Rely on mdbook to render top-level documentation in a concise manner.
Using the `build-book` just recipe the mdbook (including adhoc addition
of js requirements for nermaid graphs) is built from a preselected list
of documentation files.
Afterwards all Rust documentation is collected in a `rustdoc`
subdirectory of the shared documentation output directory.

The `watch-book` and `serve-book` just recipes enable a worklow in which
relevant files are watched and the output dir is continuously served
using an adhoc webserver.

Fixes: #124


Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

This command verifies the backup and if the optional passphrase
is provided will do more thorough checks.

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

This function checks the NetHSM backup for parsing errors.
If the passphrase is provided it will do more thorough checks
including verification of a known version number.

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

This allows using the raw secret value without allocating and copying
it to the heap.

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Fixes: #52


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Signed-off-by: renovate <renovate@archlinux.org>

Signed-off-by: renovate <renovate@archlinux.org>

Signed-off-by: renovate <renovate@archlinux.org>

Due to a bug in cargo the docs of nethsm-cli would overwrite those
of nethsm.
Prevent this by selectively generating docs and moving relevant dirs
around.

Related-to: https://github.com/rust-lang/cargo/issues/6313


Signed-off-by: David Runge <dvzrv@archlinux.org>

Fixes: #91


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Signed-off-by: renovate <renovate@archlinux.org>

The split of integration tests made it possible to run these concurrently.
Unfortunately the load to the VM machine was too great.

Split the integration tests into several smaller stages so that they don't run at the same time.

Fixes: #106
Fixes: #110
Fixes: #111
Fixes: #115
Fixes: #116
Fixes: #117


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Use dedicated release branch for the crate release, commit the changes
created by `release-plz` using a generic release message and push the
commit automatically.

Optionally allow setting a specific version. This only happens after
running `release-plz`, as it should not run on an unclean repository.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Version 0.2.165 of libc has been yanked:
https://crates.io/crates/libc/0.2.165



Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

The approach of using custom `.gitignore` files for introducing ignored
directories clashes with `release-plz` checks.
Remove them and instead rely on the custom creation of directories when
they are needed and ignore directories globally.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Signed-off-by: David Runge <dvzrv@archlinux.org>

Some hosts such as man.archlinux.org block on too many requests.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Add the `build-test-image` target to run the `build-test-image` recipe,
which builds an image using the latest versions of all all local
components.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Use the new `test-readmes` recipe to test all README.md based end-to-end
integrations in a single target.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Add the `build-test-image` recipe to allow building a Signstar image
using local executables and testing configurations.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Add the `build` recipe and allow providing further cargo build options.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Replace the exemplary, custom user creation with a call to
`signstar-configure-build`.
Currently only run the new executable if it is in PATH, as it is not
packaged yet and therefore only around when testing with locally built
executables.

Signed-off-by: David Runge <dvzrv@archlinux.org>

As we want to be able to test executables such as
`signstar-configure-build` in CI on each change, we need a separate
mkosi profile to be able to provide the latest executable and an example
configuration without interfering with the stable image build.

The `local-testing` mkosi profile allows copying more files into the
image which will shadow whatever is installed into the image.

Signed-off-by: David Runge <dvzrv@archlinux.org>

As `clap` and `nethsm-config` are now workspace dependencies, we want to
rely on them centrally.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Use a `test-readmes` recipe as bundled target for testing all README.md
based end-to-end integrations that are available.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Extend the `test-readme` recipe to allow running tangler in an Arch
Linux container.
Allow global overrides to container creation and running.
Add specific overrides when testing against `signstar-configure-build`
project, as here we need to test inside of a container.

Signed-off-by: David Runge <dvzrv@archlinux.org>

Add executable `signstar-configure-build` to create system users and
their integration for signstar hosts during build-time.
Users are created without a passphrase with the help of `useradd` and
unlocked using `usermod`.
User home directories are created in a dedicated directory with the help
of `tmpfiles.d`.
Afterwards, if available for the specific user mapping, SSH
configuration is created based on system-wide drop-ins, that define
which SSH keys are authorized for authentication and sets a command,
which is enforced upon login.

Fixes: #78


Signed-off-by: David Runge <dvzrv@archlinux.org>

The `cargo test` command cannot parallelize across crates and it makes
tests slower than necessary:

```
$ time cargo test --all
...
real	0m8,449s
user	1m24,149s
sys	0m37,558s
```

Comparing with `nextest` the difference is clear:

```
$ time cargo nextest run --all
...
real	0m2,898s
user	0m5,922s
sys	0m2,079s
```

Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>

Fixes: #107
Fixes: #108


Signed-off-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>