Dark-Alex-17/loki
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Integrated gman with Loki to create a vault and added flags to configure the Loki vault

Browse Source
This commit is contained in:
Alex Clarke
2025-10-14 18:00:11 -06:00
parent 316ebd6d25
commit 591f204b67
7 changed files with 2174 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/cli/mod.rs
+237
View File
@@ -0,0 +1,237 @@
mod secrets;
use crate::cli::secrets::secrets_completer;
use crate::client::{list_models, ModelType};
use crate::config::{list_agents, Config};
use anyhow::{Context, Result};
use clap::ValueHint;
use clap::{crate_authors, crate_description, crate_name, crate_version, Parser};
use clap_complete::ArgValueCompleter;
use clap_complete::CompletionCandidate;
use is_terminal::IsTerminal;
use std::ffi::OsStr;
use std::io::{stdin, Read};
#[derive(Parser, Debug)]
#[command(author, version, about, long_about = None)]
#[command(
name = crate_name!(),
author = crate_authors!(),
version = crate_version!(),
about = crate_description!(),
help_template = "\
{before-help}{name} {version}
{author-with-newline}
{about-with-newline}
{usage-heading} {usage}
{all-args}{after-help}
"
)]
pub struct Cli {
/// Select a LLM model
#[arg(short, long, add = ArgValueCompleter::new(model_completer))]
pub model: Option<String>,
/// Use the system prompt
#[arg(long)]
pub prompt: Option<String>,
/// Select a role
#[arg(short, long, add = ArgValueCompleter::new(role_completer))]
pub role: Option<String>,
/// Start or join a session
#[arg(short = 's', long, add = ArgValueCompleter::new(session_completer))]
pub session: Option<Option<String>>,
/// Ensure the session is empty
#[arg(long)]
pub empty_session: bool,
/// Ensure the new conversation is saved to the session
#[arg(long)]
pub save_session: bool,
/// Start an agent
#[arg(short = 'a', long, add = ArgValueCompleter::new(agent_completer))]
pub agent: Option<String>,
/// Set agent variables
#[arg(long, value_names = ["NAME", "VALUE"], num_args = 2)]
pub agent_variable: Vec<String>,
/// Start a RAG
#[arg(long, add = ArgValueCompleter::new(rag_completer))]
pub rag: Option<String>,
/// Rebuild the RAG to sync document changes
#[arg(long)]
pub rebuild_rag: bool,
/// Execute a macro
#[arg(long = "macro", value_name = "MACRO", add = ArgValueCompleter::new(macro_completer))]
pub macro_name: Option<String>,
/// Serve the LLM API and WebAPP
#[arg(long, value_name = "PORT|IP|IP:PORT")]
pub serve: Option<Option<String>>,
/// Execute commands in natural language
#[arg(short = 'e', long)]
pub execute: bool,
/// Output code only
#[arg(short = 'c', long)]
pub code: bool,
/// Include files, directories, or URLs
#[arg(short = 'f', long, value_name = "FILE|URL", value_hint = ValueHint::AnyPath)]
pub file: Vec<String>,
/// Turn off stream mode
#[arg(short = 'S', long)]
pub no_stream: bool,
/// Display the message without sending it
#[arg(long)]
pub dry_run: bool,
/// Display information
#[arg(long)]
pub info: bool,
/// Build all configured Bash tool scripts
#[arg(long)]
pub build_tools: bool,
/// Sync models updates
#[arg(long)]
pub sync_models: bool,
/// List all available chat models
#[arg(long)]
pub list_models: bool,
/// List all roles
#[arg(long)]
pub list_roles: bool,
/// List all sessions
#[arg(long)]
pub list_sessions: bool,
/// List all agents
#[arg(long)]
pub list_agents: bool,
/// List all RAGs
#[arg(long)]
pub list_rags: bool,
/// List all macros
#[arg(long)]
pub list_macros: bool,
/// Input text
#[arg(trailing_var_arg = true)]
text: Vec<String>,
/// Tail logs
#[arg(long)]
pub tail_logs: bool,
/// Disable colored log output
#[arg(long, requires = "tail_logs")]
pub disable_log_colors: bool,
/// Add a secret to the Loki vault
#[arg(long, value_name = "SECRET_NAME", exclusive = true)]
pub add_secret: Option<String>,
/// Decrypt a secret from the Loki vault and print the plaintext
#[arg(long, value_name = "SECRET_NAME", exclusive = true, add = ArgValueCompleter::new(secrets_completer))]
pub get_secret: Option<String>,
/// Update an existing secret in the Loki vault
#[arg(long, value_name = "SECRET_NAME", exclusive = true, add = ArgValueCompleter::new(secrets_completer))]
pub update_secret: Option<String>,
/// Delete a secret from the Loki vault
#[arg(long, value_name = "SECRET_NAME", exclusive = true, add = ArgValueCompleter::new(secrets_completer))]
pub delete_secret: Option<String>,
/// List all secrets stored in the Loki vault
#[arg(long, exclusive = true)]
pub list_secrets: bool,
}
impl Cli {
pub fn text(&self) -> Result<Option<String>> {
let mut stdin_text = String::new();
if !stdin().is_terminal() {
let _ = stdin()
.read_to_string(&mut stdin_text)
.context("Invalid stdin pipe")?;
};
match self.text.is_empty() {
true => {
if stdin_text.is_empty() {
Ok(None)
} else {
Ok(Some(stdin_text))
}
}
false => {
if self.macro_name.is_some() {
let text = self
.text
.iter()
.map(|v| shell_words::quote(v))
.collect::<Vec<_>>()
.join(" ");
if stdin_text.is_empty() {
Ok(Some(text))
} else {
Ok(Some(format!("{text} -- {stdin_text}")))
}
} else {
let text = self.text.join(" ");
if stdin_text.is_empty() {
Ok(Some(text))
} else {
Ok(Some(format!("{text}\n{stdin_text}")))
}
}
}
}
}
}
fn model_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
match Config::init_bare() {
Ok(config) => list_models(&config, ModelType::Chat)
.into_iter()
.filter(|&m| m.id().starts_with(&*cur))
.map(|m| CompletionCandidate::new(m.id()))
.collect(),
Err(_) => vec![],
}
}
fn role_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
Config::list_roles(true)
.into_iter()
.filter(|r| r.starts_with(&*cur))
.map(CompletionCandidate::new)
.collect()
}
fn agent_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
list_agents()
.into_iter()
.filter(|a| a.starts_with(&*cur))
.map(CompletionCandidate::new)
.collect()
}
fn rag_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
Config::list_rags()
.into_iter()
.filter(|r| r.starts_with(&*cur))
.map(CompletionCandidate::new)
.collect()
}
fn macro_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
Config::list_macros()
.into_iter()
.filter(|m| m.starts_with(&*cur))
.map(CompletionCandidate::new)
.collect()
}
fn session_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
match Config::init_bare() {
Ok(config) => config
.list_sessions()
.into_iter()
.filter(|s| s.starts_with(&*cur))
.map(CompletionCandidate::new)
.collect(),
Err(_) => vec![],
}
}
src/cli/secrets.rs
+226
View File
@@ -0,0 +1,226 @@
use crate::cli::Cli;
use crate::config::{ensure_parent_exists, Config};
use anyhow::{anyhow, Context, Result};
use clap_complete::CompletionCandidate;
use gman::providers::local::LocalProvider;
use gman::providers::SecretProvider;
use inquire::validator::Validation;
use inquire::{min_length, required, Confirm, Password, PasswordDisplayMode, Text};
use std::ffi::OsStr;
use std::io;
use std::io::{IsTerminal, Read, Write};
use std::path::PathBuf;
use tokio::runtime::Handle;
impl Cli {
pub async fn handle_secret_flag(&self, mut config: Config) -> Result<()> {
ensure_password_file_initialized(&mut config)?;
let local_provider = match config.secrets_provider {
Some(lc) => lc,
None => {
return Err(anyhow!(
"Local secrets provider is not configured. Please ensure a password file is configured and try again."
))
}
};
if let Some(secret_name) = &self.add_secret {
let plaintext =
read_all_stdin().with_context(|| "unable to read plaintext from stdin")?;
local_provider
.set_secret(secret_name, plaintext.trim_end())
.await?;
println!("✓ Secret '{secret_name}' added to the vault.");
}
if let Some(secret_name) = &self.get_secret {
let secret = local_provider.get_secret(secret_name).await?;
println!("{}", secret);
}
if let Some(secret_name) = &self.update_secret {
let plaintext =
read_all_stdin().with_context(|| "unable to read plaintext from stdin")?;
local_provider
.update_secret(secret_name, plaintext.trim_end())
.await?;
println!("✓ Secret '{secret_name}' updated in the vault.");
}
if let Some(secret_name) = &self.delete_secret {
local_provider.delete_secret(secret_name).await?;
println!("✓ Secret '{secret_name}' deleted from the vault.");
}
if self.list_secrets {
let secrets = local_provider.list_secrets().await?;
if secrets.is_empty() {
println!("The vault is empty.");
} else {
for key in &secrets {
println!("{}", key);
}
}
}
Ok(())
}
}
fn ensure_password_file_initialized(config: &mut Config) -> Result<()> {
let secrets_password_file = config.secrets_password_file();
if secrets_password_file.exists() {
{
let file_contents = std::fs::read_to_string(&secrets_password_file)?;
if !file_contents.trim().is_empty() {
return Ok(());
}
}
let ans = Confirm::new(
format!(
"The configured password file '{}' is empty. Create a password?",
secrets_password_file.display()
)
.as_str(),
)
.with_default(true)
.prompt()?;
if !ans {
return Err(anyhow!("The configured password file '{}' is empty. Please populate it with a password and try again.", secrets_password_file.display()));
}
let password = Password::new("Enter a password to encrypt all vault secrets:")
.with_validator(required!())
.with_validator(min_length!(10))
.with_display_mode(PasswordDisplayMode::Masked)
.prompt();
match password {
Ok(pw) => {
std::fs::write(&secrets_password_file, pw.as_bytes())?;
load_secrets_provider(config);
println!(
"✓ Password file '{}' updated.",
secrets_password_file.display()
);
}
Err(_) => {
return Err(anyhow!(
"Failed to read password from input. Password file not updated."
));
}
}
} else {
let ans = Confirm::new("No password file configured. Do you want to create one now?")
.with_default(true)
.prompt()?;
if !ans {
return Err(anyhow!("A password file is required to utilize secrets. Please configure a password file in your config file and try again."));
}
let password_file: PathBuf = Text::new("Enter the path to the password file to create:")
.with_default(&secrets_password_file.display().to_string())
.with_validator(required!("Password file path is required"))
.with_validator(|input: &str| {
let path = PathBuf::from(input);
if path.exists() {
Ok(Validation::Invalid(
"File already exists. Please choose a different path.".into(),
))
} else if let Some(parent) = path.parent() {
if !parent.exists() {
Ok(Validation::Invalid(
"Parent directory does not exist.".into(),
))
} else {
Ok(Validation::Valid)
}
} else {
Ok(Validation::Valid)
}
})
.prompt()?
.into();
if password_file != secrets_password_file {
println!("Note: The default password file path is '{}'. You have chosen to create a different path: '{}'. Please ensure your configuration is updated accordingly.", secrets_password_file.display(), password_file.display());
}
ensure_parent_exists(&password_file)?;
let password = Password::new("Enter a password to encrypt all vault secrets:")
.with_display_mode(PasswordDisplayMode::Masked)
.with_validator(required!())
.with_validator(min_length!(10))
.prompt();
match password {
Ok(pw) => {
std::fs::write(&password_file, pw.as_bytes())?;
config.password_file = Some(password_file);
load_secrets_provider(config);
println!(
"✓ Password file '{}' created.",
secrets_password_file.display()
);
}
Err(_) => {
return Err(anyhow!(
"Failed to read password from input. Password file not created."
));
}
}
}
Ok(())
}
fn load_secrets_provider(config: &mut Config) {
let password_file = Some(config.secrets_password_file());
config.secrets_provider = Some(LocalProvider {
password_file,
git_branch: None,
..LocalProvider::default()
});
}
fn read_all_stdin() -> Result<String> {
if io::stdin().is_terminal() {
#[cfg(not(windows))]
eprintln!("Enter the text to encrypt, then press Ctrl-D twice to finish input");
#[cfg(windows)]
eprintln!("Enter the text to encrypt, then press Ctrl-Z to finish input");
io::stderr().flush()?;
}
let mut buf = String::new();
let stdin_tty = io::stdin().is_terminal();
let stdout_tty = io::stdout().is_terminal();
io::stdin().read_to_string(&mut buf)?;
if stdin_tty && stdout_tty && !buf.ends_with('\n') {
let mut out = io::stdout().lock();
out.write_all(b"\n")?;
out.flush()?;
}
Ok(buf)
}
pub fn secrets_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
match Config::init_bare() {
Ok(config) => {
let local_provider = match config.secrets_provider {
Some(pc) => pc,
None => return vec![],
};
let h = Handle::current();
tokio::task::block_in_place(|| h.block_on(local_provider.list_secrets()))
.unwrap_or_default()
.into_iter()
.filter(|s| s.starts_with(&*cur))
.map(CompletionCandidate::new)
.collect()
}
Err(_) => vec![],
}
}