Skip to content

feat: implement skillet configuration tool #46

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
gbagnoli wants to merge 19 commits into
base: master
Choose a base branch
from
Open

feat: implement skillet configuration tool #46

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
8b1d017
feat: implement skillet configuration tool with containerized integra…
gbagnoli Mar 21, 2026
1db75db
refactor: address PR review comments
gbagnoli Mar 21, 2026
005d85b
refactor: replace expect with proper error propagation in cli crates
gbagnoli Mar 21, 2026
9cc457d
ci: add skillet quality checks to GitHub workflow
gbagnoli Mar 21, 2026
c90f5f8
fix: resolve clippy type complexity warning in test_utils
gbagnoli Mar 21, 2026
42b7e4b
refactor: simplify integration test container setup
gbagnoli Mar 23, 2026
a21ff6d
feat: implement service management and systemctl restart
gbagnoli Mar 23, 2026
dbefdc6
refactor(skillet): address code review comments
gbagnoli Mar 23, 2026
75a6155
feat(skillet): implement ssh hardening and enforce pedantic clippy lints
gbagnoli Apr 3, 2026
7dc9b5e
test(skillet): update beezelbot integration test recording
gbagnoli Apr 3, 2026
2afcbbd
refactor(skillet): address second round of review comments
gbagnoli Apr 3, 2026
db99175
refactor(skillet): address review comments including systemd DBus int…
gbagnoli Apr 4, 2026
c20b696
refactor(skillet): optimize file hashing and verify directory types
gbagnoli Apr 4, 2026
3d4d98a
refactor(skillet): address review comments on file hashing and direct…
gbagnoli Apr 4, 2026
92cfb06
refactor(skillet): improve file/directory type verification and handl…
gbagnoli Apr 4, 2026
1f8dea6
refactor(skillet): optimize systemd unit handling and improve test ru…
gbagnoli Apr 4, 2026
a1f0701
refactor(skillet): fix Sha256 usage and use constant for group existe…
gbagnoli Apr 4, 2026
ea08f62
refactor(skillet): ensure I/O errors are not ignored during hashing a…
gbagnoli Apr 5, 2026
f05638c
refactor(skillet): optimize file metadata calls and hashing, and refi…
gbagnoli Apr 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 39 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,3 +49,42 @@ jobs:
run: |
find . -name "*.sh" -not -path "./.venv/*" -not -path "./berks-cookbooks/*" -exec shellcheck -x {} +
shellcheck -x run

skillet-checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
rust:
- 'ublue/skillet/**'

- name: Set up Rust
if: steps.filter.outputs.rust == 'true'
uses: dtolnay/rust-toolchain@stable
with:
components: clippy, rustfmt

- name: Rust Cache
if: steps.filter.outputs.rust == 'true'
uses: Swatinem/rust-cache@v2
with:
workspaces: ublue/skillet

- name: Run Clippy
if: steps.filter.outputs.rust == 'true'
run: cd ublue/skillet && cargo clippy -- -D warnings

- name: Run Unit Tests
if: steps.filter.outputs.rust == 'true'
run: cd ublue/skillet && cargo test

- name: Run Integration Tests
if: steps.filter.outputs.rust == 'true'
run: |
cd ublue/skillet
# Build binary explicitly for the test runner to find it
cargo build
./target/debug/skillet test run beezelbot --image fedora:latest
1 change: 1 addition & 0 deletions ublue/skillet/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
target/
61 changes: 61 additions & 0 deletions ublue/skillet/AGENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
# Skillet Project Constraints & Structure

This document defines the architectural mandates and project structure for `skillet`, a Rust-based idempotent host configuration tool.

## Core Mandates

### 1. Error Handling & Safety
- **Libraries MUST use `thiserror`** for custom error types.
- **Libraries MUST NOT use `anyhow`**. `anyhow` is reserved for the CLI binary only.
- **NEVER use `unwrap()` or `expect()`** in library code. All errors must be propagated and handled.
- **Prioritize Crates over Shell-out**: Use Rust crates (e.g., `users`, `nix`) for system interactions whenever possible instead of executing shell commands.

### 2. Idempotency
- All resources (files, users, groups, etc.) must be **idempotent**.
- Before performing an action, check the current state (e.g., compare SHA256 hashes for files, check existence for users).
- Actions should only be taken if the system state does not match the desired state.

### 3. Testing Strategy
- **Unit Tests**: Place unit tests in a `tests` submodule within each module's directory (e.g., `src/files/tests.rs`).
- **Separation**: Never put tests in the same `.rs` file as the implementation code. Reference them using `#[cfg(test)] #[path = "MODULE/tests.rs"] mod tests;`.
- **Abstractions**: Use Traits (e.g., `FileResource`, `SystemResource`) to allow for mocking in higher-level library tests.

### 4. Quality Control & Validation
- **Formatting & Linting**: Always run `cargo fmt` and `cargo clippy` after making changes to ensure code quality and consistency. **Clippy MUST be run with `pedantic` lints enabled (configured in `Cargo.toml`).**
- **Verification**: Always run both:
- **Unit Tests**: `cargo test` across the workspace.
- **Integration Tests**: `skillet test run <hostname>` for affected hosts to verify end-to-end correctness in a containerized environment.

## Project Structure

The project is organized as a Cargo workspace:

```text
skillet/
├── Cargo.toml # Workspace configuration
├── AGENTS.md # This file (Project mandates)
└── crates/
├── core/ # skillet_core: Low-level idempotent primitives
│ ├── src/
│ │ ├── lib.rs
│ │ ├── files.rs # File management (Traits + Impl)
│ │ ├── files/
│ │ │ └── tests.rs # Unit tests for files
│ │ ├── system.rs # User/Group management
│ │ └── system/
│ │ └── tests.rs # Unit tests for system
│ └── tests/ # Integration tests
├── hardening/ # skillet_hardening: Configuration logic (modules)
│ ├── src/
│ │ ├── lib.rs # Hardening logic using core primitives
│ │ └── tests.rs # Unit tests for hardening logic
│ └── tests/
└── cli/ # skillet: The binary executable
└── src/
└── main.rs # CLI entry point (uses anyhow, clap)
```
Comment on lines +34 to +56
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot Apr 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The project structure diagram seems to be outdated and doesn't reflect the actual structure of the workspace. It's missing the cli-common and hosts/beezelbot crates. It would be beneficial to update the diagram to accurately represent all the crates in the workspace for better clarity and maintainability.

For example, the structure could be updated to include:

...
└── crates/
    ├── cli/            # skillet: The binary executable
    ├── cli-common/     # Shared CLI logic
    ├── core/           # skillet_core: Low-level idempotent primitives
    ├── hardening/      # skillet_hardening: Configuration logic (modules)
    └── hosts/
        └── beezelbot/  # Host-specific binary for beezelbot


## Module Design
- **Modules as Cookbooks**: Each library crate under `crates/` (besides `core`) represents a "module" or "cookbook" (e.g., `skillet_hardening`).
- **Binary per Host**: The idea is to have one binary per host type that picks up these modules and reuses core primitives.
- **Core Primitives**: Found in `skillet_core`, providing the building blocks for all modules.
Loading
Loading