wip

.cargo/config.toml

@@ -1,5 +0,0 @@
-[target.x86_64-pc-windows-msvc]
-rustflags = ["-C", "link-arg=/STACK:8000000"]
-
-[target.x86_64-pc-windows-gnu]
-rustflags = ["-C", "link-arg=-Wl,--stack,8000000"]

.dockerignore

@@ -1,6 +0,0 @@
-target/
-Dockerfile
-.git
-data
-target
-demos

.gitattributes

@@ -2,5 +2,3 @@ bootx64.efi filter=lfs diff=lfs merge=lfs -text
 grubx64.efi filter=lfs diff=lfs merge=lfs -text
 initrd filter=lfs diff=lfs merge=lfs -text
 linux filter=lfs diff=lfs merge=lfs -text
-data/okd/bin/* filter=lfs diff=lfs merge=lfs -text
-data/okd/installer_image/* filter=lfs diff=lfs merge=lfs -text

.gitea/workflows/check.yml

@@ -1,18 +0,0 @@
-name: Run Check Script
-on:
-  push:
-    branches:
-      - master
-  pull_request:
-
-jobs:
-  check:
-    runs-on: docker
-    container:
-      image: hub.nationtech.io/harmony/harmony_composer:latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Run check script
-        run: bash check.sh

.gitea/workflows/harmony_composer.yaml

@@ -1,95 +0,0 @@
-name: Compile and package harmony_composer
-on:
-  push:
-    branches:
-      - master
-
-jobs:
-  package_harmony_composer:
-    container:
-      image: hub.nationtech.io/harmony/harmony_composer:latest
-    runs-on: dind
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Build for Linux x86_64
-        run: cargo build --release --bin harmony_composer --target x86_64-unknown-linux-gnu
-
-      - name: Build for Windows x86_64 GNU
-        run: cargo build --release --bin harmony_composer --target x86_64-pc-windows-gnu
-
-      - name: Setup log into hub.nationtech.io
-        uses: docker/login-action@v3
-        with:
-          registry: hub.nationtech.io
-          username: ${{ secrets.HUB_BOT_USER }}
-          password: ${{ secrets.HUB_BOT_PASSWORD }}
-
-      # TODO: build ARM images and MacOS binaries (or other targets) too
-
-      - name: Update snapshot-latest tag
-        run: |
-          git config user.name "Gitea CI"
-          git config user.email "ci@nationtech.io"
-          git tag -f snapshot-latest
-          git push origin snapshot-latest --force
-
-      - name: Install jq
-        run: apt install -y jq # The current image includes apt lists so we don't have to apt update and rm /var/lib/apt... every time. But if the image is optimized it won't work anymore
-
-      - name: Create or update release
-        run: |
-          # First, check if release exists and delete it if it does
-          RELEASE_ID=$(curl -s -X GET \
-            -H "Authorization: token ${{ secrets.GITEATOKEN }}" \
-            "https://git.nationtech.io/api/v1/repos/nationtech/harmony/releases/tags/snapshot-latest" \
-            | jq -r '.id // empty')
-
-          if [ -n "$RELEASE_ID" ]; then
-            # Delete existing release
-            curl -X DELETE \
-              -H "Authorization: token ${{ secrets.GITEATOKEN }}" \
-              "https://git.nationtech.io/api/v1/repos/nationtech/harmony/releases/$RELEASE_ID"
-          fi
-
-          # Create new release
-          RESPONSE=$(curl -X POST \
-            -H "Authorization: token ${{ secrets.GITEATOKEN }}" \
-            -H "Content-Type: application/json" \
-            -d '{
-              "tag_name": "snapshot-latest",
-              "name": "Latest Snapshot",
-              "body": "Automated snapshot build from master branch",
-              "draft": false,
-              "prerelease": true
-            }' \
-            "https://git.nationtech.io/api/v1/repos/nationtech/harmony/releases")
-
-          echo "RELEASE_ID=$(echo $RESPONSE | jq -r '.id')" >> $GITHUB_ENV
-
-      - name: Upload Linux binary
-        run: |
-          curl -X POST \
-            -H "Authorization: token ${{ secrets.GITEATOKEN }}" \
-            -H "Content-Type: application/octet-stream" \
-            --data-binary "@target/x86_64-unknown-linux-gnu/release/harmony_composer" \
-            "https://git.nationtech.io/api/v1/repos/nationtech/harmony/releases/${{ env.RELEASE_ID }}/assets?name=harmony_composer"
-
-      - name: Upload Windows binary
-        run: |
-          curl -X POST \
-            -H "Authorization: token ${{ secrets.GITEATOKEN }}" \
-            -H "Content-Type: application/octet-stream" \
-            --data-binary "@target/x86_64-pc-windows-gnu/release/harmony_composer.exe" \
-            "https://git.nationtech.io/api/v1/repos/nationtech/harmony/releases/${{ env.RELEASE_ID }}/assets?name=harmony_composer.exe"
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Build and push
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          push: true
-          tags: hub.nationtech.io/harmony/harmony_composer:latest

.gitignore

@@ -1,34 +1,3 @@
-### General ###
-private_repos/
-
-### Harmony ###
-harmony.log
-data/okd/installation_files*
-
-### Helm ###
-# Chart dependencies
-**/charts/*.tgz
-
-### Rust ###
-# Generated by Cargo
-# will have compiled files and executables
-debug/
-target/
-
-# Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
-# More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html
-Cargo.lock
-
-# These are backup files generated by rustfmt
-**/*.rs.bk
-
-# MSVC Windows builds of rustc generate these, which store debugging information
-*.pdb
-
-.harmony_generated
-
-# Useful to create ignore folders for temp files and notes
-ignore
-
-# Generated book
-book
+target
+private_repos
+log/

.gitmodules

@@ -1,3 +0,0 @@
-[submodule "examples/try_rust_webapp/tryrust.org"]
-	path = examples/try_rust_webapp/tryrust.org
-	url = https://github.com/rust-dd/tryrust.org.git

.sqlx/query-24f719d57144ecf4daa55f0aa5836c165872d70164401c0388e8d625f1b72d7b.json

@@ -1,26 +0,0 @@
-{
-  "db_name": "SQLite",
-  "query": "SELECT host_id, installation_device FROM host_role_mapping WHERE role = ?",
-  "describe": {
-    "columns": [
-      {
-        "name": "host_id",
-        "ordinal": 0,
-        "type_info": "Text"
-      },
-      {
-        "name": "installation_device",
-        "ordinal": 1,
-        "type_info": "Text"
-      }
-    ],
-    "parameters": {
-      "Right": 1
-    },
-    "nullable": [
-      false,
-      true
-    ]
-  },
-  "hash": "24f719d57144ecf4daa55f0aa5836c165872d70164401c0388e8d625f1b72d7b"
-}

.sqlx/query-6fcc29cfdbdf3b2cee94a4844e227f09b245dd8f079832a9a7b774151cb03af6.json

@@ -1,12 +0,0 @@
-{
-  "db_name": "SQLite",
-  "query": "\n        INSERT INTO host_role_mapping (host_id, role, installation_device)\n        VALUES (?, ?, ?)\n        ",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Right": 3
-    },
-    "nullable": []
-  },
-  "hash": "6fcc29cfdbdf3b2cee94a4844e227f09b245dd8f079832a9a7b774151cb03af6"
-}

.sqlx/query-8d247918eca10a88b784ee353db090c94a222115c543231f2140cba27bd0f067.json

@@ -1,32 +0,0 @@
-{
-  "db_name": "SQLite",
-  "query": "\n        SELECT\n            p1.id,\n            p1.version_id,\n            p1.data as \"data: Json<PhysicalHost>\"\n        FROM\n            physical_hosts p1\n        INNER JOIN (\n            SELECT\n                id,\n                MAX(version_id) AS max_version\n            FROM\n                physical_hosts\n            GROUP BY\n                id\n        ) p2 ON p1.id = p2.id AND p1.version_id = p2.max_version\n        ",
-  "describe": {
-    "columns": [
-      {
-        "name": "id",
-        "ordinal": 0,
-        "type_info": "Text"
-      },
-      {
-        "name": "version_id",
-        "ordinal": 1,
-        "type_info": "Text"
-      },
-      {
-        "name": "data: Json<PhysicalHost>",
-        "ordinal": 2,
-        "type_info": "Blob"
-      }
-    ],
-    "parameters": {
-      "Right": 0
-    },
-    "nullable": [
-      false,
-      false,
-      false
-    ]
-  },
-  "hash": "8d247918eca10a88b784ee353db090c94a222115c543231f2140cba27bd0f067"
-}

.sqlx/query-934035c7ca6e064815393e4e049a7934b0a7fac04a4fe4b2a354f0443d630990.json

@@ -1,32 +0,0 @@
-{
-  "db_name": "SQLite",
-  "query": "SELECT id, version_id, data as \"data: Json<PhysicalHost>\" FROM physical_hosts WHERE id = ? ORDER BY version_id DESC LIMIT 1",
-  "describe": {
-    "columns": [
-      {
-        "name": "id",
-        "ordinal": 0,
-        "type_info": "Text"
-      },
-      {
-        "name": "version_id",
-        "ordinal": 1,
-        "type_info": "Text"
-      },
-      {
-        "name": "data: Json<PhysicalHost>",
-        "ordinal": 2,
-        "type_info": "Null"
-      }
-    ],
-    "parameters": {
-      "Right": 1
-    },
-    "nullable": [
-      false,
-      false,
-      false
-    ]
-  },
-  "hash": "934035c7ca6e064815393e4e049a7934b0a7fac04a4fe4b2a354f0443d630990"
-}

.sqlx/query-f10f615ee42129ffa293e46f2f893d65a237d31d24b74a29c6a8d8420d255ab8.json

@@ -1,12 +0,0 @@
-{
-  "db_name": "SQLite",
-  "query": "INSERT INTO physical_hosts (id, version_id, data) VALUES (?, ?, ?)",
-  "describe": {
-    "columns": [],
-    "parameters": {
-      "Right": 3
-    },
-    "nullable": []
-  },
-  "hash": "f10f615ee42129ffa293e46f2f893d65a237d31d24b74a29c6a8d8420d255ab8"
-}

CONTRIBUTING.md

@@ -1,36 +0,0 @@
-# Contributing to the Harmony project
-
-## Write small P-R
-
-Aim for the smallest piece of work that is mergeable.
-
-Mergeable means that :
-
-- it does not break the build
-- it moves the codebase one step forward
-
-P-Rs can be many things, they do not have to be complete features.
-
-### What a P-R **should** be
-
-- Introduce a new trait : This will be the place to discuss the new trait addition, its design and implementation
-- A new implementation of a trait : a new concrete implementation of the LoadBalancer trait
-- A new CI check : something that improves quality, robustness, ci performance
-- Documentation improvements
-- Refactoring
-- Bugfix
-
-### What a P-R **should not** be
-
-- Large. Anything over 200 lines (excluding generated lines) should have a very good reason to be this large.
-- A mix of refactoring, bug fixes and new features.
-- Introducing multiple new features or ideas at once.
-- Multiple new implementations of a trait/functionnality at once
-
-The general idea is to keep P-Rs small and single purpose.
-
-## Commit message formatting
-
-We follow conventional commits guidelines.
-
-https://www.conventionalcommits.org/en/v1.0.0/

Cargo.toml

@@ -1,28 +1,16 @@
 [workspace]
 resolver = "2"
 members = [
-  "examples/*",
   "private_repos/*",
+  "examples/*",
   "harmony",
   "harmony_types",
   "harmony_macros",
   "harmony_tui",
-  "harmony_execution",
   "opnsense-config",
   "opnsense-config-xml",
   "harmony_cli",
   "k3d",
-  "harmony_composer",
-  "harmony_inventory_agent",
-  "harmony_secret_derive",
-  "harmony_secret",
-  "harmony_config_derive",
-  "harmony_config",
-  "brocade",
-  "harmony_agent",
-  "harmony_agent/deploy",
-  "harmony_node_readiness",
-  "harmony-k8s",
 ]
 
 [workspace.package]
@@ -31,58 +19,27 @@ readme = "README.md"
 license = "GNU AGPL v3"
 
 [workspace.dependencies]
-log = { version = "0.4", features = ["kv"] }
-env_logger = "0.11"
-derive-new = "0.7"
-async-trait = "0.1"
-tokio = { version = "1.40", features = [
-  "io-std",
-  "fs",
-  "macros",
-  "rt-multi-thread",
-] }
-tokio-retry = "0.3.0"
-tokio-util = "0.7.15"
-cidr = { features = ["serde"], version = "0.2" }
-russh = "0.45"
-russh-keys = "0.45"
-rand = "0.9"
-url = "2.5"
-kube = { version = "1.1.0", features = [
-  "config",
-  "client",
-  "runtime",
-  "rustls-tls",
-  "ws",
-  "jsonpatch",
-] }
-k8s-openapi = { version = "0.25", features = ["v1_30"] }
-# TODO replace with https://github.com/bourumir-wyngs/serde-saphyr as serde_yaml is deprecated https://github.com/sebastienrousseau/serde_yml
-serde_yaml = "0.9"
-serde-value = "0.7"
-http = "1.2"
-inquire = "0.7"
-convert_case = "0.8"
-chrono = "0.4"
-similar = "2"
-uuid = { version = "1.11", features = ["v4", "fast-rng", "macro-diagnostics"] }
-pretty_assertions = "1.4.1"
-tempfile = "3.20.0"
-bollard = "0.19.1"
-base64 = "0.22.1"
-tar = "0.4.44"
-lazy_static = "1.5.0"
-directories = "6.0.0"
-thiserror = "2.0.14"
-serde = { version = "1.0.209", features = ["derive", "rc"] }
-serde_json = "1.0.127"
-askama = "0.14"
-sqlx = { version = "0.8", features = ["runtime-tokio", "sqlite"] }
-reqwest = { version = "0.12", features = [
-  "blocking",
-  "stream",
-  "rustls-tls",
-  "http2",
-  "json",
-], default-features = false }
-assertor = "0.0.4"
+log = "0.4.22"
+env_logger = "0.11.5"
+derive-new = "0.7.0"
+async-trait = "0.1.82"
+tokio = { version = "1.40.0", features = ["io-std", "fs", "macros", "rt-multi-thread"] }
+cidr = "0.2.3"
+russh = "0.45.0"
+russh-keys = "0.45.0"
+rand = "0.8.5"
+url = "2.5.4"
+kube = "0.98.0"
+k8s-openapi = { version = "0.24.0", features = ["v1_30"] }
+serde_yaml = "0.9.34"
+serde-value = "0.7.0"
+http = "1.2.0"
+inquire = "0.7.5"
+
+[workspace.dependencies.uuid]
+version = "1.11.0"
+features = [
+  "v4",                # Lets you generate random UUIDs
+  "fast-rng",          # Use a faster (but still sufficiently random) RNG
+  "macro-diagnostics", # Enable better diagnostics for compile-time UUIDs
+]

Dockerfile

@@ -1,26 +0,0 @@
-FROM docker.io/rust:1.89.0 AS build
-
-WORKDIR /app
-
-COPY . .
-
-RUN cargo build --release --bin harmony_composer
-
-FROM docker.io/rust:1.89.0
-
-WORKDIR /app
-
-RUN rustup target add x86_64-pc-windows-gnu
-RUN rustup target add x86_64-unknown-linux-gnu
-RUN rustup component add rustfmt
-RUN rustup component add clippy
-
-RUN apt update
-
-# TODO: Consider adding more supported targets
-# nodejs for checkout action, docker for building containers, mingw for cross-compiling for windows
-RUN apt install -y nodejs docker.io mingw-w64
-
-COPY --from=build /app/target/release/harmony_composer .
-
-ENTRYPOINT ["/app/harmony_composer"]

README.md

@@ -1,250 +1,33 @@
-# Harmony
+# Harmony : Open Infrastructure Orchestration
 
-**Infrastructure orchestration that treats your platform like first-class code.**
+## Quick demo
 
-Harmony is an open-source framework that brings the rigor of software engineering to infrastructure management. Write Rust code to define what you want, and Harmony handles the rest — from local development to production clusters.
+`cargo run -p example-tui`
 
-_By [NationTech](https://nationtech.io)_
+This will launch Harmony's minimalist terminal ui which embeds a few demo scores.
 
-[![Build](https://git.nationtech.io/NationTech/harmony/actions/workflows/check.yml/badge.svg)](https://git.nationtech.io/NationTech/harmony)
-[![License](https://img.shields.io/badge/license-AGPLv3-blue?style=flat-square)](LICENSE)
+Usage instructions will be displayed at the bottom of the TUI.
 
----
+`cargo run --bin example-cli -- --help`
 
-## The Problem Harmony Solves
+This is the harmony CLI, a minimal implementation
 
-Modern infrastructure is messy. Your Kubernetes cluster needs monitoring. Your bare-metal servers need provisioning. Your applications need deployments. Each comes with its own tooling, its own configuration format, and its own failure modes.
+The current help text:
 
-**What if you could describe your entire platform in one consistent language?**
+````
+Usage: example-cli [OPTIONS]
 
-That's Harmony. It unifies project scaffolding, infrastructure provisioning, application deployment, and day-2 operations into a single strongly-typed Rust codebase.
+Options:
+  -y, --yes              Run score(s) or not
+  -f, --filter <FILTER>  Filter query
+  -i, --interactive      Run interactive TUI or not
+  -a, --all              Run all or nth, defaults to all
+  -n, --number <NUMBER>  Run nth matching, zero indexed [default: 0]
+  -l, --list             list scores, will also be affected by run filter
+  -h, --help             Print help
+  -V, --version          Print version```
 
----
+## Core architecture
 
-## Three Principles That Make the Difference
-
-| Principle | What It Means |
-|-----------|---------------|
-| **Infrastructure as Resilient Code** | Stop fighting with YAML and bash. Write type-safe Rust that you can test, version, and refactor like any other code. |
-| **Prove It Works Before You Deploy** | Harmony verifies at _compile time_ that your application can actually run on your target infrastructure. No more "the config looks right but it doesn't work" surprises. |
-| **One Unified Model** | Software and infrastructure are one system. Deploy from laptop to production cluster without switching contexts or tools. |
-
----
-
-## How It Works: The Core Concepts
-
-Harmony is built around three concepts that work together:
-
-### Score — "What You Want"
-
-A `Score` is a declarative description of desired state. Think of it as a "recipe" that says _what_ you want without specifying _how_ to get there.
-
-```rust
-// "I want a PostgreSQL cluster running with default settings"
-let postgres = PostgreSQLScore {
-    config: PostgreSQLConfig {
-        cluster_name: "harmony-postgres-example".to_string(),
-        namespace: "harmony-postgres-example".to_string(),
-        ..Default::default()
-    },
-};
-```
-
-### Topology — "Where It Goes"
-
-A `Topology` represents your infrastructure environment and its capabilities. It answers the question: "What can this environment actually do?"
-
-```rust
-// Deploy to a local K3D cluster, or any Kubernetes cluster via environment variables
-K8sAnywhereTopology::from_env()
-```
-
-### Interpret — "How It Happens"
-
-An `Interpret` is the execution logic that connects your `Score` to your `Topology`. It translates "what you want" into "what the infrastructure does."
-
-**The Compile-Time Check:** Before your code ever runs, Harmony verifies that your `Score` is compatible with your `Topology`. If your application needs a feature your infrastructure doesn't provide, you get a compile error — not a runtime failure.
-
----
-
-## What You Can Deploy
-
-Harmony ships with ready-made Scores for:
-
-**Data Services**
-- PostgreSQL clusters (via CloudNativePG operator)
-- Multi-site PostgreSQL with failover
-
-**Kubernetes**
-- Namespaces, Deployments, Ingress
-- Helm charts
-- cert-manager for TLS
-- Monitoring (Prometheus, alerting, ntfy)
-
-**Bare Metal / Infrastructure**
-- OKD clusters from scratch
-- OPNsense firewalls
-- Network services (DNS, DHCP, TFTP)
-- Brocade switch configuration
-
-**And more:** Application deployment, tenant management, load balancing, and more.
-
----
-
-## Quick Start: Deploy a PostgreSQL Cluster
-
-This example provisions a local Kubernetes cluster (K3D) and deploys a PostgreSQL cluster on it — no external infrastructure required.
-
-```rust
-use harmony::{
-    inventory::Inventory,
-    modules::postgresql::{PostgreSQLScore, capability::PostgreSQLConfig},
-    topology::K8sAnywhereTopology,
-};
-
-#[tokio::main]
-async fn main() {
-    let postgres = PostgreSQLScore {
-        config: PostgreSQLConfig {
-            cluster_name: "harmony-postgres-example".to_string(),
-            namespace: "harmony-postgres-example".to_string(),
-            ..Default::default()
-        },
-    };
-
-    harmony_cli::run(
-        Inventory::autoload(),
-        K8sAnywhereTopology::from_env(),
-        vec![Box::new(postgres)],
-        None,
-    )
-    .await
-    .unwrap();
-}
-```
-
-### What this actually does
-
-When you compile and run this program:
-
-1. **Compiles** the Harmony Score into an executable
-2. **Connects** to `K8sAnywhereTopology` — which auto-provisions a local K3D cluster if none exists
-3. **Installs** the CloudNativePG operator into the cluster (one-time setup)
-4. **Creates** a PostgreSQL cluster with 1 instance and 1 GiB of storage
-5. **Exposes** the PostgreSQL instance as a Kubernetes Service
-
-### Prerequisites
-
-- [Rust](https://rust-lang.org/tools/install) (edition 2024)
-- [Docker](https://docs.docker.com/get-docker/) (for the local K3D cluster)
-- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) (optional, for inspecting the cluster)
-
-### Run it
-
-```bash
-# Clone the repository
-git clone https://git.nationtech.io/nationtech/harmony
-cd harmony
-
-# Build the project
-cargo build --release
-
-# Run the example
-cargo run -p example-postgresql
-```
-
-Harmony will print its progress as it sets up the cluster and deploys PostgreSQL. When complete, you can inspect the deployment:
-
-```bash
-kubectl get pods -n harmony-postgres-example
-kubectl get secret -n harmony-postgres-example harmony-postgres-example-db-user -o jsonpath='{.data.password}' | base64 -d
-```
-
-To connect to the database, forward the port:
-```bash
-kubectl port-forward -n harmony-postgres-example svc/harmony-postgres-example-rw 5432:5432
-psql -h localhost -p 5432 -U postgres
-```
-
-To clean up, delete the K3D cluster:
-```bash
-k3d cluster delete harmony-postgres-example
-```
-
----
-
-## Environment Variables
-
-`K8sAnywhereTopology::from_env()` reads the following environment variables to determine where and how to connect:
-
-| Variable | Default | Description |
-|----------|---------|-------------|
-| `KUBECONFIG` | `~/.kube/config` | Path to your kubeconfig file |
-| `HARMONY_AUTOINSTALL` | `true` | Auto-provision a local K3D cluster if none found |
-| `HARMONY_USE_LOCAL_K3D` | `true` | Always prefer local K3D over remote clusters |
-| `HARMONY_PROFILE` | `dev` | Deployment profile: `dev`, `staging`, or `prod` |
-| `HARMONY_K8S_CONTEXT` | _none_ | Use a specific kubeconfig context |
-| `HARMONY_PUBLIC_DOMAIN` | _none_ | Public domain for ingress endpoints |
-
-To connect to an existing Kubernetes cluster instead of provisioning K3D:
-
-```bash
-# Point to your kubeconfig
-export KUBECONFIG=/path/to/your/kubeconfig
-export HARMONY_USE_LOCAL_K3D=false
-export HARMONY_AUTOINSTALL=false
-
-# Then run
-cargo run -p example-postgresql
-```
-
----
-
-## Documentation
-
-| I want to... | Start here |
-|--------------|------------|
-| Understand the core concepts | [Core Concepts](./docs/concepts.md) |
-| Deploy my first application | [Getting Started Guide](./docs/guides/getting-started.md) |
-| Explore available components | [Scores Catalog](./docs/catalogs/scores.md) · [Topologies Catalog](./docs/catalogs/topologies.md) |
-| See a complete bare-metal deployment | [OKD on Bare Metal](./docs/use-cases/okd-on-bare-metal.md) |
-| Build my own Score or Topology | [Developer Guide](./docs/guides/developer-guide.md) |
-
----
-
-## Why Rust?
-
-We chose Rust for the same reason you might: **reliability through type safety**.
-
-Infrastructure code runs in production. It needs to be correct. Rust's ownership model and type system let us build a framework where:
-
-- Invalid configurations fail at compile time, not at 3 AM
-- Refactoring infrastructure is as safe as refactoring application code
-- The compiler verifies that your platform can actually fulfill your requirements
-
-See [ADR-001 · Why Rust](./adr/001-rust.md) for our full rationale.
-
----
-
-## Architecture Decisions
-
-Harmony's design is documented through Architecture Decision Records (ADRs):
-
-- [ADR-001 · Why Rust](./adr/001-rust.md)
-- [ADR-003 · Infrastructure Abstractions](./adr/003-infrastructure-abstractions.md)
-- [ADR-006 · Secret Management](./adr/006-secret-management.md)
-- [ADR-011 · Multi-Tenant Cluster](./adr/011-multi-tenant-cluster.md)
-
----
-
-## License
-
-Harmony is released under the **GNU AGPL v3**.
-
-> We choose a strong copyleft license to ensure the project—and every improvement to it—remains open and benefits the entire community.
-
-See [LICENSE](LICENSE) for the full text.
-
----
-
-_Made with ❤️ & 🦀 by NationTech and the Harmony community_
+![Harmony Core Architecture](docs/diagrams/Harmony_Core_Architecture.drawio.svg)
+````

adr/000-ADR-Template.md

@@ -1,6 +1,6 @@
 # Architecture Decision Record: \<Title\>
 
-Initial Author: \<Name\>
+Name: \<Name\>
 
 Initial Date: \<Date\>
 

adr/006-secret-management.md

@@ -2,7 +2,7 @@
 
 ## Status
 
-Rejected : See ADR 020 ./020-interactive-configuration-crate.md
+Proposed
 
 ### TODO [#3](https://git.nationtech.io/NationTech/harmony/issues/3):
 

adr/009-helm-and-kustomize-handling.md

@@ -1,6 +1,6 @@
 # Architecture Decision Record: Helm and Kustomize Handling
 
-Initial Author: Taha Hawa
+Name: Taha Hawa
 
 Initial Date: 2025-04-15
 

adr/010-monitoring-and-alerting.md

@@ -1,7 +1,7 @@
 # Architecture Decision Record: Monitoring and Alerting
 
-Initial Author : Willem Rolleman
-Date : April 28 2025
+Proposed by: Willem Rolleman
+Date: April 28 2025
 
 ## Status
 

book.toml

@@ -1,9 +0,0 @@
-[book]
-title = "Harmony"
-description = "Infrastructure orchestration that treats your platform like first-class code"
-src = "docs"
-build-dir = "book"
-authors = ["NationTech"]
-
-[output.html]
-mathjax-support = false

brocade/Cargo.toml

@@ -1,19 +0,0 @@
-[package]
-name = "brocade"
-edition = "2024"
-version.workspace = true
-readme.workspace = true
-license.workspace = true
-
-[dependencies]
-async-trait.workspace = true
-harmony_types = { path = "../harmony_types" }
-russh.workspace = true
-russh-keys.workspace = true
-tokio.workspace = true
-log.workspace = true
-env_logger.workspace = true
-regex = "1.11.3"
-harmony_secret = { path = "../harmony_secret" }
-serde.workspace = true
-schemars = "0.8"

brocade/examples/main.rs

@@ -1,75 +0,0 @@
-use std::net::{IpAddr, Ipv4Addr};
-
-use brocade::{BrocadeOptions, ssh};
-use harmony_secret::{Secret, SecretManager};
-use harmony_types::switch::PortLocation;
-use schemars::JsonSchema;
-use serde::{Deserialize, Serialize};
-
-#[derive(Secret, Clone, Debug, JsonSchema, Serialize, Deserialize)]
-struct BrocadeSwitchAuth {
-    username: String,
-    password: String,
-}
-
-#[tokio::main]
-async fn main() {
-    env_logger::Builder::from_env(env_logger::Env::default().default_filter_or("info")).init();
-
-    // let ip = IpAddr::V4(Ipv4Addr::new(10, 0, 0, 250)); // old brocade @ ianlet
-    let ip = IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)); // brocade @ sto1
-    // let ip = IpAddr::V4(Ipv4Addr::new(192, 168, 4, 11)); // brocade @ st
-    let switch_addresses = vec![ip];
-
-    let config = SecretManager::get_or_prompt::<BrocadeSwitchAuth>()
-        .await
-        .unwrap();
-
-    let brocade = brocade::init(
-        &switch_addresses,
-        &config.username,
-        &config.password,
-        &BrocadeOptions {
-            dry_run: true,
-            ssh: ssh::SshOptions {
-                port: 2222,
-                ..Default::default()
-            },
-            ..Default::default()
-        },
-    )
-    .await
-    .expect("Brocade client failed to connect");
-
-    let entries = brocade.get_stack_topology().await.unwrap();
-    println!("Stack topology: {entries:#?}");
-
-    let entries = brocade.get_interfaces().await.unwrap();
-    println!("Interfaces: {entries:#?}");
-
-    let version = brocade.version().await.unwrap();
-    println!("Version: {version:?}");
-
-    println!("--------------");
-    let mac_adddresses = brocade.get_mac_address_table().await.unwrap();
-    println!("VLAN\tMAC\t\t\tPORT");
-    for mac in mac_adddresses {
-        println!("{}\t{}\t{}", mac.vlan, mac.mac_address, mac.port);
-    }
-
-    println!("--------------");
-    todo!();
-    let channel_name = "1";
-    brocade.clear_port_channel(channel_name).await.unwrap();
-
-    println!("--------------");
-    let channel_id = brocade.find_available_channel_id().await.unwrap();
-
-    println!("--------------");
-    let channel_name = "HARMONY_LAG";
-    let ports = [PortLocation(2, 0, 35)];
-    brocade
-        .create_port_channel(channel_id, channel_name, &ports)
-        .await
-        .unwrap();
-}

brocade/src/fast_iron.rs

@@ -1,228 +0,0 @@
-use super::BrocadeClient;
-use crate::{
-    BrocadeInfo, Error, ExecutionMode, InterSwitchLink, InterfaceInfo, MacAddressEntry,
-    PortChannelId, PortOperatingMode, parse_brocade_mac_address, shell::BrocadeShell,
-};
-
-use async_trait::async_trait;
-use harmony_types::switch::{PortDeclaration, PortLocation};
-use log::{debug, info};
-use regex::Regex;
-use std::{collections::HashSet, str::FromStr};
-
-#[derive(Debug)]
-pub struct FastIronClient {
-    shell: BrocadeShell,
-    version: BrocadeInfo,
-}
-
-impl FastIronClient {
-    pub fn init(mut shell: BrocadeShell, version_info: BrocadeInfo) -> Self {
-        shell.before_all(vec!["skip-page-display".into()]);
-        shell.after_all(vec!["page".into()]);
-
-        Self {
-            shell,
-            version: version_info,
-        }
-    }
-
-    fn parse_mac_entry(&self, line: &str) -> Option<Result<MacAddressEntry, Error>> {
-        debug!("[Brocade] Parsing mac address entry: {line}");
-        let parts: Vec<&str> = line.split_whitespace().collect();
-        if parts.len() < 3 {
-            return None;
-        }
-
-        let (vlan, mac_address, port) = match parts.len() {
-            3 => (
-                u16::from_str(parts[0]).ok()?,
-                parse_brocade_mac_address(parts[1]).ok()?,
-                parts[2].to_string(),
-            ),
-            _ => (
-                1,
-                parse_brocade_mac_address(parts[0]).ok()?,
-                parts[1].to_string(),
-            ),
-        };
-
-        let port =
-            PortDeclaration::parse(&port).map_err(|e| Error::UnexpectedError(format!("{e}")));
-
-        match port {
-            Ok(p) => Some(Ok(MacAddressEntry {
-                vlan,
-                mac_address,
-                port: p,
-            })),
-            Err(e) => Some(Err(e)),
-        }
-    }
-
-    fn parse_stack_port_entry(&self, line: &str) -> Option<Result<InterSwitchLink, Error>> {
-        debug!("[Brocade] Parsing stack port entry: {line}");
-        let parts: Vec<&str> = line.split_whitespace().collect();
-        if parts.len() < 10 {
-            return None;
-        }
-
-        let local_port = PortLocation::from_str(parts[0]).ok()?;
-
-        Some(Ok(InterSwitchLink {
-            local_port,
-            remote_port: None,
-        }))
-    }
-
-    fn build_port_channel_commands(
-        &self,
-        channel_id: PortChannelId,
-        channel_name: &str,
-        ports: &[PortLocation],
-    ) -> Vec<String> {
-        let mut commands = vec![
-            "configure terminal".to_string(),
-            format!("lag {channel_name} static id {channel_id}"),
-        ];
-
-        for port in ports {
-            commands.push(format!("ports ethernet {port}"));
-        }
-
-        commands.push(format!("primary-port {}", ports[0]));
-        commands.push("deploy".into());
-        commands.push("exit".into());
-        commands.push("write memory".into());
-        commands.push("exit".into());
-
-        commands
-    }
-}
-
-#[async_trait]
-impl BrocadeClient for FastIronClient {
-    async fn version(&self) -> Result<BrocadeInfo, Error> {
-        Ok(self.version.clone())
-    }
-
-    async fn get_mac_address_table(&self) -> Result<Vec<MacAddressEntry>, Error> {
-        info!("[Brocade] Showing MAC address table...");
-
-        let output = self
-            .shell
-            .run_command("show mac-address", ExecutionMode::Regular)
-            .await?;
-
-        output
-            .lines()
-            .skip(2)
-            .filter_map(|line| self.parse_mac_entry(line))
-            .collect()
-    }
-
-    async fn get_stack_topology(&self) -> Result<Vec<InterSwitchLink>, Error> {
-        let output = self
-            .shell
-            .run_command("show interface stack-ports", crate::ExecutionMode::Regular)
-            .await?;
-
-        output
-            .lines()
-            .skip(1)
-            .filter_map(|line| self.parse_stack_port_entry(line))
-            .collect()
-    }
-
-    async fn get_interfaces(&self) -> Result<Vec<InterfaceInfo>, Error> {
-        todo!()
-    }
-
-    async fn configure_interfaces(
-        &self,
-        _interfaces: &Vec<(String, PortOperatingMode)>,
-    ) -> Result<(), Error> {
-        todo!()
-    }
-
-    async fn find_available_channel_id(&self) -> Result<PortChannelId, Error> {
-        info!("[Brocade] Finding next available channel id...");
-
-        let output = self
-            .shell
-            .run_command("show lag", ExecutionMode::Regular)
-            .await?;
-        let re = Regex::new(r"=== LAG .* ID\s+(\d+)").expect("Invalid regex");
-
-        let used_ids: HashSet<u8> = output
-            .lines()
-            .filter_map(|line| {
-                re.captures(line)
-                    .and_then(|c| c.get(1))
-                    .and_then(|id_match| id_match.as_str().parse().ok())
-            })
-            .collect();
-
-        let mut next_id: u8 = 1;
-        loop {
-            if !used_ids.contains(&next_id) {
-                break;
-            }
-            next_id += 1;
-        }
-
-        info!("[Brocade] Found channel id: {next_id}");
-        Ok(next_id)
-    }
-
-    async fn create_port_channel(
-        &self,
-        channel_id: PortChannelId,
-        channel_name: &str,
-        ports: &[PortLocation],
-    ) -> Result<(), Error> {
-        info!(
-            "[Brocade] Configuring port-channel '{channel_name} {channel_id}' with ports: {ports:?}"
-        );
-
-        let commands = self.build_port_channel_commands(channel_id, channel_name, ports);
-        self.shell
-            .run_commands(commands, ExecutionMode::Privileged)
-            .await?;
-
-        info!("[Brocade] Port-channel '{channel_name}' configured.");
-        Ok(())
-    }
-
-    async fn clear_port_channel(&self, channel_name: &str) -> Result<(), Error> {
-        info!("[Brocade] Clearing port-channel: {channel_name}");
-
-        let commands = vec![
-            "configure terminal".to_string(),
-            format!("no lag {channel_name}"),
-            "write memory".to_string(),
-        ];
-        self.shell
-            .run_commands(commands, ExecutionMode::Privileged)
-            .await?;
-
-        info!("[Brocade] Port-channel '{channel_name}' cleared.");
-        Ok(())
-    }
-
-    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
-        let commands = vec![
-            "configure terminal".into(),
-            "snmp-server view ALL 1 included".into(),
-            "snmp-server group public v3 priv read ALL".into(),
-            format!(
-                "snmp-server user {user_name} groupname public auth md5 auth-password {auth} priv des priv-password {des}"
-            ),
-            "exit".into(),
-        ];
-        self.shell
-            .run_commands(commands, ExecutionMode::Regular)
-            .await?;
-        Ok(())
-    }
-}

brocade/src/lib.rs

@@ -1,352 +0,0 @@
-use std::net::IpAddr;
-use std::{
-    fmt::{self, Display},
-    time::Duration,
-};
-
-use crate::network_operating_system::NetworkOperatingSystemClient;
-use crate::{
-    fast_iron::FastIronClient,
-    shell::{BrocadeSession, BrocadeShell},
-};
-
-use async_trait::async_trait;
-use harmony_types::net::MacAddress;
-use harmony_types::switch::{PortDeclaration, PortLocation};
-use regex::Regex;
-use serde::Serialize;
-
-mod fast_iron;
-mod network_operating_system;
-mod shell;
-pub mod ssh;
-
-#[derive(Default, Clone, Debug)]
-pub struct BrocadeOptions {
-    pub dry_run: bool,
-    pub ssh: ssh::SshOptions,
-    pub timeouts: TimeoutConfig,
-}
-
-#[derive(Clone, Debug)]
-pub struct TimeoutConfig {
-    pub shell_ready: Duration,
-    pub command_execution: Duration,
-    pub command_output: Duration,
-    pub cleanup: Duration,
-    pub message_wait: Duration,
-}
-
-impl Default for TimeoutConfig {
-    fn default() -> Self {
-        Self {
-            shell_ready: Duration::from_secs(10),
-            command_execution: Duration::from_secs(60), // Commands like `deploy` (for a LAG) can take a while
-            command_output: Duration::from_secs(5), // Delay to start logging "waiting for command output"
-            cleanup: Duration::from_secs(10),
-            message_wait: Duration::from_millis(500),
-        }
-    }
-}
-
-enum ExecutionMode {
-    Regular,
-    Privileged,
-}
-
-#[derive(Clone, Debug)]
-pub struct BrocadeInfo {
-    os: BrocadeOs,
-    _version: String,
-}
-
-#[derive(Clone, Debug)]
-pub enum BrocadeOs {
-    NetworkOperatingSystem,
-    FastIron,
-    Unknown,
-}
-
-#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Clone)]
-pub struct MacAddressEntry {
-    pub vlan: u16,
-    pub mac_address: MacAddress,
-    pub port: PortDeclaration,
-}
-
-pub type PortChannelId = u8;
-
-/// Represents a single physical or logical link connecting two switches within a stack or fabric.
-///
-/// This structure provides a standardized view of the topology regardless of the
-/// underlying Brocade OS configuration (stacking vs. fabric).
-#[derive(Debug, PartialEq, Eq, Clone)]
-pub struct InterSwitchLink {
-    /// The local port on the switch where the topology command was run.
-    pub local_port: PortLocation,
-    /// The port on the directly connected neighboring switch.
-    pub remote_port: Option<PortLocation>,
-}
-
-/// Represents the key running configuration status of a single switch interface.
-#[derive(Debug, PartialEq, Eq, Clone)]
-pub struct InterfaceInfo {
-    /// The full configuration name (e.g., "TenGigabitEthernet 1/0/1", "FortyGigabitEthernet 2/0/2").
-    pub name: String,
-    /// The physical location of the interface.
-    pub port_location: PortLocation,
-    /// The parsed type and name prefix of the interface.
-    pub interface_type: InterfaceType,
-    /// The primary configuration mode defining the interface's behavior (L2, L3, Fabric).
-    pub operating_mode: Option<PortOperatingMode>,
-    /// Indicates the current state of the interface.
-    pub status: InterfaceStatus,
-}
-
-/// Categorizes the functional type of a switch interface.
-#[derive(Debug, PartialEq, Eq, Clone)]
-pub enum InterfaceType {
-    /// Physical or virtual Ethernet interface (e.g., TenGigabitEthernet, FortyGigabitEthernet).
-    Ethernet(String),
-}
-
-impl fmt::Display for InterfaceType {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        match self {
-            InterfaceType::Ethernet(name) => write!(f, "{name}"),
-        }
-    }
-}
-
-/// Defines the primary configuration mode of a switch interface, representing mutually exclusive roles.
-#[derive(Debug, PartialEq, Eq, Clone, Serialize)]
-pub enum PortOperatingMode {
-    /// The interface is explicitly configured for Brocade fabric roles (ISL or Trunk enabled).
-    Fabric,
-    /// The interface is configured for standard Layer 2 switching as Trunk port (`switchport mode trunk`).
-    Trunk,
-    /// The interface is configured for standard Layer 2 switching as Access port (`switchport` without trunk mode).
-    Access,
-}
-
-/// Defines the possible status of an interface.
-#[derive(Debug, PartialEq, Eq, Clone)]
-pub enum InterfaceStatus {
-    /// The interface is connected.
-    Connected,
-    /// The interface is not connected and is not expected to be.
-    NotConnected,
-    /// The interface is not connected but is expected to be (configured with `no shutdown`).
-    SfpAbsent,
-}
-
-pub async fn init(
-    ip_addresses: &[IpAddr],
-    username: &str,
-    password: &str,
-    options: &BrocadeOptions,
-) -> Result<Box<dyn BrocadeClient + Send + Sync>, Error> {
-    let shell = BrocadeShell::init(ip_addresses, username, password, options).await?;
-
-    let version_info = shell
-        .with_session(ExecutionMode::Regular, |session| {
-            Box::pin(get_brocade_info(session))
-        })
-        .await?;
-
-    Ok(match version_info.os {
-        BrocadeOs::FastIron => Box::new(FastIronClient::init(shell, version_info)),
-        BrocadeOs::NetworkOperatingSystem => {
-            Box::new(NetworkOperatingSystemClient::init(shell, version_info))
-        }
-        BrocadeOs::Unknown => todo!(),
-    })
-}
-
-#[async_trait]
-pub trait BrocadeClient: std::fmt::Debug {
-    /// Retrieves the operating system and version details from the connected Brocade switch.
-    ///
-    /// This is typically the first call made after establishing a connection to determine
-    /// the switch OS family (e.g., FastIron, NOS) for feature compatibility.
-    ///
-    /// # Returns
-    ///
-    /// A `BrocadeInfo` structure containing parsed OS type and version string.
-    async fn version(&self) -> Result<BrocadeInfo, Error>;
-
-    /// Retrieves the dynamically learned MAC address table from the switch.
-    ///
-    /// This is crucial for discovering where specific network endpoints (MAC addresses)
-    /// are currently located on the physical ports.
-    ///
-    /// # Returns
-    ///
-    /// A vector of `MacAddressEntry`, where each entry typically contains VLAN, MAC address,
-    /// and the associated port name/index.
-    async fn get_mac_address_table(&self) -> Result<Vec<MacAddressEntry>, Error>;
-
-    /// Derives the physical connections used to link multiple switches together
-    /// to form a single logical entity (stack, fabric, etc.).
-    ///
-    /// This abstracts the underlying configuration (e.g., stack ports, fabric ports)
-    /// to return a standardized view of the topology.
-    ///
-    /// # Returns
-    ///
-    /// A vector of `InterSwitchLink` structs detailing which ports are used for stacking/fabric.
-    /// If the switch is not stacked, returns an empty vector.
-    async fn get_stack_topology(&self) -> Result<Vec<InterSwitchLink>, Error>;
-
-    /// Retrieves the status for all interfaces
-    ///
-    /// # Returns
-    ///
-    /// A vector of `InterfaceInfo` structures.
-    async fn get_interfaces(&self) -> Result<Vec<InterfaceInfo>, Error>;
-
-    /// Configures a set of interfaces to be operated with a specified mode (access ports, ISL, etc.).
-    async fn configure_interfaces(
-        &self,
-        interfaces: &Vec<(String, PortOperatingMode)>,
-    ) -> Result<(), Error>;
-
-    /// Scans the existing configuration to find the next available (unused)
-    /// Port-Channel ID (`lag` or `trunk`) for assignment.
-    ///
-    /// # Returns
-    ///
-    /// The smallest, unassigned `PortChannelId` within the supported range.
-    async fn find_available_channel_id(&self) -> Result<PortChannelId, Error>;
-
-    /// Creates and configures a new Port-Channel (Link Aggregation Group or LAG)
-    /// using the specified channel ID and ports.
-    ///
-    /// The resulting configuration must be persistent (saved to startup-config).
-    /// Assumes a static LAG configuration mode unless specified otherwise by the implementation.
-    ///
-    /// # Parameters
-    ///
-    /// * `channel_id`: The ID (e.g., 1-128) for the logical port channel.
-    /// * `channel_name`: A descriptive name for the LAG (used in configuration context).
-    /// * `ports`: A slice of `PortLocation` structs defining the physical member ports.
-    async fn create_port_channel(
-        &self,
-        channel_id: PortChannelId,
-        channel_name: &str,
-        ports: &[PortLocation],
-    ) -> Result<(), Error>;
-
-    /// Enables Simple Network Management Protocol (SNMP) server for switch
-    ///
-    /// # Parameters
-    ///
-    ///  * `user_name`: The user name for the snmp server
-    ///  * `auth`: The password for authentication process for verifying the identity of a device
-    ///  * `des`: The Data Encryption Standard algorithm key
-    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error>;
-
-    /// Removes all configuration associated with the specified Port-Channel name.
-    ///
-    /// This operation should be idempotent; attempting to clear a non-existent
-    /// channel should succeed (or return a benign error).
-    ///
-    /// # Parameters
-    ///
-    /// * `channel_name`: The name of the Port-Channel (LAG) to delete.
-    ///
-    async fn clear_port_channel(&self, channel_name: &str) -> Result<(), Error>;
-}
-
-async fn get_brocade_info(session: &mut BrocadeSession) -> Result<BrocadeInfo, Error> {
-    let output = session.run_command("show version").await?;
-
-    if output.contains("Network Operating System") {
-        let re = Regex::new(r"Network Operating System Version:\s*(?P<version>[a-zA-Z0-9.\-]+)")
-            .expect("Invalid regex");
-        let version = re
-            .captures(&output)
-            .and_then(|cap| cap.name("version"))
-            .map(|m| m.as_str().to_string())
-            .unwrap_or_default();
-
-        return Ok(BrocadeInfo {
-            os: BrocadeOs::NetworkOperatingSystem,
-            _version: version,
-        });
-    } else if output.contains("ICX") {
-        let re = Regex::new(r"(?m)^\s*SW: Version\s*(?P<version>[a-zA-Z0-9.\-]+)")
-            .expect("Invalid regex");
-        let version = re
-            .captures(&output)
-            .and_then(|cap| cap.name("version"))
-            .map(|m| m.as_str().to_string())
-            .unwrap_or_default();
-
-        return Ok(BrocadeInfo {
-            os: BrocadeOs::FastIron,
-            _version: version,
-        });
-    }
-
-    Err(Error::UnexpectedError("Unknown Brocade OS version".into()))
-}
-
-fn parse_brocade_mac_address(value: &str) -> Result<MacAddress, String> {
-    let cleaned_mac = value.replace('.', "");
-
-    if cleaned_mac.len() != 12 {
-        return Err(format!("Invalid MAC address: {value}"));
-    }
-
-    let mut bytes = [0u8; 6];
-    for (i, pair) in cleaned_mac.as_bytes().chunks(2).enumerate() {
-        let byte_str = std::str::from_utf8(pair).map_err(|_| "Invalid UTF-8")?;
-        bytes[i] =
-            u8::from_str_radix(byte_str, 16).map_err(|_| format!("Invalid hex in MAC: {value}"))?;
-    }
-
-    Ok(MacAddress(bytes))
-}
-
-#[derive(Debug)]
-pub enum SecurityLevel {
-    AuthPriv(String),
-}
-
-#[derive(Debug)]
-pub enum Error {
-    NetworkError(String),
-    AuthenticationError(String),
-    ConfigurationError(String),
-    TimeoutError(String),
-    UnexpectedError(String),
-    CommandError(String),
-}
-
-impl Display for Error {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        match self {
-            Error::NetworkError(msg) => write!(f, "Network error: {msg}"),
-            Error::AuthenticationError(msg) => write!(f, "Authentication error: {msg}"),
-            Error::ConfigurationError(msg) => write!(f, "Configuration error: {msg}"),
-            Error::TimeoutError(msg) => write!(f, "Timeout error: {msg}"),
-            Error::UnexpectedError(msg) => write!(f, "Unexpected error: {msg}"),
-            Error::CommandError(msg) => write!(f, "{msg}"),
-        }
-    }
-}
-
-impl From<Error> for String {
-    fn from(val: Error) -> Self {
-        format!("{val}")
-    }
-}
-
-impl std::error::Error for Error {}
-
-impl From<russh::Error> for Error {
-    fn from(value: russh::Error) -> Self {
-        Error::NetworkError(format!("Russh client error: {value}"))
-    }
-}

brocade/src/network_operating_system.rs

@@ -1,352 +0,0 @@
-use std::str::FromStr;
-
-use async_trait::async_trait;
-use harmony_types::switch::{PortDeclaration, PortLocation};
-use log::{debug, info};
-use regex::Regex;
-
-use crate::{
-    BrocadeClient, BrocadeInfo, Error, ExecutionMode, InterSwitchLink, InterfaceInfo,
-    InterfaceStatus, InterfaceType, MacAddressEntry, PortChannelId, PortOperatingMode,
-    parse_brocade_mac_address, shell::BrocadeShell,
-};
-
-#[derive(Debug)]
-pub struct NetworkOperatingSystemClient {
-    shell: BrocadeShell,
-    version: BrocadeInfo,
-}
-
-impl NetworkOperatingSystemClient {
-    pub fn init(mut shell: BrocadeShell, version_info: BrocadeInfo) -> Self {
-        shell.before_all(vec!["terminal length 0".into()]);
-
-        Self {
-            shell,
-            version: version_info,
-        }
-    }
-
-    fn parse_mac_entry(&self, line: &str) -> Option<Result<MacAddressEntry, Error>> {
-        debug!("[Brocade] Parsing mac address entry: {line}");
-        let parts: Vec<&str> = line.split_whitespace().collect();
-        if parts.len() < 5 {
-            return None;
-        }
-
-        let (vlan, mac_address, port) = match parts.len() {
-            5 => (
-                u16::from_str(parts[0]).ok()?,
-                parse_brocade_mac_address(parts[1]).ok()?,
-                parts[4].to_string(),
-            ),
-            _ => (
-                u16::from_str(parts[0]).ok()?,
-                parse_brocade_mac_address(parts[1]).ok()?,
-                parts[5].to_string(),
-            ),
-        };
-
-        let port =
-            PortDeclaration::parse(&port).map_err(|e| Error::UnexpectedError(format!("{e}")));
-
-        match port {
-            Ok(p) => Some(Ok(MacAddressEntry {
-                vlan,
-                mac_address,
-                port: p,
-            })),
-            Err(e) => Some(Err(e)),
-        }
-    }
-
-    fn parse_inter_switch_link_entry(&self, line: &str) -> Option<Result<InterSwitchLink, Error>> {
-        debug!("[Brocade] Parsing inter switch link entry: {line}");
-        let parts: Vec<&str> = line.split_whitespace().collect();
-        if parts.len() < 10 {
-            return None;
-        }
-
-        let local_port = PortLocation::from_str(parts[2]).ok()?;
-        let remote_port = PortLocation::from_str(parts[5]).ok()?;
-
-        Some(Ok(InterSwitchLink {
-            local_port,
-            remote_port: Some(remote_port),
-        }))
-    }
-
-    fn parse_interface_status_entry(&self, line: &str) -> Option<Result<InterfaceInfo, Error>> {
-        debug!("[Brocade] Parsing interface status entry: {line}");
-        let parts: Vec<&str> = line.split_whitespace().collect();
-        if parts.len() < 6 {
-            return None;
-        }
-
-        let interface_type = match parts[0] {
-            "Fo" => InterfaceType::Ethernet("FortyGigabitEthernet".to_string()),
-            "Te" => InterfaceType::Ethernet("TenGigabitEthernet".to_string()),
-            _ => return None,
-        };
-        let port_location = PortLocation::from_str(parts[1]).ok()?;
-        let status = match parts[2] {
-            "connected" => InterfaceStatus::Connected,
-            "notconnected" => InterfaceStatus::NotConnected,
-            "sfpAbsent" => InterfaceStatus::SfpAbsent,
-            _ => return None,
-        };
-        let operating_mode = match parts[3] {
-            "ISL" => Some(PortOperatingMode::Fabric),
-            "Trunk" => Some(PortOperatingMode::Trunk),
-            "Access" => Some(PortOperatingMode::Access),
-            "--" => None,
-            _ => return None,
-        };
-
-        Some(Ok(InterfaceInfo {
-            name: format!("{interface_type} {port_location}"),
-            port_location,
-            interface_type,
-            operating_mode,
-            status,
-        }))
-    }
-
-    fn map_configure_interfaces_error(&self, err: Error) -> Error {
-        debug!("[Brocade] {err}");
-
-        if let Error::CommandError(message) = &err {
-            if message.contains("switchport")
-                && message.contains("Cannot configure aggregator member")
-            {
-                let re = Regex::new(r"\(conf-if-([a-zA-Z]+)-([\d/]+)\)#").unwrap();
-
-                if let Some(caps) = re.captures(message) {
-                    let interface_type = &caps[1];
-                    let port_location = &caps[2];
-                    let interface = format!("{interface_type} {port_location}");
-
-                    return Error::CommandError(format!(
-                        "Cannot configure interface '{interface}', it is a member of a port-channel (LAG)"
-                    ));
-                }
-            }
-        }
-
-        err
-    }
-}
-
-#[async_trait]
-impl BrocadeClient for NetworkOperatingSystemClient {
-    async fn version(&self) -> Result<BrocadeInfo, Error> {
-        Ok(self.version.clone())
-    }
-
-    async fn get_mac_address_table(&self) -> Result<Vec<MacAddressEntry>, Error> {
-        let output = self
-            .shell
-            .run_command("show mac-address-table", ExecutionMode::Regular)
-            .await?;
-
-        output
-            .lines()
-            .skip(1)
-            .filter_map(|line| self.parse_mac_entry(line))
-            .collect()
-    }
-
-    async fn get_stack_topology(&self) -> Result<Vec<InterSwitchLink>, Error> {
-        let output = self
-            .shell
-            .run_command("show fabric isl", ExecutionMode::Regular)
-            .await?;
-
-        output
-            .lines()
-            .skip(6)
-            .filter_map(|line| self.parse_inter_switch_link_entry(line))
-            .collect()
-    }
-
-    async fn get_interfaces(&self) -> Result<Vec<InterfaceInfo>, Error> {
-        let output = self
-            .shell
-            .run_command(
-                "show interface status rbridge-id all",
-                ExecutionMode::Regular,
-            )
-            .await?;
-
-        output
-            .lines()
-            .skip(2)
-            .filter_map(|line| self.parse_interface_status_entry(line))
-            .collect()
-    }
-
-    async fn configure_interfaces(
-        &self,
-        interfaces: &Vec<(String, PortOperatingMode)>,
-    ) -> Result<(), Error> {
-        info!("[Brocade] Configuring {} interface(s)...", interfaces.len());
-
-        let mut commands = vec!["configure terminal".to_string()];
-
-        for interface in interfaces {
-            commands.push(format!("interface {}", interface.0));
-
-            match interface.1 {
-                PortOperatingMode::Fabric => {
-                    commands.push("fabric isl enable".into());
-                    commands.push("fabric trunk enable".into());
-                }
-                PortOperatingMode::Trunk => {
-                    commands.push("switchport".into());
-                    commands.push("switchport mode trunk".into());
-                    commands.push("switchport trunk allowed vlan all".into());
-                    commands.push("no switchport trunk tag native-vlan".into());
-                    commands.push("spanning-tree shutdown".into());
-                    commands.push("no fabric isl enable".into());
-                    commands.push("no fabric trunk enable".into());
-                    commands.push("no shutdown".into());
-                }
-                PortOperatingMode::Access => {
-                    commands.push("switchport".into());
-                    commands.push("switchport mode access".into());
-                    commands.push("switchport access vlan 1".into());
-                    commands.push("no spanning-tree shutdown".into());
-                    commands.push("no fabric isl enable".into());
-                    commands.push("no fabric trunk enable".into());
-                }
-            }
-
-            commands.push("no shutdown".into());
-            commands.push("exit".into());
-        }
-
-        self.shell
-            .run_commands(commands, ExecutionMode::Regular)
-            .await
-            .map_err(|err| self.map_configure_interfaces_error(err))?;
-
-        info!("[Brocade] Interfaces configured.");
-
-        Ok(())
-    }
-
-    async fn find_available_channel_id(&self) -> Result<PortChannelId, Error> {
-        info!("[Brocade] Finding next available channel id...");
-
-        let output = self
-            .shell
-            .run_command("show port-channel summary", ExecutionMode::Regular)
-            .await?;
-
-        let used_ids: Vec<u8> = output
-            .lines()
-            .skip(6)
-            .filter_map(|line| {
-                let parts: Vec<&str> = line.split_whitespace().collect();
-                if parts.len() < 8 {
-                    return None;
-                }
-
-                u8::from_str(parts[0]).ok()
-            })
-            .collect();
-
-        let mut next_id: u8 = 1;
-        loop {
-            if !used_ids.contains(&next_id) {
-                break;
-            }
-            next_id += 1;
-        }
-
-        info!("[Brocade] Found channel id: {next_id}");
-        Ok(next_id)
-    }
-
-    async fn create_port_channel(
-        &self,
-        channel_id: PortChannelId,
-        channel_name: &str,
-        ports: &[PortLocation],
-    ) -> Result<(), Error> {
-        info!(
-            "[Brocade] Configuring port-channel '{channel_id} {channel_name}' with ports: {}",
-            ports
-                .iter()
-                .map(|p| format!("{p}"))
-                .collect::<Vec<String>>()
-                .join(", ")
-        );
-
-        let interfaces = self.get_interfaces().await?;
-
-        let mut commands = vec![
-            "configure terminal".into(),
-            format!("interface port-channel {}", channel_id),
-            "no shutdown".into(),
-            "exit".into(),
-        ];
-
-        for port in ports {
-            let interface = interfaces.iter().find(|i| i.port_location == *port);
-            let Some(interface) = interface else {
-                continue;
-            };
-
-            commands.push(format!("interface {}", interface.name));
-            commands.push("no switchport".into());
-            commands.push("no ip address".into());
-            commands.push("no fabric isl enable".into());
-            commands.push("no fabric trunk enable".into());
-            commands.push(format!("channel-group {channel_id} mode active"));
-            commands.push("no shutdown".into());
-            commands.push("exit".into());
-        }
-
-        self.shell
-            .run_commands(commands, ExecutionMode::Regular)
-            .await?;
-
-        info!("[Brocade] Port-channel '{channel_name}' configured.");
-
-        Ok(())
-    }
-
-    async fn clear_port_channel(&self, channel_name: &str) -> Result<(), Error> {
-        info!("[Brocade] Clearing port-channel: {channel_name}");
-
-        let commands = vec![
-            "configure terminal".into(),
-            format!("no interface port-channel {}", channel_name),
-            "exit".into(),
-        ];
-
-        self.shell
-            .run_commands(commands, ExecutionMode::Regular)
-            .await?;
-
-        info!("[Brocade] Port-channel '{channel_name}' cleared.");
-        Ok(())
-    }
-
-    async fn enable_snmp(&self, user_name: &str, auth: &str, des: &str) -> Result<(), Error> {
-        let commands = vec![
-            "configure terminal".into(),
-            "snmp-server view ALL 1 included".into(),
-            "snmp-server group public v3 priv read ALL".into(),
-            format!(
-                "snmp-server user {user_name} groupname public auth md5 auth-password {auth} priv des priv-password {des}"
-            ),
-            "exit".into(),
-        ];
-        self.shell
-            .run_commands(commands, ExecutionMode::Regular)
-            .await?;
-        Ok(())
-    }
-}

brocade/src/shell.rs

@@ -1,367 +0,0 @@
-use std::net::IpAddr;
-use std::time::Duration;
-use std::time::Instant;
-
-use crate::BrocadeOptions;
-use crate::Error;
-use crate::ExecutionMode;
-use crate::TimeoutConfig;
-use crate::ssh;
-
-use log::debug;
-use log::info;
-use russh::ChannelMsg;
-use tokio::time::timeout;
-
-#[derive(Debug)]
-pub struct BrocadeShell {
-    ip: IpAddr,
-    username: String,
-    password: String,
-    options: BrocadeOptions,
-    before_all_commands: Vec<String>,
-    after_all_commands: Vec<String>,
-}
-
-impl BrocadeShell {
-    pub async fn init(
-        ip_addresses: &[IpAddr],
-        username: &str,
-        password: &str,
-        options: &BrocadeOptions,
-    ) -> Result<Self, Error> {
-        let ip = ip_addresses
-            .first()
-            .ok_or_else(|| Error::ConfigurationError("No IP addresses provided".to_string()))?;
-
-        let brocade_ssh_client_options =
-            ssh::try_init_client(username, password, ip, options).await?;
-
-        Ok(Self {
-            ip: *ip,
-            username: username.to_string(),
-            password: password.to_string(),
-            before_all_commands: vec![],
-            after_all_commands: vec![],
-            options: brocade_ssh_client_options,
-        })
-    }
-
-    pub async fn open_session(&self, mode: ExecutionMode) -> Result<BrocadeSession, Error> {
-        BrocadeSession::open(
-            self.ip,
-            self.options.ssh.port,
-            &self.username,
-            &self.password,
-            self.options.clone(),
-            mode,
-        )
-        .await
-    }
-
-    pub async fn with_session<F, R>(&self, mode: ExecutionMode, callback: F) -> Result<R, Error>
-    where
-        F: FnOnce(
-            &mut BrocadeSession,
-        ) -> std::pin::Pin<
-            Box<dyn std::future::Future<Output = Result<R, Error>> + Send + '_>,
-        >,
-    {
-        let mut session = self.open_session(mode).await?;
-
-        let _ = session.run_commands(self.before_all_commands.clone()).await;
-        let result = callback(&mut session).await;
-        let _ = session.run_commands(self.after_all_commands.clone()).await;
-
-        session.close().await?;
-        result
-    }
-
-    pub async fn run_command(&self, command: &str, mode: ExecutionMode) -> Result<String, Error> {
-        let mut session = self.open_session(mode).await?;
-
-        let _ = session.run_commands(self.before_all_commands.clone()).await;
-        let result = session.run_command(command).await;
-        let _ = session.run_commands(self.after_all_commands.clone()).await;
-
-        session.close().await?;
-        result
-    }
-
-    pub async fn run_commands(
-        &self,
-        commands: Vec<String>,
-        mode: ExecutionMode,
-    ) -> Result<(), Error> {
-        let mut session = self.open_session(mode).await?;
-
-        let _ = session.run_commands(self.before_all_commands.clone()).await;
-        let result = session.run_commands(commands).await;
-        let _ = session.run_commands(self.after_all_commands.clone()).await;
-
-        session.close().await?;
-        result
-    }
-
-    pub fn before_all(&mut self, commands: Vec<String>) {
-        self.before_all_commands = commands;
-    }
-
-    pub fn after_all(&mut self, commands: Vec<String>) {
-        self.after_all_commands = commands;
-    }
-}
-
-pub struct BrocadeSession {
-    pub channel: russh::Channel<russh::client::Msg>,
-    pub mode: ExecutionMode,
-    pub options: BrocadeOptions,
-}
-
-impl BrocadeSession {
-    pub async fn open(
-        ip: IpAddr,
-        port: u16,
-        username: &str,
-        password: &str,
-        options: BrocadeOptions,
-        mode: ExecutionMode,
-    ) -> Result<Self, Error> {
-        let client = ssh::create_client(ip, port, username, password, &options).await?;
-        let mut channel = client.channel_open_session().await?;
-
-        channel
-            .request_pty(false, "vt100", 80, 24, 0, 0, &[])
-            .await?;
-        channel.request_shell(false).await?;
-
-        wait_for_shell_ready(&mut channel, &options.timeouts).await?;
-
-        if let ExecutionMode::Privileged = mode {
-            try_elevate_session(&mut channel, username, password, &options.timeouts).await?;
-        }
-
-        Ok(Self {
-            channel,
-            mode,
-            options,
-        })
-    }
-
-    pub async fn close(&mut self) -> Result<(), Error> {
-        debug!("[Brocade] Closing session...");
-
-        self.channel.data(&b"exit\n"[..]).await?;
-        if let ExecutionMode::Privileged = self.mode {
-            self.channel.data(&b"exit\n"[..]).await?;
-        }
-
-        let start = Instant::now();
-        while start.elapsed() < self.options.timeouts.cleanup {
-            match timeout(self.options.timeouts.message_wait, self.channel.wait()).await {
-                Ok(Some(ChannelMsg::Close)) => break,
-                Ok(Some(_)) => continue,
-                Ok(None) | Err(_) => break,
-            }
-        }
-
-        debug!("[Brocade] Session closed.");
-        Ok(())
-    }
-
-    pub async fn run_command(&mut self, command: &str) -> Result<String, Error> {
-        if self.should_skip_command(command) {
-            return Ok(String::new());
-        }
-
-        debug!("[Brocade] Running command: '{command}'...");
-
-        self.channel
-            .data(format!("{}\n", command).as_bytes())
-            .await?;
-        tokio::time::sleep(Duration::from_millis(100)).await;
-
-        let output = self.collect_command_output().await?;
-        let output = String::from_utf8(output)
-            .map_err(|_| Error::UnexpectedError("Invalid UTF-8 in command output".to_string()))?;
-
-        self.check_for_command_errors(&output, command)?;
-        Ok(output)
-    }
-
-    pub async fn run_commands(&mut self, commands: Vec<String>) -> Result<(), Error> {
-        for command in commands {
-            self.run_command(&command).await?;
-        }
-        Ok(())
-    }
-
-    fn should_skip_command(&self, command: &str) -> bool {
-        if (command.starts_with("write") || command.starts_with("deploy")) && self.options.dry_run {
-            info!("[Brocade] Dry-run mode enabled, skipping command: {command}");
-            return true;
-        }
-        false
-    }
-
-    async fn collect_command_output(&mut self) -> Result<Vec<u8>, Error> {
-        let mut output = Vec::new();
-        let start = Instant::now();
-        let read_timeout = Duration::from_millis(500);
-        let log_interval = Duration::from_secs(5);
-        let mut last_log = Instant::now();
-
-        loop {
-            if start.elapsed() > self.options.timeouts.command_execution {
-                return Err(Error::TimeoutError(
-                    "Timeout waiting for command completion.".into(),
-                ));
-            }
-
-            if start.elapsed() > self.options.timeouts.command_output
-                && last_log.elapsed() > log_interval
-            {
-                info!("[Brocade] Waiting for command output...");
-                last_log = Instant::now();
-            }
-
-            match timeout(read_timeout, self.channel.wait()).await {
-                Ok(Some(ChannelMsg::Data { data } | ChannelMsg::ExtendedData { data, .. })) => {
-                    output.extend_from_slice(&data);
-                    let current_output = String::from_utf8_lossy(&output);
-                    if current_output.contains('>') || current_output.contains('#') {
-                        return Ok(output);
-                    }
-                }
-                Ok(Some(ChannelMsg::Eof | ChannelMsg::Close)) => return Ok(output),
-                Ok(Some(ChannelMsg::ExitStatus { exit_status })) => {
-                    debug!("[Brocade] Command exit status: {exit_status}");
-                }
-                Ok(Some(_)) => continue,
-                Ok(None) | Err(_) => {
-                    if output.is_empty() {
-                        if let Ok(None) = timeout(read_timeout, self.channel.wait()).await {
-                            break;
-                        }
-                        continue;
-                    }
-
-                    tokio::time::sleep(Duration::from_millis(100)).await;
-                    let current_output = String::from_utf8_lossy(&output);
-                    if current_output.contains('>') || current_output.contains('#') {
-                        return Ok(output);
-                    }
-                }
-            }
-        }
-
-        Ok(output)
-    }
-
-    fn check_for_command_errors(&self, output: &str, command: &str) -> Result<(), Error> {
-        const ERROR_PATTERNS: &[&str] = &[
-            "invalid input",
-            "syntax error",
-            "command not found",
-            "unknown command",
-            "permission denied",
-            "access denied",
-            "authentication failed",
-            "configuration error",
-            "failed to",
-            "error:",
-        ];
-
-        let output_lower = output.to_lowercase();
-        if ERROR_PATTERNS.iter().any(|&p| output_lower.contains(p)) {
-            return Err(Error::CommandError(format!(
-                "Command error: {}",
-                output.trim()
-            )));
-        }
-
-        if !command.starts_with("show") && output.trim().is_empty() {
-            return Err(Error::CommandError(format!(
-                "Command '{command}' produced no output"
-            )));
-        }
-
-        Ok(())
-    }
-}
-
-async fn wait_for_shell_ready(
-    channel: &mut russh::Channel<russh::client::Msg>,
-    timeouts: &TimeoutConfig,
-) -> Result<(), Error> {
-    let mut buffer = Vec::new();
-    let start = Instant::now();
-
-    while start.elapsed() < timeouts.shell_ready {
-        match timeout(timeouts.message_wait, channel.wait()).await {
-            Ok(Some(ChannelMsg::Data { data })) => {
-                buffer.extend_from_slice(&data);
-                let output = String::from_utf8_lossy(&buffer);
-                let output = output.trim();
-                if output.ends_with('>') || output.ends_with('#') {
-                    debug!("[Brocade] Shell ready");
-                    return Ok(());
-                }
-            }
-            Ok(Some(_)) => continue,
-            Ok(None) => break,
-            Err(_) => continue,
-        }
-    }
-    Ok(())
-}
-
-async fn try_elevate_session(
-    channel: &mut russh::Channel<russh::client::Msg>,
-    username: &str,
-    password: &str,
-    timeouts: &TimeoutConfig,
-) -> Result<(), Error> {
-    channel.data(&b"enable\n"[..]).await?;
-    let start = Instant::now();
-    let mut buffer = Vec::new();
-
-    while start.elapsed() < timeouts.shell_ready {
-        match timeout(timeouts.message_wait, channel.wait()).await {
-            Ok(Some(ChannelMsg::Data { data })) => {
-                buffer.extend_from_slice(&data);
-                let output = String::from_utf8_lossy(&buffer);
-
-                if output.ends_with('#') {
-                    debug!("[Brocade] Privileged mode established");
-                    return Ok(());
-                }
-
-                if output.contains("User Name:") {
-                    channel.data(format!("{}\n", username).as_bytes()).await?;
-                    buffer.clear();
-                } else if output.contains("Password:") {
-                    channel.data(format!("{}\n", password).as_bytes()).await?;
-                    buffer.clear();
-                } else if output.contains('>') {
-                    return Err(Error::AuthenticationError(
-                        "Enable authentication failed".into(),
-                    ));
-                }
-            }
-            Ok(Some(_)) => continue,
-            Ok(None) => break,
-            Err(_) => continue,
-        }
-    }
-
-    let output = String::from_utf8_lossy(&buffer);
-    if output.ends_with('#') {
-        debug!("[Brocade] Privileged mode established");
-        Ok(())
-    } else {
-        Err(Error::AuthenticationError(format!(
-            "Enable failed. Output:\n{output}"
-        )))
-    }
-}

brocade/src/ssh.rs

@@ -1,131 +0,0 @@
-use std::borrow::Cow;
-use std::sync::Arc;
-
-use async_trait::async_trait;
-use log::debug;
-use russh::client::Handler;
-use russh::kex::DH_G1_SHA1;
-use russh::kex::ECDH_SHA2_NISTP256;
-use russh_keys::key::SSH_RSA;
-
-use super::BrocadeOptions;
-use super::Error;
-
-#[derive(Clone, Debug)]
-pub struct SshOptions {
-    pub preferred_algorithms: russh::Preferred,
-    pub port: u16,
-}
-
-impl Default for SshOptions {
-    fn default() -> Self {
-        Self {
-            preferred_algorithms: Default::default(),
-            port: 22,
-        }
-    }
-}
-
-impl SshOptions {
-    fn ecdhsa_sha2_nistp256(port: u16) -> Self {
-        Self {
-            preferred_algorithms: russh::Preferred {
-                kex: Cow::Borrowed(&[ECDH_SHA2_NISTP256]),
-                key: Cow::Borrowed(&[SSH_RSA]),
-                ..Default::default()
-            },
-            port,
-            ..Default::default()
-        }
-    }
-
-    fn legacy(port: u16) -> Self {
-        Self {
-            preferred_algorithms: russh::Preferred {
-                kex: Cow::Borrowed(&[DH_G1_SHA1]),
-                key: Cow::Borrowed(&[SSH_RSA]),
-                ..Default::default()
-            },
-            port,
-            ..Default::default()
-        }
-    }
-}
-
-pub struct Client;
-
-#[async_trait]
-impl Handler for Client {
-    type Error = Error;
-
-    async fn check_server_key(
-        &mut self,
-        _server_public_key: &russh_keys::key::PublicKey,
-    ) -> Result<bool, Self::Error> {
-        Ok(true)
-    }
-}
-
-pub async fn try_init_client(
-    username: &str,
-    password: &str,
-    ip: &std::net::IpAddr,
-    base_options: &BrocadeOptions,
-) -> Result<BrocadeOptions, Error> {
-    let mut default = SshOptions::default();
-    default.port = base_options.ssh.port;
-    let ssh_options = vec![
-        default,
-        SshOptions::ecdhsa_sha2_nistp256(base_options.ssh.port),
-        SshOptions::legacy(base_options.ssh.port),
-    ];
-
-    for ssh in ssh_options {
-        let opts = BrocadeOptions {
-            ssh: ssh.clone(),
-            ..base_options.clone()
-        };
-        debug!("Creating client {ip}:{} {username}", ssh.port);
-        let client = create_client(*ip, ssh.port, username, password, &opts).await;
-
-        match client {
-            Ok(_) => {
-                return Ok(opts);
-            }
-            Err(e) => match e {
-                Error::NetworkError(e) => {
-                    if e.contains("No common key exchange algorithm") {
-                        continue;
-                    } else {
-                        return Err(Error::NetworkError(e));
-                    }
-                }
-                _ => return Err(e),
-            },
-        }
-    }
-
-    Err(Error::NetworkError(
-        "Could not establish ssh connection: wrong key exchange algorithm)".to_string(),
-    ))
-}
-
-pub async fn create_client(
-    ip: std::net::IpAddr,
-    port: u16,
-    username: &str,
-    password: &str,
-    options: &BrocadeOptions,
-) -> Result<russh::client::Handle<Client>, Error> {
-    let config = russh::client::Config {
-        preferred: options.ssh.preferred_algorithms.clone(),
-        ..Default::default()
-    };
-    let mut client = russh::client::connect(Arc::new(config), (ip, port), Client {}).await?;
-    if !client.authenticate_password(username, password).await? {
-        return Err(Error::AuthenticationError(
-            "ssh authentication failed".to_string(),
-        ));
-    }
-    Ok(client)
-}

build/book.sh

@@ -1,11 +0,0 @@
-#!/bin/sh
-set -e
-
-cd "$(dirname "$0")/.."
-
-cargo install mdbook --locked
-mdbook build
-
-test -f book/index.html || (echo "ERROR: book/index.html not found" && exit 1)
-test -f book/concepts.html || (echo "ERROR: book/concepts.html not found" && exit 1)
-test -f book/guides/getting-started.html || (echo "ERROR: book/guides/getting-started.html not found" && exit 1)

build/check.sh

@@ -1,10 +0,0 @@
-#!/bin/sh
-set -e
-
-cd "$(dirname "$0")/.."
-
-rustc --version
-cargo check --all-targets --all-features --keep-going
-cargo fmt --check
-cargo clippy
-cargo test

build/ci.sh

@@ -1,16 +0,0 @@
-#!/bin/sh
-set -e
-
-cd "$(dirname "$0")/.."
-
-BRANCH="${1:-main}"
-
-echo "=== Running CI for branch: $BRANCH ==="
-
-echo "--- Checking code ---"
-./build/check.sh
-
-echo "--- Building book ---"
-./build/book.sh
-
-echo "=== CI passed ==="

check.sh

@@ -1 +0,0 @@
-build/check.sh

check.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+set -e
+cargo check --all-targets --all-features --keep-going
+cargo fmt --check
+cargo test

data/okd/installer_image/scos-live-initramfs.x86_64.img

@@ -1 +0,0 @@
-scos-9.0.20250510-0-live-initramfs.x86_64.img

data/okd/installer_image/scos-live-kernel.x86_64

@@ -1 +0,0 @@
-scos-9.0.20250510-0-live-kernel.x86_64

data/okd/installer_image/scos-live-rootfs.x86_64.img

@@ -1 +0,0 @@
-scos-9.0.20250510-0-live-rootfs.x86_64.img

data/pxe/okd/README.md

@@ -1,8 +0,0 @@
-Here lies all the data files required for an OKD cluster PXE boot setup.
-
-This inclues ISO files, binary boot files, ipxe, etc.
-
-TODO as of august 2025 :
-
-- `harmony_inventory_agent` should be downloaded from official releases, this embedded version is practical for now though
-- The cluster ssh key should be generated and handled by harmony with the private key saved in a secret store

data/pxe/okd/http_files/.gitattributes

@@ -1,9 +0,0 @@
-harmony_inventory_agent filter=lfs diff=lfs merge=lfs -text
-os filter=lfs diff=lfs merge=lfs -text
-os/centos-stream-9 filter=lfs diff=lfs merge=lfs -text
-os/centos-stream-9/images filter=lfs diff=lfs merge=lfs -text
-os/centos-stream-9/initrd.img filter=lfs diff=lfs merge=lfs -text
-os/centos-stream-9/vmlinuz filter=lfs diff=lfs merge=lfs -text
-os/centos-stream-9/images/efiboot.img filter=lfs diff=lfs merge=lfs -text
-os/centos-stream-9/images/install.img filter=lfs diff=lfs merge=lfs -text
-os/centos-stream-9/images/pxeboot filter=lfs diff=lfs merge=lfs -text

data/pxe/okd/http_files/cluster_ssh_key.pub

@@ -1 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBx6bDylvC68cVpjKfEFtLQJ/dOFi6PVS2vsIOqPDJIc jeangab@liliane2

data/watchguard/pxe-http-files/.gitattributes

@@ -1 +0,0 @@
-slitaz/* filter=lfs diff=lfs merge=lfs -text

data/watchguard/pxe-http-files/boot.ipxe

@@ -1,6 +0,0 @@
-#!ipxe
-
-set base-url http://192.168.33.1:8080
-set hostfile ${base-url}/byMAC/01-${mac:hexhyp}.ipxe
-
-chain ${hostfile} || chain ${base-url}/default.ipxe

data/watchguard/pxe-http-files/byMAC/01-c4-62-37-01-bc-68.ipxe

@@ -1,35 +0,0 @@
-#!ipxe
-menu PXE Boot Menu - [${mac}]
-item okdinstallation  Install OKD
-item slitaz  Boot to Slitaz - old linux for debugging
-choose selected
-
-goto ${selected}
-
-:local
-exit
-
-#################################
-# okdinstallation
-#################################
-:okdinstallation
-set base-url http://192.168.33.1:8080
-set kernel-image fcos/fedora-coreos-39.20231101.3.0-live-kernel-x86_64
-set live-rootfs fcos/fedora-coreos-39.20231101.3.0-live-rootfs.x86_64.img
-set live-initramfs fcos/fedora-coreos-39.20231101.3.0-live-initramfs.x86_64.img
-set install-disk /dev/nvme0n1
-set ignition-file ncd0/master.ign
-
-kernel ${base-url}/${kernel-image} initrd=main coreos.live.rootfs_url=${base-url}/${live-rootfs} coreos.inst.install_dev=${install-disk} coreos.inst.ignition_url=${base-url}/${ignition-file}  ip=enp1s0:dhcp
-initrd --name main ${base-url}/${live-initramfs}
-boot
-
-#################################
-# slitaz
-#################################
-:slitaz
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/slitaz
-kernel ${base_url}/vmlinuz-2.6.37-slitaz rw root=/dev/null vga=788 initrd=rootfs.gz
-initrd ${base_url}/rootfs.gz
-boot

data/watchguard/pxe-http-files/byMAC/01-c4-62-37-02-60-fa.ipxe

@@ -1,35 +0,0 @@
-#!ipxe
-menu PXE Boot Menu - [${mac}]
-item okdinstallation  Install OKD
-item slitaz  Boot to Slitaz - old linux for debugging
-choose selected
-
-goto ${selected}
-
-:local
-exit
-
-#################################
-# okdinstallation
-#################################
-:okdinstallation
-set base-url http://192.168.33.1:8080
-set kernel-image fcos/fedora-coreos-39.20231101.3.0-live-kernel-x86_64
-set live-rootfs fcos/fedora-coreos-39.20231101.3.0-live-rootfs.x86_64.img
-set live-initramfs fcos/fedora-coreos-39.20231101.3.0-live-initramfs.x86_64.img
-set install-disk /dev/nvme0n1
-set ignition-file ncd0/master.ign
-
-kernel ${base-url}/${kernel-image} initrd=main coreos.live.rootfs_url=${base-url}/${live-rootfs} coreos.inst.install_dev=${install-disk} coreos.inst.ignition_url=${base-url}/${ignition-file}  ip=enp1s0:dhcp
-initrd --name main ${base-url}/${live-initramfs}
-boot
-
-#################################
-# slitaz
-#################################
-:slitaz
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/slitaz
-kernel ${base_url}/vmlinuz-2.6.37-slitaz rw root=/dev/null vga=788 initrd=rootfs.gz
-initrd ${base_url}/rootfs.gz
-boot

data/watchguard/pxe-http-files/byMAC/01-c4-62-37-02-61-0f.ipxe

@@ -1,35 +0,0 @@
-#!ipxe
-menu PXE Boot Menu - [${mac}]
-item okdinstallation  Install OKD
-item slitaz  Slitaz - an old linux image for debugging
-choose selected
-
-goto ${selected}
-
-:local
-exit
-
-#################################
-# okdinstallation
-#################################
-:okdinstallation
-set base-url http://192.168.33.1:8080
-set kernel-image fcos/fedora-coreos-39.20231101.3.0-live-kernel-x86_64
-set live-rootfs fcos/fedora-coreos-39.20231101.3.0-live-rootfs.x86_64.img
-set live-initramfs fcos/fedora-coreos-39.20231101.3.0-live-initramfs.x86_64.img
-set install-disk /dev/sda
-set ignition-file ncd0/worker.ign
-
-kernel ${base-url}/${kernel-image} initrd=main coreos.live.rootfs_url=${base-url}/${live-rootfs} coreos.inst.install_dev=${install-disk} coreos.inst.ignition_url=${base-url}/${ignition-file}  ip=enp1s0:dhcp
-initrd --name main ${base-url}/${live-initramfs}
-boot
-
-#################################
-# slitaz
-#################################
-:slitaz
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/slitaz
-kernel ${base_url}/vmlinuz-2.6.37-slitaz rw root=/dev/null vga=788 initrd=rootfs.gz
-initrd ${base_url}/rootfs.gz
-boot

data/watchguard/pxe-http-files/byMAC/01-c4-62-37-02-61-1a.ipxe

@@ -1,35 +0,0 @@
-#!ipxe
-menu PXE Boot Menu - [${mac}]
-item okdinstallation  Install OKD
-item slitaz  Boot to Slitaz - old linux for debugging
-choose selected
-
-goto ${selected}
-
-:local
-exit
-
-#################################
-# okdinstallation
-#################################
-:okdinstallation
-set base-url http://192.168.33.1:8080
-set kernel-image fcos/fedora-coreos-39.20231101.3.0-live-kernel-x86_64
-set live-rootfs fcos/fedora-coreos-39.20231101.3.0-live-rootfs.x86_64.img
-set live-initramfs fcos/fedora-coreos-39.20231101.3.0-live-initramfs.x86_64.img
-set install-disk /dev/nvme0n1
-set ignition-file ncd0/master.ign
-
-kernel ${base-url}/${kernel-image} initrd=main coreos.live.rootfs_url=${base-url}/${live-rootfs} coreos.inst.install_dev=${install-disk} coreos.inst.ignition_url=${base-url}/${ignition-file}  ip=enp1s0:dhcp
-initrd --name main ${base-url}/${live-initramfs}
-boot
-
-#################################
-# slitaz
-#################################
-:slitaz
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/slitaz
-kernel ${base_url}/vmlinuz-2.6.37-slitaz rw root=/dev/null vga=788 initrd=rootfs.gz
-initrd ${base_url}/rootfs.gz
-boot

data/watchguard/pxe-http-files/byMAC/01-c4-62-37-02-61-26.ipxe

@@ -1,35 +0,0 @@
-#!ipxe
-menu PXE Boot Menu - [${mac}]
-item okdinstallation  Install OKD
-item slitaz  Slitaz - an old linux image for debugging
-choose selected
-
-goto ${selected}
-
-:local
-exit
-
-#################################
-# okdinstallation
-#################################
-:okdinstallation
-set base-url http://192.168.33.1:8080
-set kernel-image fcos/fedora-coreos-39.20231101.3.0-live-kernel-x86_64
-set live-rootfs fcos/fedora-coreos-39.20231101.3.0-live-rootfs.x86_64.img
-set live-initramfs fcos/fedora-coreos-39.20231101.3.0-live-initramfs.x86_64.img
-set install-disk /dev/sda
-set ignition-file ncd0/worker.ign
-
-kernel ${base-url}/${kernel-image} initrd=main coreos.live.rootfs_url=${base-url}/${live-rootfs} coreos.inst.install_dev=${install-disk} coreos.inst.ignition_url=${base-url}/${ignition-file}  ip=enp1s0:dhcp
-initrd --name main ${base-url}/${live-initramfs}
-boot
-
-#################################
-# slitaz
-#################################
-:slitaz
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/slitaz
-kernel ${base_url}/vmlinuz-2.6.37-slitaz rw root=/dev/null vga=788 initrd=rootfs.gz
-initrd ${base_url}/rootfs.gz
-boot

data/watchguard/pxe-http-files/byMAC/01-c4-62-37-02-61-70.ipxe

@@ -1,37 +0,0 @@
-#!ipxe
-menu PXE Boot Menu - [${mac}]
-item okdinstallation  Install OKD
-item slitaz  Slitaz - an old linux image for debugging
-choose selected
-
-goto ${selected}
-
-:local
-exit
-# This is the bootstrap node
-# it will become wk2
-
-#################################
-# okdinstallation
-#################################
-:okdinstallation
-set base-url http://192.168.33.1:8080
-set kernel-image fcos/fedora-coreos-39.20231101.3.0-live-kernel-x86_64
-set live-rootfs fcos/fedora-coreos-39.20231101.3.0-live-rootfs.x86_64.img
-set live-initramfs fcos/fedora-coreos-39.20231101.3.0-live-initramfs.x86_64.img
-set install-disk /dev/sda
-set ignition-file ncd0/worker.ign
-
-kernel ${base-url}/${kernel-image} initrd=main coreos.live.rootfs_url=${base-url}/${live-rootfs} coreos.inst.install_dev=${install-disk} coreos.inst.ignition_url=${base-url}/${ignition-file}  ip=enp1s0:dhcp
-initrd --name main ${base-url}/${live-initramfs}
-boot
-
-#################################
-# slitaz
-#################################
-:slitaz
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/slitaz
-kernel ${base_url}/vmlinuz-2.6.37-slitaz rw root=/dev/null vga=788 initrd=rootfs.gz
-initrd ${base_url}/rootfs.gz
-boot

data/watchguard/pxe-http-files/default.ipxe

@@ -1,71 +0,0 @@
-#!ipxe
-menu PXE Boot Menu - [${mac}]
-item local  Boot from Hard Disk
-item slitaz Boot slitaz live environment [tux|root:root]
-#item ubuntu-server Ubuntu 24.04.1 live server
-#item ubuntu-desktop Ubuntu 24.04.1 desktop
-#item systemrescue System Rescue 11.03
-item memtest memtest
-#choose --default local --timeout 5000 selected
-choose selected
-
-goto ${selected}
-
-:local
-exit
-
-#################################
-# slitaz
-#################################
-:slitaz
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/slitaz
-kernel ${base_url}/vmlinuz-2.6.37-slitaz rw root=/dev/null vga=788 initrd=rootfs.gz
-initrd ${base_url}/rootfs.gz
-boot
-
-#################################
-# Ubuntu Server
-#################################
-:ubuntu-server
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/ubuntu/live-server-24.04.1
-
-kernel ${base_url}/vmlinuz ip=dhcp url=${base_url}/ubuntu-24.04.1-live-server-amd64.iso autoinstall ds=nocloud
-initrd ${base_url}/initrd
-boot
-
-#################################
-# Ubuntu Desktop
-#################################
-:ubuntu-desktop
-set server_ip 192.168.33.1:8080
-set base_url http://${server_ip}/ubuntu/desktop-24.04.1
-
-kernel ${base_url}/vmlinuz ip=dhcp url=${base_url}/ubuntu-24.04.1-desktop-amd64.iso autoinstall ds=nocloud
-initrd ${base_url}/initrd
-boot
-
-#################################
-# System Rescue
-#################################
-:systemrescue
-set base-url http://192.168.33.1:8080/systemrescue
-
-kernel ${base-url}/vmlinuz initrd=sysresccd.img boot=systemrescue docache
-initrd ${base-url}/sysresccd.img
-boot
-
-#################################
-# MemTest86 (BIOS/UEFI)
-#################################
-:memtest
-iseq ${platform} efi && goto memtest_efi || goto memtest_bios
-
-:memtest_efi
-kernel http://192.168.33.1:8080/memtest/memtest64.efi
-boot
-
-:memtest_bios
-kernel http://192.168.33.1:8080/memtest/memtest64.bin
-boot

data/watchguard/pxe-http-files/paul

@@ -0,0 +1 @@
+hey i am paul

demos/cncf-k8s-quebec-meetup-september-2025/.gitignore

@@ -1,3 +0,0 @@
-.terraform
-*.tfstate
-venv