# ╔══════════════════════════════════════════════════════════════════════╗ # ║ SecretumVault - Justfile ║ # ║ Post-quantum cryptographic secrets management ║ # ║ Modular workspace orchestration with feature control ║ # ╚══════════════════════════════════════════════════════════════════════╝ # Import feature-specific modules mod build "justfiles/build.just" # Build recipes (release, debug, features) mod test "justfiles/test.just" # Test suite (unit, integration) mod dev "justfiles/dev.just" # Development tools (fmt, lint, check) mod ci "justfiles/ci.just" # CI/CD pipeline (validate, test, build) mod deploy "justfiles/deploy.just" # Deployment (Docker, K8s, Helm) mod vault "justfiles/vault.just" # Vault operations (init, unseal) # ═══════════════════════════════════════════════════════════════════════ # FEATURE CONTROL SYSTEM # ═══════════════════════════════════════════════════════════════════════ # Shared variables WORKSPACE_ROOT := justfile_directory() CRATE_NAME := "secretumvault" BINARY_NAME := "svault" # === CRYPTO FEATURES === CRYPTO_OPENSSL := "openssl" # Classical crypto (included by default) CRYPTO_AWS_LC := "aws-lc" # AWS-LC backend CRYPTO_PQC := "pqc" # Post-quantum (ML-KEM, ML-DSA) CRYPTO_RUSTCRYPTO := "rustcrypto" # Pure Rust crypto (planned) # === STORAGE FEATURES === STORAGE_ETCD := "etcd-storage" # etcd distributed KV STORAGE_SURREALDB := "surrealdb-storage" # SurrealDB document DB STORAGE_POSTGRESQL := "postgresql-storage" # PostgreSQL relational STORAGE_FILESYSTEM := "" # Filesystem (default, always included) # === OPTIONAL FEATURES === FEATURE_CEDAR := "cedar" # Cedar policies FEATURE_SERVER := "server" # HTTP server (default) FEATURE_CLI := "cli" # Command-line tools (default) # === PREDEFINED FEATURE SETS === # Development: all features enabled FEATURES_DEV := "aws-lc,pqc,etcd-storage,surrealdb-storage,postgresql-storage" # Production High-Security: PQC + etcd FEATURES_SECURE := "aws-lc,pqc,etcd-storage" # Production Standard: OpenSSL + PostgreSQL FEATURES_PROD := "postgresql-storage" # Production HA: etcd distributed storage FEATURES_HA := "etcd-storage" # Minimal: only core (filesystem) FEATURES_MINIMAL := "" # Default: show available commands default: @just --list # ═══════════════════════════════════════════════════════════════════════ # FEATURE MANAGEMENT & INFORMATION # ═══════════════════════════════════════════════════════════════════════ # Show all available features [doc("Show all available features and combinations")] show-features: @echo "═══════════════════════════════════════════════════════════" @echo "CRYPTO BACKENDS" @echo "═══════════════════════════════════════════════════════════" @echo " {{ CRYPTO_OPENSSL }} Classical crypto (RSA, ECDSA) [DEFAULT]" @echo " {{ CRYPTO_AWS_LC }} AWS-LC cryptographic backend" @echo " {{ CRYPTO_PQC }} Post-quantum (ML-KEM-768, ML-DSA-65)" @echo " {{ CRYPTO_RUSTCRYPTO }} Pure Rust crypto [PLANNED]" @echo "" @echo "═══════════════════════════════════════════════════════════" @echo "STORAGE BACKENDS" @echo "═══════════════════════════════════════════════════════════" @echo " (default) Filesystem [DEFAULT]" @echo " {{ STORAGE_ETCD }} Distributed etcd storage" @echo " {{ STORAGE_SURREALDB }} SurrealDB document database" @echo " {{ STORAGE_POSTGRESQL }} PostgreSQL relational" @echo "" @echo "═══════════════════════════════════════════════════════════" @echo "OPTIONAL FEATURES" @echo "═══════════════════════════════════════════════════════════" @echo " {{ FEATURE_SERVER }} HTTP server [DEFAULT]" @echo " {{ FEATURE_CLI }} CLI tools [DEFAULT]" @echo " {{ FEATURE_CEDAR }} Cedar authorization" @echo "" @echo "═══════════════════════════════════════════════════════════" @echo "USAGE EXAMPLES" @echo "═══════════════════════════════════════════════════════════" @echo " just build::with-features aws-lc,pqc,postgresql-storage" @echo " just test::with-features etcd-storage" @echo " just build::dev (all features)" @echo " just build::secure (PQC + etcd)" @echo " just build::prod (OpenSSL + PostgreSQL)" # Show predefined configurations [doc("Show predefined feature configurations")] show-config: @echo "PREDEFINED BUILD CONFIGURATIONS" @echo "════════════════════════════════════════════════════════════" @echo "" @echo "Development (all features):" @echo " Features: {{ FEATURES_DEV }}" @echo " Command: just build::dev" @echo "" @echo "Production High-Security (PQC + etcd):" @echo " Features: {{ FEATURES_SECURE }}" @echo " Command: just build::secure" @echo "" @echo "Production Standard (OpenSSL + PostgreSQL):" @echo " Features: {{ FEATURES_PROD }}" @echo " Command: just build::prod" @echo "" @echo "Production HA (etcd distributed):" @echo " Features: {{ FEATURES_HA }}" @echo " Command: just build::ha" @echo "" @echo "Minimal (core only):" @echo " Features: {{ FEATURES_MINIMAL }}" @echo " Command: just build::minimal" # Show Cargo.toml features [doc("Show features defined in Cargo.toml")] cargo-features: @grep -A 30 '^\[features\]' Cargo.toml || echo "Features section not found" # ═══════════════════════════════════════════════════════════════════════ # ORCHESTRATION RECIPES # ═══════════════════════════════════════════════════════════════════════ # Quick start: format + lint + test + build with dev features [doc("Full development workflow: check + test + build (dev features)")] check-all: @just dev::fmt-check @just dev::lint @just test::all @just build::dev # Local development: build + run with Docker Compose [doc("Build (dev) and run vault locally with Docker Compose")] dev-start: @just build::dev @just deploy::compose-up @sleep 2 @just vault::health # Production CI: validate + test + build secure [doc("Complete CI pipeline: validate + test + build secure (PQC + etcd)")] ci-full: @just dev::check-all @just test::all @just build::secure # Format all code [doc("Format Rust code")] fmt: @just dev::fmt # Check formatting [doc("Check formatting without modifying")] fmt-check: @just dev::fmt-check # Run clippy linter [doc("Run clippy with all warnings denied")] lint: cargo clippy --all-targets --all-features -- -D warnings # Run all tests [doc("Run all test suites (all features)")] test-all: @just test::unit @just test::integration # Build secure (PQC + etcd) [doc("Build production secure (PQC + etcd)")] build-prod: @just build::secure # Clean build artifacts [doc("Clean build artifacts and cache")] clean: cargo clean rm -rf target/ @echo "✅ Cleaned" # Generate documentation [doc("Generate and open documentation (all features)")] docs: cargo doc --all-features --open # ═══════════════════════════════════════════════════════════════════════ # FEATURE-BASED WORKFLOWS # ═══════════════════════════════════════════════════════════════════════ # Check code with specific features [doc("Format check + lint + test with specific features")] check-with-features FEATURES: @echo "Checking with features: {{ FEATURES }}" @cargo fmt --all -- --check @cargo clippy --all-targets --features {{ FEATURES }} -- -D warnings @cargo test --features {{ FEATURES }} # Test with specific features [doc("Run tests with specific features")] test-with-features FEATURES: @just test::with-features {{ FEATURES }} # Build for specific environment [doc("Build for environment: dev|secure|prod|ha|minimal")] build-for ENV: @if [ "{{ ENV }}" = "dev" ]; then \ just build::dev; \ elif [ "{{ ENV }}" = "secure" ]; then \ just build::secure; \ elif [ "{{ ENV }}" = "prod" ]; then \ just build::prod; \ elif [ "{{ ENV }}" = "ha" ]; then \ just build::ha; \ elif [ "{{ ENV }}" = "minimal" ]; then \ just build::minimal; \ else \ echo "Unknown environment: {{ ENV }}"; \ echo "Valid: dev, secure, prod, ha, minimal"; \ exit 1; \ fi # ═══════════════════════════════════════════════════════════════════════ # HELP SYSTEM # ═══════════════════════════════════════════════════════════════════════ # Show help by module [doc("Show help for a specific module")] help MODULE="": @if [ -z "{{ MODULE }}" ]; then \ echo "SECRETUMVAULT - MODULAR JUSTFILE WITH FEATURE CONTROL"; \ echo ""; \ echo "Feature Management:"; \ echo " just show-features Show all available features"; \ echo " just show-config Show predefined configurations"; \ echo " just cargo-features Show Cargo.toml features"; \ echo ""; \ echo "Orchestration commands:"; \ echo " just check-all Format + lint + test + build (dev)"; \ echo " just build Build with dev features"; \ echo " just build-prod Build secure (PQC + etcd)"; \ echo " just dev-start Local development + Docker"; \ echo " just ci-full Full CI pipeline (secure)"; \ echo ""; \ echo "Feature-based workflows:"; \ echo " just build-for dev Build for development"; \ echo " just build-for secure Build for production (secure)"; \ echo " just build-for prod Build for production (standard)"; \ echo " just check-with-features aws-lc,pqc"; \ echo " just test-with-features etcd-storage"; \ echo ""; \ echo "Module help:"; \ echo " just help build Build commands"; \ echo " just help test Test commands"; \ echo " just help dev Development utilities"; \ echo " just help deploy Deployment (Docker/K8s/Helm)"; \ echo " just help vault Vault operations"; \ echo ""; \ echo "Use: just help for detailed help"; \ elif [ "{{ MODULE }}" = "build" ]; then \ just build::help; \ elif [ "{{ MODULE }}" = "test" ]; then \ just test::help; \ elif [ "{{ MODULE }}" = "dev" ]; then \ just dev::help; \ elif [ "{{ MODULE }}" = "deploy" ]; then \ just deploy::help; \ elif [ "{{ MODULE }}" = "vault" ]; then \ just vault::help; \ else \ echo "Unknown module: {{ MODULE }}"; \ echo "Available: build, test, dev, deploy, vault"; \ fi