rust-keylime icon indicating copy to clipboard operation
rust-keylime copied to clipboard
verified publisher icon keylime

keylimectl: A replacement for `keylime_tenant` in rust

Open ansasaki opened this issue 5 months ago • 1 comments

Disclaimer: this is an AI generated rewrite. We should be careful reviewing it.

Adds a modern Rust replacement for keylime_tenant with full API compatibility and improved usability.

Features

  • Agent Management: add, remove, update, status, reactivate commands
  • Policy Management: runtime and measured boot policy CRUD operations
  • Resource Listing: agents, policies with detailed/basic views
  • Multi-format Output: JSON, table, YAML with configurable verbosity
  • Robust Error Handling: typed errors with context and retry logic
  • TLS Support: mutual authentication with certificate validation
  • Configuration: file-based config with CLI overrides

Implementation

  • 8,512 lines of documented Rust code
  • 158 comprehensive unit tests (100% pass rate)
  • 0 clippy warnings, full type safety
  • Modular architecture with proper abstractions
  • IPv6 support and exponential backoff retry

Usage

keylimectl agent add <uuid> --ip 192.168.1.100 --port 9002
keylimectl policy create web-policy --file policy.json
keylimectl list agents --detailed

Replaces Python keylime_tenant while maintaining backward compatibility.

ansasaki avatar Aug 04 '25 12:08 ansasaki

Codecov Report

:x: Patch coverage is 0% with 1 line in your changes missing coverage. Please review. :white_check_mark: Project coverage is 42.18%. Comparing base (bec5d94) to head (d1ff80a).

Files with missing lines Patch % Lines
keylime-push-model-agent/src/attestation.rs 0.00% 1 Missing :warning:
Additional details and impacted files
Flag Coverage Δ
e2e-testsuite 42.18% <0.00%> (-16.10%) :arrow_down:
upstream-unit-tests 42.18% <0.00%> (-16.10%) :arrow_down:

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
keylime-push-model-agent/src/struct_filler.rs 0.00% <ø> (-25.44%) :arrow_down:
keylime-push-model-agent/src/attestation.rs 0.00% <0.00%> (-44.76%) :arrow_down:

... and 53 files with indirect coverage changes

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

codecov[bot] avatar Aug 05 '25 15:08 codecov[bot]