38 changed files with 1670 additions and 1683 deletions
--- a/.typedialog/README.md
+++ b/.typedialog/README.md
@ -5,13 +5,12 @@ TypeDialog enables interactive form-based configuration from Nickel schemas.
 ## Status
 - **TypeDialog Binary**: Not yet installed (planned: `typedialog` command)
- **TypeDialog Forms**: Created and ready (setup wizard, auth login, MFA enrollment)
+- **Alternative**: FormInquire (Jinja2 templates + interactive forms) - **ACTIVE**
- **Bash Wrappers**: Implemented to handle TTY input properly
+- **Plan**: Full TypeDialog migration when available
 - **ForminQuire**: DEPRECATED - Archived to `.coder/archive/forminquire/`
 ## Directory Structure
-```plaintext
+```
 .typedialog/
 └── provisioning/platform/
    ├── README.md                    # This file
@ -25,7 +24,7 @@ TypeDialog enables interactive form-based configuration from Nickel schemas.
    │   └── platform/schemas/ → ../../../schemas/platform/schemas/
    └── constraints/                 # Validation constraints
        └── constraints.toml         # Shared validation rules
-```text
+```
 ## How TypeDialog Would Work
@ -35,7 +34,7 @@ TypeDialog enables interactive form-based configuration from Nickel schemas.
 # Auto-generate form from Nickel schema
 typedialog generate-form --schema orchestrator.ncl \
  --output forms/orchestrator.form.toml
-```text
+```
 ### 2. Interactive Configuration
@ -43,7 +42,7 @@ typedialog generate-form --schema orchestrator.ncl \
 # Run interactive form
 typedialog run-form --form forms/orchestrator.form.toml \
  --output orchestrator-configured.ncl
-```text
+```
 ### 3. Validation
@ -51,38 +50,28 @@ typedialog run-form --form forms/orchestrator.form.toml \
 # Validate user input against schema
 typedialog validate --form forms/orchestrator.form.toml \
  --data user-config.ncl
-```text
+```
-## Current Status: TypeDialog Forms Ready
+## Current Alternative: FormInquire
-TypeDialog forms have been created and are ready to use:
+While TypeDialog is not yet available, FormInquire provides form-based configuration:
-**Form Locations**:
+**Location**: `provisioning/core/forminquire/`
 - Setup wizard: `provisioning/.typedialog/core/forms/setup-wizard.toml`
 - Auth login: `provisioning/.typedialog/core/forms/auth-login.toml`
 - MFA enrollment: `provisioning/.typedialog/core/forms/mfa-enroll.toml`
-**Bash Wrappers** (TTY-safe, handle input properly):
+**How it works**:
- `provisioning/core/shlib/setup-wizard-tty.sh`
+1. Define form in Jinja2 template (`.form.j2`)
- `provisioning/core/shlib/auth-login-tty.sh`
+2. Use `nu_plugin_tera` to render templates
- `provisioning/core/shlib/mfa-enroll-tty.sh`
+3. Collect user input via FormInquire CLI
-
+4. Process results with Nushell scripts
 **Usage Pattern**:
 1. Bash wrapper calls TypeDialog (handles TTY input)
 2. TypeDialog generates Nickel config file
 3. Nushell scripts read the generated config (no input issues)
 **Example**:
 ```nushell
 # Load Jinja2 template and show form
 let form_data = forminquire load provisioning/core/forminquire/templates/orchestrator.form.j2
-```bash
+# Process user input
-# Run TypeDialog setup wizard
+let config = process_form_input $form_data
-./provisioning/core/shlib/setup-wizard-tty.sh
+```
 # Nushell reads the generated config
 let config = (open provisioning/.typedialog/core/generated/setup-wizard-result.json | from json)
 ```text
 **Note**: ForminQuire (Jinja2-based forms) has been archived to `provisioning/.coder/archive/forminquire/` and is no longer in use.
 ## Integration Plan (When TypeDialog Available)
@ -91,7 +80,7 @@ let config = (open provisioning/.typedialog/core/generated/setup-wizard-result.j
 ```bash
 cargo install --path /Users/Akasha/Development/typedialog
 typedialog --version
-```text
+```
 ### Step 2: Generate Forms from Schemas
@ -103,7 +92,7 @@ for schema in provisioning/schemas/platform/schemas/*.ncl; do
    --schema $schema \
    --output provisioning/platform/.typedialog/forms/${service}.form.toml
 done
-```text
+```
 ### Step 3: Create Setup Wizard
@ -113,7 +102,7 @@ provisioning setup-platform \
  --mode solo|multiuser|enterprise \
  --provider docker|kubernetes \
  --interactive  # Uses TypeDialog forms
-```text
+```
 ### Step 4: Update Platform Setup Script
@ -121,18 +110,19 @@ provisioning setup-platform \
 # provisioning/platform/scripts/setup-platform-config.sh
 if command -v typedialog &> /dev/null; then
-  # TypeDialog is installed - use bash wrapper for proper TTY handling
+  # TypeDialog is installed
-  ./provisioning/core/shlib/setup-wizard-tty.sh
+  typedialog run-form \
    --form .typedialog/forms/orchestrator.form.toml \
    --output config/runtime/orchestrator.ncl
-  # Read generated JSON config
+  # Export to TOML
-  # Nushell scripts can now read the config without input issues
+  nickel export --format toml config/runtime/orchestrator.ncl \
    > config/runtime/generated/orchestrator.solo.toml
 else
-  # Fallback to basic prompts
+  # Fallback to FormInquire
-  echo "TypeDialog not available. Using basic interactive prompts..."
+  forminquire setup-wizard
  # Nushell wizard with basic input prompts
  nu -c "use provisioning/core/nulib/lib_provisioning/setup/wizard.nu *; run-setup-wizard"
 fi
-```text
+```
 ## Form Definition Example
@ -174,7 +164,7 @@ label = "Logging Level"
 options = ["debug", "info", "warning", "error"]
 default = "info"
 required = false
-```text
+```
 ## Validation Constraints
@ -194,11 +184,11 @@ replicas = "range(1, 10)"
 [nginx]
 worker_processes = "range(1, 32)"
 worker_connections = "range(1, 65536)"
-```text
+```
 ## Workflow: Setup to Deployment
-```plaintext
+```
 1. User runs setup command
   ↓
 2. TypeDialog displays form
@ -212,7 +202,7 @@ worker_connections = "range(1, 65536)"
 6. Service reads TOML config
   ↓
 7. Service starts with configured values
-```text
+```
 ## Benefits of TypeDialog Integration
@ -221,8 +211,7 @@ worker_connections = "range(1, 65536)"
 - ✅ **Progressive disclosure** - Show advanced options only when needed
 - ✅ **Consistent UX** - Same forms across platforms (CLI, Web, TUI)
 - ✅ **Auto-generated** - Forms stay in sync with schemas automatically
- ✅ **TTY handling** - Bash wrappers solve Nushell input stack issues
+- ✅ **Fallback support** - FormInquire as alternative if TypeDialog unavailable
 - ✅ **Graceful fallback** - Falls back to basic prompts if TypeDialog unavailable
 ## Testing TypeDialog Forms
@ -239,36 +228,27 @@ typedialog run-form \
 typedialog generate-sample \
  --form provisioning/platform/.typedialog/forms/orchestrator.form.toml \
  --output /tmp/orchestrator-sample.ncl
-```text
+```
 ## Migration Path
-### Phase A: Legacy (DEPRECATED)
+### Phase A: Current (FormInquire)
-```plaintext
+```
 FormInquire (Jinja2) → Nushell processing → TOML config
-Status: ARCHIVED to .coder/archive/forminquire/
+```
 ```text
-### Phase B: Current Implementation
+### Phase B: TypeDialog Available
-```plaintext
+```
-Bash wrapper → TypeDialog (TTY input) → Nickel config → JSON export → Nushell reads JSON
+TypeDialog (Schema-driven) → Nickel config → TOML export
-Status: IMPLEMENTED with forms ready
+```
 ```text
-### Phase C: TypeDialog Binary Available (Future)
+### Phase C: Unified (Future)
-```plaintext
+```
 TypeDialog binary installed → Full nickel-roundtrip workflow → Auto-sync with schemas
 Status: PLANNED - awaiting TypeDialog binary release
 ```text
 ### Phase D: Unified (Future)
 ```plaintext
 ConfigLoader discovers config → Service reads → TypeDialog updates UI
-```text
+```
 ## Integration with Infrastructure Schemas
@ -291,11 +271,11 @@ TypeDialog forms work seamlessly with infrastructure schemas:
 - Tools: docker-compose config, kubectl apply --dry-run, nginx -t, promtool check
 - Examples: `examples-solo-deployment.ncl`, `examples-enterprise-deployment.ncl`
-**4. Interactive Setup with Forms** (TypeDialog ready)
+**4. Interactive Setup with Forms** (ready for TypeDialog)
 - Script: `provisioning/platform/scripts/setup-with-forms.sh`
- Bash wrappers: `provisioning/core/shlib/*-tty.sh` (handle TTY input)
+- Auto-detects TypeDialog, falls back to FormInquire
- Forms ready: setup-wizard, auth-login, mfa-enroll
+- Supports batch or single-service configuration
- Fallback: Basic Nushell prompts if TypeDialog unavailable
+- Auto-generates forms from schemas (when TypeDialog available)
 ### Current Status: Full Infrastructure Support
@ -305,7 +285,7 @@ TypeDialog forms work seamlessly with infrastructure schemas:
 | **Examples** | ✅ Complete | 2 deployment examples (solo, enterprise) |
 | **Generation Script** | ✅ Complete | Auto-generates configs for all modes |
 | **Validation Script** | ✅ Complete | Validates Docker, K8s, Nginx, Prometheus |
-| **Setup Wizard** | ✅ Complete | TypeDialog forms + bash wrappers ready |
+| **Setup Wizard** | ✅ Complete | Interactive config + FormInquire active |
 | **TypeDialog Integration** | ⏳ Pending | Structure ready, awaiting binary |
 ### Validated Examples
@ -341,7 +321,7 @@ jq '.docker_compose_services | keys' /tmp/solo.json
 # Compare resource allocation (solo vs enterprise)
 jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/solo.json
 jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/enterprise.json
-```text
+```
 ## Next Steps
@ -350,11 +330,11 @@ jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/enterpri
   - Validate with format-specific tools
   - Use interactive setup wizard for configuration
-2. **When TypeDialog binary becomes available**:
+2. **When TypeDialog becomes available**:
   - Install TypeDialog binary
-   - Forms already created and ready to use
+   - Run form generation script from infrastructure schemas
-   - Bash wrappers handle TTY input (no Nushell stack issues)
+   - Update setup script to use TypeDialog exclusively
-   - Full nickel-roundtrip workflow will be enabled
+   - Deprecate FormInquire (keep as fallback)
 3. **Production Deployment**:
   - Use validated infrastructure configs
@ -363,9 +343,8 @@ jq '.docker_compose_services.orchestrator.deploy.resources.limits' /tmp/enterpri
 ---
-**Version**: 1.2.0 (TypeDialog Forms + Bash Wrappers)
+**Version**: 1.1.0 (Infrastructure Integration Added)
-**Status**: TypeDialog forms ready with bash wrappers; Awaiting TypeDialog Binary
+**Status**: Ready for Infrastructure Generation; Awaiting TypeDialog Binary
-**Last Updated**: 2025-01-09
+**Last Updated**: 2025-01-06
-**ForminQuire Status**: DEPRECATED - Archived to .coder/archive/forminquire/
+**Current Alternatives**: FormInquire (active), automation scripts (complete)
 **Fallback**: Basic Nushell prompts if TypeDialog unavailable
 **Tested**: Infrastructure examples (solo + enterprise) validated
--- a/.typedialog/provisioning/platform/constraints/constraints.toml
+++ b/.typedialog/provisioning/platform/constraints/constraints.toml
@ -2,27 +2,27 @@
 # Defines validation rules for form fields generated from Nickel schemas
 [orchestrator]
-cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"
+port = "range(1, 65535)"
 db_pool_size = "range(1, 100)"
 log_level = ["debug", "info", "warning", "error"]
 memory = "pattern(^[0-9]+[MG]B$)"
 mode = ["solo", "multiuser", "enterprise", "cicd"]
-port = "range(1, 65535)"
+cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"
 memory = "pattern(^[0-9]+[MG]B$)"
 replicas = "range(1, 10)"
 [control-center]
 log_level = ["debug", "info", "warning", "error"]
 port = "range(1, 65535)"
 replicas = "range(1, 10)"
 log_level = ["debug", "info", "warning", "error"]
 [vault-service]
 port = "range(1, 65535)"
 cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"
 memory = "pattern(^[0-9]+[MG]B$)"
 port = "range(1, 65535)"
 [rag]
 max_concurrent_requests = "range(1, 100)"
 port = "range(1, 65535)"
 max_concurrent_requests = "range(1, 100)"
 timeout_seconds = "range(1, 3600)"
 [extension-registry]
@ -30,32 +30,32 @@ port = "range(1, 65535)"
 storage_path = "pattern(^/[a-zA-Z0-9/_-]+$)"
 [mcp-server]
 max_connections = "range(1, 1000)"
 port = "range(1, 65535)"
 max_connections = "range(1, 1000)"
 [provisioning-daemon]
 max_workers = "range(1, 100)"
 port = "range(1, 65535)"
 max_workers = "range(1, 100)"
 [ai-service]
 max_retries = "range(0, 10)"
 model_timeout_seconds = "range(1, 3600)"
 port = "range(1, 65535)"
 model_timeout_seconds = "range(1, 3600)"
 max_retries = "range(0, 10)"
 [nginx]
 client_max_body_size = "pattern(^[0-9]+[MG]B$)"
 worker_connections = "range(1, 65536)"
 worker_processes = "range(1, 32)"
 worker_connections = "range(1, 65536)"
 client_max_body_size = "pattern(^[0-9]+[MG]B$)"
 [prometheus]
 scrape_interval = "pattern(^[0-9]+[smh]$)"
 evaluation_interval = "pattern(^[0-9]+[smh]$)"
 retention = "pattern(^[0-9]+[dhw]$)"
 scrape_interval = "pattern(^[0-9]+[smh]$)"
 [kubernetes]
 replicas = "range(1, 100)"
 cpu = "pattern(^[0-9]+m$|^[0-9]+(\\.[0-9]+)?$)"
 memory = "pattern(^[0-9]+Mi$|^[0-9]+Gi$)"
 replicas = "range(1, 100)"
 [docker-compose]
 cpus = "pattern(^[0-9]+(\\.[0-9]+)?$)"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,5 +1,6 @@
 [workspace]
 resolver = "2"
 members = [
    "crates/platform-config",
    "crates/service-clients",
@ -14,32 +15,31 @@ members = [
    "crates/mcp-server",
    "crates/provisioning-daemon",
 ]
 resolver = "2"
 [workspace.package]
-  authors = ["Jesus Perez <jesus@librecloud.online>"]
+version = "0.1.0"
 edition = "2021"
 authors = ["Jesus Perez <jesus@librecloud.online>"]
 license = "MIT"
 repository = "https://github.com/jesusperezlorenzo/provisioning"
  version = "0.1.0"
 [workspace.dependencies]
 # ============================================================================
 # SHARED ASYNC RUNTIME AND CORE LIBRARIES
 # ============================================================================
  async-trait = "0.1"
  futures = "0.3"
 tokio = { version = "1.49", features = ["full"] }
 tokio-util = "0.7"
 futures = "0.3"
 async-trait = "0.1"
 # ============================================================================
 # SERIALIZATION AND DATA HANDLING
 # ============================================================================
  chrono = { version = "0.4", features = ["serde"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 toml = "0.9"
 uuid = { version = "1.19", features = ["v4", "serde"] }
 chrono = { version = "0.4", features = ["serde"] }
 # ============================================================================
 # ERROR HANDLING
@ -52,23 +52,17 @@ resolver = "2"
 # ============================================================================
 log = "0.4"
 tracing = "0.1"
  tracing-appender = "0.2"
 tracing-subscriber = { version = "0.3", features = ["env-filter"] }
 tracing-appender = "0.2"
 # ============================================================================
 # WEB SERVER AND NETWORKING
 # ============================================================================
 axum = { version = "0.8", features = ["ws", "macros"] }
 tower = { version = "0.5", features = ["full"] }
 tower-http = { version = "0.6", features = ["cors", "trace", "fs", "compression-gzip", "timeout"] }
 hyper = "1.8"
 reqwest = { version = "0.13", features = ["json", "rustls"], default-features = false }
  tower = { version = "0.5", features = ["full"] }
  tower-http = { version = "0.6", features = [
    "cors",
    "trace",
    "fs",
    "compression-gzip",
    "timeout",
  ] }
 # ============================================================================
 # CLI AND CONFIGURATION
@ -79,31 +73,31 @@ resolver = "2"
 # ============================================================================
 # DATABASE AND STORAGE
 # ============================================================================
  sqlx = { version = "0.8", features = ["runtime-tokio-rustls", "sqlite", "chrono", "uuid"] }
 surrealdb = { version = "2.4", features = ["kv-mem", "protocol-ws", "protocol-http"] }
 sqlx = { version = "0.8", features = ["runtime-tokio-rustls", "sqlite", "chrono", "uuid"] }
 # ============================================================================
 # SECURITY AND CRYPTOGRAPHY
 # ============================================================================
-  aes-gcm = "0.10"
+ring = "0.17"
 jsonwebtoken = { version = "10.2", features = ["rust_crypto"] }
 argon2 = "0.5"
 base64 = "0.22"
  hmac = "0.12"
  jsonwebtoken = { version = "10.2", features = ["rust_crypto"] }
 rand = { version = "0.9", features = ["std_rng", "os_rng"] }
-  ring = "0.17"
+aes-gcm = "0.10"
 sha2 = "0.10"
 hmac = "0.12"
 # AWS SDK for KMS
 aws-sdk-kms = "1"
 aws-config = "1"
 aws-credential-types = "1"
  aws-sdk-kms = "1"
 # ============================================================================
 # VALIDATION AND REGEX
 # ============================================================================
  regex = "1.12"
 validator = { version = "0.20", features = ["derive"] }
 regex = "1.12"
 # ============================================================================
 # GRAPH ALGORITHMS AND UTILITIES
@ -118,8 +112,8 @@ resolver = "2"
 dirs = "6.0"
 # Filesystem operations
  notify = "8.2"
 walkdir = "2.5"
 notify = "8.2"
 # Statistics and templates
 statistics = "0.4"
@ -160,11 +154,11 @@ resolver = "2"
 qrcode = "0.14"
 # Authentication
  hex = "0.4"
  lazy_static = "1.5"
 totp-rs = { version = "5.7", features = ["qr"] }
 webauthn-rs = "0.5"
 webauthn-rs-proto = "0.5"
 hex = "0.4"
 lazy_static = "1.5"
 # Additional serialization
 serde-wasm-bindgen = "0.6"
@ -172,18 +166,18 @@ resolver = "2"
 # Gloo utilities (for WASM)
 gloo-net = { version = "0.6", features = ["http", "websocket"] }
 gloo-storage = "0.3"
  gloo-timers = "0.3"
 gloo-utils = { version = "0.2", features = ["serde"] }
 gloo-timers = "0.3"
 # Plotting and canvas
 plotters = "0.3"
 plotters-canvas = "0.3"
 # WASM utilities
-  console_error_panic_hook = "0.1"
+wasm-bindgen-futures = "0.4"
 js-sys = "0.3"
 tracing-wasm = "0.2"
-  wasm-bindgen-futures = "0.4"
+console_error_panic_hook = "0.1"
 # Random number generation
 getrandom = { version = "0.3" }
@ -191,30 +185,30 @@ resolver = "2"
 # ============================================================================
 # TUI (Terminal User Interface)
 # ============================================================================
  crossterm = "0.29"
 ratatui = { version = "0.30", features = ["all-widgets", "serde"] }
 crossterm = "0.29"
 # ============================================================================
 # WASM AND FRONTEND DEPENDENCIES (for control-center-ui)
 # ============================================================================
 wasm-bindgen = "0.2"
 leptos = { version = "0.8", features = ["csr"] }
 leptos_meta = { version = "0.8", features = ["default"] }
 leptos_router = { version = "0.8" }
  wasm-bindgen = "0.2"
 # ============================================================================
 # DEVELOPMENT AND TESTING DEPENDENCIES
 # ============================================================================
  assert_matches = "1.5"
  criterion = { version = "0.8", features = ["html_reports"] }
  mockito = "1"
  tempfile = "3.24"
 tokio-test = "0.4"
 tempfile = "3.24"
 criterion = { version = "0.8", features = ["html_reports"] }
 assert_matches = "1.5"
 mockito = "1"
 # Additional caching and binary discovery
 lru = "0.16"
  parking_lot = "0.12"
 which = "8"
 parking_lot = "0.12"
 yaml-rust = "0.4"
 # ============================================================================
@ -244,30 +238,30 @@ resolver = "2"
 # Profile configurations shared across all workspace members
 [profile.dev]
-codegen-units = 256
+opt-level = 0
 debug = true
 debug-assertions = true
 incremental = true
 lto = false
 opt-level = 0
 overflow-checks = true
 lto = false
 panic = 'unwind'
 incremental = true
 codegen-units = 256
 [profile.release]
 codegen-units = 1
 lto = true
 opt-level = 3
 lto = true
 codegen-units = 1
 panic = "abort"
 strip = "debuginfo"
 # Fast release profile for development
 [profile.dev-release]
 debug = true
 inherits = "release"
 lto = "thin"
 opt-level = 2
 lto = "thin"
 debug = true
 # Profile for benchmarks
 [profile.bench]
 debug = true
 inherits = "release"
 debug = true
--- a/config/runtime/generated/rag.enterprise.toml
+++ b/config/runtime/generated/rag.enterprise.toml
@ -7,7 +7,16 @@ provider = "openai"
 [rag.ingestion]
 auto_ingest = true
 chunk_size = 2048
-doc_types = ["md", "txt", "toml", "ncl", "rs", "nu", "yaml", "json"]
+doc_types = [
    "md",
    "txt",
    "toml",
    "ncl",
    "rs",
    "nu",
    "yaml",
    "json",
 ]
 overlap = 200
 watch_files = true
--- a/config/runtime/generated/rag.multiuser.toml
+++ b/config/runtime/generated/rag.multiuser.toml
@ -7,7 +7,14 @@ provider = "openai"
 [rag.ingestion]
 auto_ingest = true
 chunk_size = 1024
-doc_types = ["md", "txt", "toml", "ncl", "rs", "nu"]
+doc_types = [
    "md",
    "txt",
    "toml",
    "ncl",
    "rs",
    "nu",
 ]
 overlap = 100
 watch_files = true
--- a/config/runtime/generated/rag.solo.toml
+++ b/config/runtime/generated/rag.solo.toml
@ -7,7 +7,11 @@ provider = "local"
 [rag.ingestion]
 auto_ingest = true
 chunk_size = 512
-doc_types = ["md", "txt", "toml"]
+doc_types = [
    "md",
    "txt",
    "toml",
 ]
 overlap = 50
 [rag.llm]
--- a/crates/ai-service/Cargo.toml
+++ b/crates/ai-service/Cargo.toml
@ -1,15 +1,15 @@
 [package]
 authors.workspace = true
 description = "HTTP service for AI capabilities including RAG, MCP tool invocation, and knowledge graph operations"
 edition.workspace = true
 name = "ai-service"
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 description = "HTTP service for AI capabilities including RAG, MCP tool invocation, and knowledge graph operations"
 [dependencies]
 # Workspace dependencies
 async-trait = { workspace = true }
 futures = { workspace = true }
 tokio = { workspace = true, features = ["full"] }
 futures = { workspace = true }
 async-trait = { workspace = true }
 # Web server and API
 axum = { workspace = true }
@ -33,8 +33,8 @@ tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 # UUID and time
 chrono = { workspace = true, features = ["serde"] }
 uuid = { workspace = true, features = ["v4", "serde"] }
 chrono = { workspace = true, features = ["serde"] }
 # CLI
 clap = { workspace = true, features = ["derive"] }
@ -49,8 +49,8 @@ provisioning-mcp-server = { path = "../mcp-server" }
 petgraph = { workspace = true }
 [dev-dependencies]
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 tempfile = { workspace = true }
 # Library target
 [lib]
--- a/crates/control-center-ui/Cargo.toml
+++ b/crates/control-center-ui/Cargo.toml
@ -1,14 +1,14 @@
 [package]
 authors = ["Control Center Team"]
 autobins = false                                                                       # Disable auto-detection of binary targets
 description = "Control Center UI - Leptos CSR App for Cloud Infrastructure Management"
 edition.workspace = true
 name = "control-center-ui"
 version.workspace = true
 edition.workspace = true
 description = "Control Center UI - Leptos CSR App for Cloud Infrastructure Management"
 authors = ["Control Center Team"]
 autobins = false  # Disable auto-detection of binary targets
 [lib]
 crate-type = ["cdylib"]
 name = "control_center_ui"
 crate-type = ["cdylib"]
 path = "src/main.rs"
 [dependencies]
@ -17,25 +17,25 @@ path = "src/main.rs"
 # ============================================================================
 # Serialization
 chrono = { workspace = true, features = ["wasm-bindgen"] }
 serde = { workspace = true }
 serde_json = { workspace = true }
 uuid = { workspace = true, features = ["js"] }
 chrono = { workspace = true, features = ["wasm-bindgen"] }
 # Error handling and async
 futures = { workspace = true }
 thiserror = { workspace = true }
 futures = { workspace = true }
 # Logging and debugging
 tracing = { workspace = true }
 # Security and cryptography
 aes-gcm = { workspace = true, features = ["aes", "std"] }
 base64 = { workspace = true }
 hmac = { workspace = true }
 rand = { workspace = true }
 regex = { workspace = true }
 rand = { workspace = true }
 sha2 = { workspace = true }
 hmac = { workspace = true }
 aes-gcm = { workspace = true, features = ["aes", "std"] }
 # ============================================================================
 # WASM-SPECIFIC DEPENDENCIES
@ -61,30 +61,30 @@ icondata = { workspace = true }
 leptos_icons = { workspace = true }
 # Authentication and cryptography
 image = { workspace = true }
 qrcode = { workspace = true }
 image = { workspace = true }
 totp-rs = { workspace = true }
 # Serialization utilities
 serde-wasm-bindgen = { workspace = true }
 # Logging for WASM
 console_error_panic_hook = { workspace = true }
 tracing-wasm = { workspace = true }
 console_error_panic_hook = { workspace = true }
 # HTTP client and networking
 gloo-net = { workspace = true }
 gloo-storage = { workspace = true }
 gloo-timers = { workspace = true }
 gloo-utils = { workspace = true }
 gloo-timers = { workspace = true }
 # Chart.js bindings and canvas utilities
 plotters = { workspace = true }
 plotters-canvas = { workspace = true }
 # WASM utilities
 js-sys = { workspace = true }
 wasm-bindgen-futures = { workspace = true }
 js-sys = { workspace = true }
 # Random number generation (WASM-specific override with js feature)
 getrandom = { version = "0.3.4", features = [ "wasm_js" ] }
--- a/crates/control-center-ui/Trunk.toml
+++ b/crates/control-center-ui/Trunk.toml
@ -1,17 +1,17 @@
 [build]
 dist = "dist"
 filehash = true
 minify = "on_release"
 target = "index.html"
 dist = "dist"
 minify = "on_release"
 filehash = true
 [watch]
 ignore = ["dist", "target"]
 watch = ["src", "style", "assets"]
 ignore = ["dist", "target"]
 [serve]
 address = "127.0.0.1"
 open = false
 port = 3000
 open = false
 # Proxy API calls to the Rust orchestrator
 [[serve.proxy]]
 backend = "http://127.0.0.1:8080/"
@ -19,8 +19,8 @@ port = 3000
 ws = true
 [clean]
 cargo = true
 dist = "dist"
 cargo = true
 # Release mode optimizations are already set in main [build] section above
--- a/crates/control-center/Cargo.toml
+++ b/crates/control-center/Cargo.toml
@ -1,9 +1,9 @@
 [package]
 authors.workspace = true
 description = "Control center service with JWT authentication, user management, and real-time WebSocket events"
 edition.workspace = true
 name = "control-center"
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 description = "Control center service with JWT authentication, user management, and real-time WebSocket events"
 [dependencies]
 # ============================================================================
@ -11,42 +11,42 @@ version.workspace = true
 # ============================================================================
 # Core async runtime
 async-trait = { workspace = true }
 futures = { workspace = true }
 tokio = { workspace = true }
 futures = { workspace = true }
 async-trait = { workspace = true }
 # Web server and API
 axum = { workspace = true }
 hyper = { workspace = true }
 tower = { workspace = true }
 tower-http = { workspace = true }
 hyper = { workspace = true }
 # Serialization and data
 chrono = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 toml = { workspace = true }
 uuid = { workspace = true }
 chrono = { workspace = true }
 # Database
 sqlx = { workspace = true }
 surrealdb = { workspace = true }
 sqlx = { workspace = true }
 # Configuration and CLI
 clap = { workspace = true }
 config = { workspace = true }
 # Error handling
 anyhow = { workspace = true }
 thiserror = { workspace = true }
 anyhow = { workspace = true }
 # Logging
 tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 # Validation
 regex = { workspace = true }
 validator = { workspace = true }
 regex = { workspace = true }
 # HTTP client for external services
 reqwest = { workspace = true }
@ -58,15 +58,15 @@ service-clients = { path = "../service-clients" }
 platform-config = { path = "../platform-config" }
 # Security and cryptography
-aes-gcm = { workspace = true }
+ring = { workspace = true }
 jsonwebtoken = { workspace = true }
 argon2 = { workspace = true }
 base64 = { workspace = true }
 getrandom = { workspace = true }
 hmac = { workspace = true }
 jsonwebtoken = { workspace = true }
 rand = { workspace = true }
-ring = { workspace = true }
+aes-gcm = { workspace = true }
 sha2 = { workspace = true }
 hmac = { workspace = true }
 getrandom = { workspace = true }
 # ============================================================================
 # ADDITIONAL WORKSPACE DEPENDENCIES
@ -76,11 +76,11 @@ sha2 = { workspace = true }
 dirs = { workspace = true }
 # Security and cryptography
 constant_time_eq = { workspace = true }
 hkdf = { workspace = true }
 rsa = { workspace = true }
-subtle = { workspace = true }
+hkdf = { workspace = true }
 zeroize = { workspace = true }
 constant_time_eq = { workspace = true }
 subtle = { workspace = true }
 # Tower services
 tower-service = { workspace = true }
@ -103,18 +103,18 @@ cron = { workspace = true }
 tokio-cron-scheduler = { workspace = true }
 # MFA Authentication
 hex = { workspace = true }
 image = { workspace = true }
 lazy_static = { workspace = true }
 qrcode = { workspace = true }
 totp-rs = { workspace = true }
 webauthn-rs = { workspace = true }
 webauthn-rs-proto = { workspace = true }
 qrcode = { workspace = true }
 image = { workspace = true }
 hex = { workspace = true }
 lazy_static = { workspace = true }
 [dev-dependencies]
 assert_matches = { workspace = true }
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 tempfile = { workspace = true }
 assert_matches = { workspace = true }
 # ============================================================================
 # FEATURES - Module Organization for Coupling Reduction
--- a/crates/control-center/config.toml
+++ b/crates/control-center/config.toml
@ -1,18 +1,19 @@
 [server]
 host = "127.0.0.1"
 port = 8080
 keep_alive = 75
 max_connections = 1000
 port = 8080
 [database]
 database = "main"
 namespace = "control_center"
 url = "rocksdb://data/control-center.db"
 namespace = "control_center"
 database = "main"
 [jwt]
 access_token_expiration_hours = 1
 audience = "control-center-api"
 issuer = "control-center"
 audience = "control-center-api"
 access_token_expiration_hours = 1
 refresh_token_expiration_hours = 168
 private_key_pem = """
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpAIBAAKCAQEA82On7Xk5jycsV4NCOij0510ssy/3S1Pqj+UjGS1R3+tyHX57
@ -52,19 +53,30 @@ I4cJE9oDcuOkyYZEWf2H5xAcidksaDNxabYRGS5IqT25obMElEZZDvj9X60S8UHu
 I3Tm+2kc69fo64/S53y3yNr6Ed05PVewiQIDAQAB
 -----END RSA PUBLIC KEY-----
 """
 refresh_token_expiration_hours = 168
 [rate_limiting]
 global = false
 max_requests = 100
 per_ip = true
 window_seconds = 60
 per_ip = true
 global = false
 [cors]
 allow_credentials = true
 allowed_headers = ["content-type", "authorization", "accept", "x-requested-with", "x-session-id"]
 allowed_methods = ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"]
 allowed_origins = ["http://localhost:3000"]
 allowed_methods = [
    "GET",
    "POST",
    "PUT",
    "DELETE",
    "PATCH",
    "OPTIONS",
 ]
 allowed_headers = [
    "content-type",
    "authorization",
    "accept",
    "x-requested-with",
    "x-session-id",
 ]
 expose_headers = [
    "x-total-count",
    "x-rate-limit-remaining",
@ -72,19 +84,20 @@ expose_headers = [
    "x-rate-limit-reset",
 ]
 max_age = 86400
 allow_credentials = true
 [security]
-failed_login_lockout_attempts = 5
+session_cleanup_interval_minutes = 60
 failed_login_lockout_duration_minutes = 15
 max_sessions_per_user = 5
 password_min_length = 8
 password_require_numbers = false
 password_require_special_chars = false
 password_require_numbers = false
 password_require_uppercase = false
-session_cleanup_interval_minutes = 60
+failed_login_lockout_attempts = 5
 failed_login_lockout_duration_minutes = 15
 [logging]
 format = "json"
 level = "info"
 format = "json"
 max_file_size = "100MB"
 max_files = 10
--- a/crates/detector/Cargo.toml
+++ b/crates/detector/Cargo.toml
@ -1,22 +1,22 @@
 [package]
 authors.workspace = true
 edition.workspace = true
 license.workspace = true
 name = "provisioning-detector"
 repository.workspace = true
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 license.workspace = true
 repository.workspace = true
 [dependencies]
 anyhow.workspace = true
 chrono.workspace = true
 clap = { workspace = true, features = ["derive"] }
 regex.workspace = true
 serde = { version = "1.0", features = ["derive"] }
 serde_json.workspace = true
 thiserror.workspace = true
 tokio.workspace = true
 toml.workspace = true
 tokio.workspace = true
 anyhow.workspace = true
 thiserror.workspace = true
 regex.workspace = true
 walkdir.workspace = true
 chrono.workspace = true
 clap = { workspace = true, features = ["derive"] }
 [dev-dependencies]
 tempfile.workspace = true
--- a/crates/extension-registry/Cargo.toml
+++ b/crates/extension-registry/Cargo.toml
@ -1,15 +1,15 @@
 [package]
 authors.workspace = true
 description = "OCI-compliant extension registry proxy for managing provisioning system extensions and artifacts"
 edition.workspace = true
 name = "extension-registry"
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 description = "OCI-compliant extension registry proxy for managing provisioning system extensions and artifacts"
 [dependencies]
 # Workspace dependencies
 async-trait = { workspace = true }
 futures = { workspace = true }
 tokio = { workspace = true, features = ["full"] }
 futures = { workspace = true }
 async-trait = { workspace = true }
 # Web server and API
 axum = { workspace = true }
@ -32,8 +32,8 @@ tracing = { workspace = true }
 tracing-subscriber = { workspace = true }
 # UUID and time
 chrono = { workspace = true, features = ["serde"] }
 uuid = { workspace = true, features = ["v4", "serde"] }
 chrono = { workspace = true, features = ["serde"] }
 # CLI
 clap = { workspace = true, features = ["derive"] }
@ -42,8 +42,8 @@ clap = { workspace = true, features = ["derive"] }
 reqwest = { workspace = true }
 # Cryptography for digest validation
 hex = { workspace = true }
 sha2 = { workspace = true }
 hex = { workspace = true }
 # URL parsing
 url = { workspace = true }
@ -61,10 +61,10 @@ parking_lot = { workspace = true }
 toml = { workspace = true }
 [dev-dependencies]
 http-body-util = "0.1"
 hyper = { workspace = true }
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 tempfile = { workspace = true }
 hyper = { workspace = true }
 http-body-util = "0.1"
 # Library target
 [lib]
--- a/crates/extension-registry/config.example.toml
+++ b/crates/extension-registry/config.example.toml
@ -1,31 +1,31 @@
 # Extension Registry Configuration Example
 [server]
 enable_compression = true
 enable_cors = true
 host = "0.0.0.0"
 port = 8082
 workers = 4
 enable_cors = true
 enable_compression = true
 # Gitea backend configuration
 [gitea]
 organization = "provisioning-extensions"
 timeout_seconds = 30
 token_path = "/path/to/gitea-token.txt"
 url = "https://gitea.example.com"
 organization = "provisioning-extensions"
 token_path = "/path/to/gitea-token.txt"
 timeout_seconds = 30
 verify_ssl = true
 # OCI registry configuration
 [oci]
 auth_token_path = "/path/to/oci-token.txt"
 namespace = "provisioning"
 registry = "registry.example.com"
 namespace = "provisioning"
 auth_token_path = "/path/to/oci-token.txt"
 timeout_seconds = 30
 verify_ssl = true
 # Cache configuration
 [cache]
 capacity = 1000
 enable_list_cache = true
 enable_metadata_cache = true
 ttl_seconds = 300
 enable_metadata_cache = true
 enable_list_cache = true
--- a/crates/mcp-server/Cargo.toml
+++ b/crates/mcp-server/Cargo.toml
@ -1,13 +1,13 @@
 [package]
 authors = ["Jesús Pérez Lorenzo <jpl@jesusperez.pro>"]
 categories = ["command-line-utilities", "development-tools"]
 description = "Rust-native MCP server for Infrastructure Automation system"
 edition.workspace = true
 keywords = ["mcp", "rust", "infrastructure", "provisioning", "ai"]
 license.workspace = true
 name = "provisioning-mcp-server"
 repository.workspace = true
 version.workspace = true
 edition.workspace = true
 authors = ["Jesús Pérez Lorenzo <jpl@jesusperez.pro>"]
 description = "Rust-native MCP server for Infrastructure Automation system"
 repository.workspace = true
 license.workspace = true
 keywords = ["mcp", "rust", "infrastructure", "provisioning", "ai"]
 categories = ["command-line-utilities", "development-tools"]
 [dependencies]
 # ============================================================================
@ -75,13 +75,13 @@ serde_yaml = "0.9"
 dirs = { workspace = true }
 [dev-dependencies]
 tokio-test = { workspace = true }
 criterion = { workspace = true, features = ["html_reports"] }
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 [features]
 debug = ["tracing-subscriber/json"]
 default = []
 debug = ["tracing-subscriber/json"]
 [[bin]]
 name = "provisioning-mcp-server"
@ -97,5 +97,5 @@ name = "provisioning_mcp_server"
 path = "src/lib.rs"
 [[bench]]
 harness = false
 name = "performance"
 harness = false
--- a/crates/orchestrator/.cargo/config.toml
+++ b/crates/orchestrator/.cargo/config.toml
@ -2,36 +2,41 @@
 [env]
 # Test environment variables
 RUST_TEST_THREADS = "1"
 RUST_BACKTRACE = { value = "1", condition = { env-not-set = ["CI"] } }
 RUST_LOG = { value = "debug", condition = { env-not-set = ["CI"] } }
 RUST_TEST_THREADS = "1"
 [alias]
 # Test aliases for convenience
 test-all = "test --all-features"
 test-factory = "test --test factory_tests"
 test-fs = "test --lib --bin orchestrator"
 test-surrealdb = "test --features surrealdb"
 test-integration = "test --test storage_integration"
 test-migration = "test --test migration_tests"
-test-surrealdb = "test --features surrealdb"
+test-factory = "test --test factory_tests"
 test-unit = "test --lib"
 # Benchmark aliases
 bench-all = "bench --all-features"
 bench-fs = "bench --bench storage_benchmarks -- filesystem"
 bench-migration = "bench --bench migration_benchmarks"
 bench-storage = "bench --bench storage_benchmarks"
 bench-migration = "bench --bench migration_benchmarks"
 bench-fs = "bench --bench storage_benchmarks -- filesystem"
 bench-surrealdb = "bench --features surrealdb --bench storage_benchmarks -- surrealdb"
 # Coverage and documentation
 doc-test = "test --doc --all-features"
 test-coverage = "tarpaulin --all-features --out html"
 doc-test = "test --doc --all-features"
 [target.'cfg(test)']
-rustflags = ["-C", "instrument-coverage"]
+rustflags = [
    "-C", "instrument-coverage"
 ]
 [build]
 # Enable additional lints for testing builds
 # Note: unused-crate-dependencies disabled for library crate due to false positives
 # with dependencies used in submodules but not lib.rs root
-rustflags = ["-W", "unused-extern-crates", "-W", "rust-2021-compatibility"]
+rustflags = [
    "-W", "unused-extern-crates",
    "-W", "rust-2021-compatibility"
 ]
--- a/crates/orchestrator/Cargo.toml
+++ b/crates/orchestrator/Cargo.toml
@ -1,30 +1,23 @@
 [package]
 authors.workspace = true
 description = "Cloud-native infrastructure orchestrator with Nushell integration"
 edition.workspace = true
 name = "provisioning-orchestrator"
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 description = "Cloud-native infrastructure orchestrator with Nushell integration"
 [dependencies]
 # ============================================================================
 # WORKSPACE DEPENDENCIES - Core async runtime and traits
 # ============================================================================
-async-trait = { workspace = true }
+tokio = { workspace = true, features = ["rt", "rt-multi-thread", "process", "io-util", "time", "fs"] }
 futures = { workspace = true }
-tokio = { workspace = true, features = [
+async-trait = { workspace = true }
  "rt",
  "rt-multi-thread",
  "process",
  "io-util",
  "time",
  "fs",
 ] }
 # Serialization and data handling
 chrono = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 toml = { workspace = true }
 chrono = { workspace = true }
 uuid = { workspace = true }
 # Error handling
@ -72,10 +65,10 @@ base64 = "0.22"
 jsonwebtoken = { workspace = true }
 # Cryptography for token validation
 getrandom = { workspace = true }
 rand = { workspace = true }
 rsa = { workspace = true }
 sha2 = { workspace = true }
 rsa = { workspace = true }
 rand = { workspace = true }
 getrandom = { workspace = true }
 # SSH key management
 ed25519-dalek = "2.1"
@ -146,23 +139,13 @@ surrealdb = ["dep:surrealdb"]
 default = ["core", "audit", "compliance", "platform", "ssh", "workflow", "http-api"]
 # Full: All features enabled (development and testing)
-all = [
+all = ["core", "audit", "compliance", "platform", "ssh", "workflow", "testing", "http-api", "surrealdb"]
  "core",
  "audit",
  "compliance",
  "platform",
  "ssh",
  "workflow",
  "testing",
  "http-api",
  "surrealdb",
 ]
 [dev-dependencies]
 tokio-test = { workspace = true }
 tempfile = { workspace = true }
 assert_matches = { workspace = true }
 criterion = { workspace = true, features = ["html_reports", "async_tokio"] }
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 tower = { workspace = true, features = ["util"] }
 # Library target for tests and external use
@ -177,9 +160,9 @@ path = "src/main.rs"
 required-features = ["all"]
 [[bench]]
 harness = false
 name = "storage_benchmarks"
 harness = false
 [[bench]]
 harness = false
 name = "migration_benchmarks"
 harness = false
--- a/crates/platform-config/Cargo.toml
+++ b/crates/platform-config/Cargo.toml
@ -1,19 +1,19 @@
 [package]
 authors.workspace = true
 edition.workspace = true
 license.workspace = true
 name = "platform-config"
 repository.workspace = true
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 license.workspace = true
 repository.workspace = true
 [dependencies]
 anyhow = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 thiserror = { workspace = true }
 tokio = { workspace = true }
 toml = { workspace = true }
 anyhow = { workspace = true }
 thiserror = { workspace = true }
 tracing = { workspace = true }
 tokio = { workspace = true }
 [dev-dependencies]
 tempfile = { workspace = true }
--- a/crates/provisioning-daemon/Cargo.toml
+++ b/crates/provisioning-daemon/Cargo.toml
@ -1,10 +1,10 @@
 [package]
 authors.workspace = true
 edition.workspace = true
 license.workspace = true
 name = "provisioning-daemon"
 repository.workspace = true
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 license.workspace = true
 repository.workspace = true
 [dependencies]
 # Core daemon library from prov-ecosystem
@ -25,8 +25,8 @@ toml = { workspace = true }
 platform-config = { path = "../platform-config" }
 # Error handling
 anyhow = { workspace = true }
 thiserror = { workspace = true }
 anyhow = { workspace = true }
 # Logging
 tracing = { workspace = true }
@ -36,6 +36,6 @@ tracing-subscriber = { workspace = true }
 clap = { workspace = true, features = ["derive"] }
 # Utilities
 uuid = { workspace = true }
 chrono = { workspace = true }
 dirs = { workspace = true }
 uuid = { workspace = true }
--- a/crates/rag/Cargo.toml
+++ b/crates/rag/Cargo.toml
@ -1,30 +1,23 @@
 [package]
 authors.workspace = true
 description = "RAG system for provisioning platform with Rig framework and SurrealDB"
 edition.workspace = true
 name = "provisioning-rag"
 version.workspace = true
 edition.workspace = true
 authors.workspace = true
 description = "RAG system for provisioning platform with Rig framework and SurrealDB"
 [dependencies]
 # ============================================================================
 # WORKSPACE DEPENDENCIES - Core async runtime and traits
 # ============================================================================
-async-trait = { workspace = true }
+tokio = { workspace = true, features = ["rt", "rt-multi-thread", "process", "io-util", "time", "fs"] }
 futures = { workspace = true }
-tokio = { workspace = true, features = [
+async-trait = { workspace = true }
  "rt",
  "rt-multi-thread",
  "process",
  "io-util",
  "time",
  "fs",
 ] }
 # Serialization and data handling
 chrono = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 toml = { workspace = true }
 chrono = { workspace = true }
 uuid = { workspace = true }
 # Error handling
@ -41,10 +34,10 @@ reqwest = { workspace = true }
 # REST API Framework (Phase 8)
 # ============================================================================
 axum = { workspace = true }
 http = "1"
 hyper = { workspace = true, features = ["full"] }
 tower = { workspace = true}
 tower-http = { workspace = true, features = ["cors", "trace"] }
 hyper = { workspace = true, features = ["full"] }
 http = "1"
 # Database
 surrealdb = { workspace = true }
@ -54,8 +47,8 @@ rig-core = { workspace = true }
 rig-surrealdb = { workspace = true }
 # Filesystem and path operations
 dirs = { workspace = true }
 walkdir = { workspace = true }
 dirs = { workspace = true }
 # Configuration
 config = { workspace = true }
@ -83,14 +76,14 @@ clap = { workspace = true, features = ["derive", "env"] }
 tracing-subscriber = { workspace = true }
 [dev-dependencies]
 tokio-test = { workspace = true }
 tempfile = { workspace = true }
 assert_matches = { workspace = true }
 criterion = { workspace = true, features = ["html_reports", "async_tokio"] }
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 [[bench]]
 harness = false
 name = "phase8_benchmarks"
 harness = false
 # Library target
 [lib]
@ -105,5 +98,5 @@ required-features = ["cli"]
 # Features
 [features]
 cli = []
 default = []
 cli = []
--- a/crates/service-clients/Cargo.toml
+++ b/crates/service-clients/Cargo.toml
@ -1,24 +1,24 @@
 [package]
 authors = { workspace = true }
 description = "HTTP service client wrappers for provisioning platform services"
 edition = { workspace = true }
 license = { workspace = true }
 name = "service-clients"
 repository = { workspace = true }
 version = { workspace = true }
 edition = { workspace = true }
 authors = { workspace = true }
 license = { workspace = true }
 repository = { workspace = true }
 description = "HTTP service client wrappers for provisioning platform services"
 [dependencies]
 async-trait = { workspace = true }
 log = { workspace = true }
 reqwest = { workspace = true }
 tokio = { workspace = true, features = ["full"] }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 thiserror = { workspace = true }
-tokio = { workspace = true, features = ["full"] }
+log = { workspace = true }
 async-trait = { workspace = true }
 # Service types (optional - only if not using generic types)
 machines = { path = "../../../../submodules/prov-ecosystem/crates/machines" }
 [dev-dependencies]
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 tempfile = { workspace = true }
--- a/crates/vault-service/Cargo.toml
+++ b/crates/vault-service/Cargo.toml
@ -1,9 +1,9 @@
 [package]
 authors = ["Provisioning Team"]
 description = "Vault Service for Provisioning Platform with secrets and key management (Age dev, Cosmian KMS prod, RustyVault self-hosted)"
 edition = "2021"
 name = "vault-service"
 version = "0.2.0"
 edition = "2021"
 authors = ["Provisioning Team"]
 description = "Vault Service for Provisioning Platform with secrets and key management (Age dev, Cosmian KMS prod, RustyVault self-hosted)"
 [dependencies]
 # Async runtime
@ -33,8 +33,8 @@ base64 = { workspace = true }
 rand = { workspace = true }
 # Error handling
 anyhow = { workspace = true }
 thiserror = { workspace = true }
 anyhow = { workspace = true }
 # Logging
 tracing = { workspace = true }
@ -51,8 +51,8 @@ secretumvault = { workspace = true }
 [dev-dependencies]
 mockito  = { workspace = true }
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
 tempfile = { workspace = true }
 [[bin]]
 name = "vault-service"