expires_at: Option>, +} + +#[derive(Debug, Clone)] +pub enum CredentialData { + /// Used to store login instructions destined to a human. Akin to AWS login instructions email + /// upon new console user creation. + PlainText(String), +} + +pub struct TenantCredentialBundle { + _metadata: CredentialMetadata, + _content: CredentialData, +} + +impl TenantCredentialBundle {} diff --git a/harmony/src/modules/tenant/mod.rs b/harmony/src/modules/tenant/mod.rs index 72412ec..1803b69 100644 --- a/harmony/src/modules/tenant/mod.rs +++ b/harmony/src/modules/tenant/mod.rs @@ -1,3 +1,6 @@ +mod credentials; +pub use credentials::*; + use async_trait::async_trait; use serde::Serialize;