feat(sdk): extract openshell-sdk crate#1862
Open
maxdubrinsky wants to merge 1 commit into
Open
Conversation
Per RFC 0005, lift the gRPC client, TLS, OIDC, edge-tunnel, and refresh
plumbing out of openshell-cli into a new openshell-sdk crate. CLI and
TUI now consume the SDK; openshell-cli/src/{tls.rs,oidc_auth.rs} shrink
to thin wrappers over the SDK's transport and OIDC modules.
- New crate openshell-sdk exposes a typed gRPC client, TLS resolver,
OidcRefresher with single-flight semantics, edge-tunnel dialer, and a
Sandbox-API surface that mirrors the existing CLI behavior.
- crates/openshell-core/src/auth.rs moves into the SDK as auth.rs.
- crates/openshell-cli/src/edge_tunnel.rs moves into the SDK as
edge_tunnel.rs.
Tests: 3 unit + 10 mock-gateway integration tests in openshell-sdk.
Signed-off-by: Max Dubrinsky <mdubrinsky@nvidia.com>
maxdubrinsky
requested review from
a team,
derekwaynecarr and
mrunalp
as code owners
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Extracts a new
openshell-sdkRust crate from the gRPC client plumbing that lived inopenshell-cli, and refactors the CLI and TUI to consume it. This is RFC 0005, Phase 1 — the shared client core — with no TypeScript; the napi binding (@openshell/sdk), examples, and CI follow in a separate PR.The SDK owns gRPC channel construction, TLS material handling, request interceptors, OIDC token refresh (single-flight), and the Cloudflare Access tunnel.
openshell-cli/src/{tls.rs,oidc_auth.rs}shrink to thin wrappers over the SDK, andopenshell-core/src/auth.rsmoves into it. CLI and TUI user-facing behavior is unchanged.Related Issue
Changes
crates/openshell-sdk/: typed gRPC client (OpenShellClient), TLS resolver,OidcRefresherwith single-flight semantics, edge-tunnel dialer, arawescape hatch, error taxonomy, and curated types. CrateREADME.mdincluded.openshell-cli: consumes the SDK;tls.rs/oidc_auth.rsbecome thin wrappers.openshell-tui: consumes the SDK.openshell-core:auth.rsmoves into the SDK.AGENTS.md: architecture-table row for the new crate.Testing
mise run pre-commitpasses (clippy-D warnings, fmt, full test suite, markdown lint, license headers)openshell-sdkChecklist
README.md+AGENTS.mdarchitecture table