veridian_kernel/services/cri/

streaming.rs

//! CRI Streaming Service
//!
//! Provides exec, attach, and port-forward operations for container
//! runtime interaction.

#![allow(dead_code)]

use alloc::{collections::BTreeMap, string::String, vec::Vec};
use core::sync::atomic::{AtomicU64, Ordering};

// ---------------------------------------------------------------------------
// Types
// ---------------------------------------------------------------------------

/// Request to run a command in a container.
#[derive(Debug, Clone)]
pub struct ExecRequest {
    /// Target container ID.
    pub container_id: u64,
    /// Command to run.
    pub command: Vec<String>,
    /// Whether to attach stdin.
    pub stdin: bool,
    /// Whether to attach stdout.
    pub stdout: bool,
    /// Whether to attach stderr.
    pub stderr: bool,
    /// Whether to allocate a TTY.
    pub tty: bool,
}

/// Result of a synchronous command run.
#[derive(Debug, Clone, PartialEq)]
pub struct ExecResponse {
    /// Exit code.
    pub exit_code: i32,
    /// Stdout output.
    pub stdout_data: Vec<u8>,
    /// Stderr output.
    pub stderr_data: Vec<u8>,
}

/// Request to attach to a running container.
#[derive(Debug, Clone)]
pub struct AttachRequest {
    /// Target container ID.
    pub container_id: u64,
    /// Whether to attach stdin.
    pub stdin: bool,
    /// Whether to attach stdout.
    pub stdout: bool,
    /// Whether to attach stderr.
    pub stderr: bool,
    /// Whether to allocate a TTY.
    pub tty: bool,
}

/// Request to forward a port from a pod sandbox.
#[derive(Debug, Clone)]
pub struct PortForwardRequest {
    /// Target pod sandbox ID.
    pub pod_sandbox_id: u64,
    /// Port number to forward.
    pub port: u16,
}

/// Stream session state.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum StreamState {
    /// Session is active.
    Active,
    /// Session is closed.
    Closed,
}

impl StreamState {
    /// Check if stream is active.
    pub fn is_active(self) -> bool {
        self == StreamState::Active
    }
}

/// A streaming session (for running commands, attaching, or port-forwarding).
#[derive(Debug, Clone)]
pub struct StreamSession {
    /// Unique session identifier.
    pub id: u64,
    /// Session type description.
    pub session_type: String,
    /// Target container or pod ID.
    pub target_id: u64,
    /// Current state.
    pub state: StreamState,
    /// Data buffered for this session.
    pub buffer: Vec<u8>,
    /// Tick when session was created.
    pub created_tick: u64,
}

/// Streaming service error.
#[derive(Debug, Clone, PartialEq, Eq)]
pub enum StreamError {
    /// Container not found.
    ContainerNotFound(u64),
    /// Pod sandbox not found.
    SandboxNotFound(u64),
    /// Session not found.
    SessionNotFound(u64),
    /// Session already closed.
    SessionClosed(u64),
}

// ---------------------------------------------------------------------------
// Streaming Service
// ---------------------------------------------------------------------------

/// Next session ID generator.
static NEXT_SESSION_ID: AtomicU64 = AtomicU64::new(1);

fn alloc_session_id() -> u64 {
    NEXT_SESSION_ID.fetch_add(1, Ordering::Relaxed)
}

/// CRI Streaming Service implementation.
#[derive(Debug)]
pub struct StreamingService {
    /// Active streaming sessions.
    sessions: BTreeMap<u64, StreamSession>,
}

impl Default for StreamingService {
    fn default() -> Self {
        Self::new()
    }
}

impl StreamingService {
    /// Create a new streaming service.
    pub fn new() -> Self {
        StreamingService {
            sessions: BTreeMap::new(),
        }
    }

    /// Run a command synchronously in a container.
    pub fn exec_sync(&self, request: &ExecRequest) -> Result<ExecResponse, StreamError> {
        if request.container_id == 0 {
            return Err(StreamError::ContainerNotFound(0));
        }
        Ok(ExecResponse {
            exit_code: 0,
            stdout_data: Vec::new(),
            stderr_data: Vec::new(),
        })
    }

    /// Start an asynchronous command session.
    pub fn run_command(
        &mut self,
        request: &ExecRequest,
        current_tick: u64,
    ) -> Result<u64, StreamError> {
        if request.container_id == 0 {
            return Err(StreamError::ContainerNotFound(0));
        }
        let session_id = alloc_session_id();
        let session = StreamSession {
            id: session_id,
            session_type: String::from("run"),
            target_id: request.container_id,
            state: StreamState::Active,
            buffer: Vec::new(),
            created_tick: current_tick,
        };
        self.sessions.insert(session_id, session);
        Ok(session_id)
    }

    /// Attach to a running container's I/O streams.
    pub fn attach(
        &mut self,
        request: &AttachRequest,
        current_tick: u64,
    ) -> Result<u64, StreamError> {
        if request.container_id == 0 {
            return Err(StreamError::ContainerNotFound(0));
        }
        let session_id = alloc_session_id();
        let session = StreamSession {
            id: session_id,
            session_type: String::from("attach"),
            target_id: request.container_id,
            state: StreamState::Active,
            buffer: Vec::new(),
            created_tick: current_tick,
        };
        self.sessions.insert(session_id, session);
        Ok(session_id)
    }

    /// Set up port forwarding for a pod sandbox.
    pub fn port_forward(
        &mut self,
        request: &PortForwardRequest,
        current_tick: u64,
    ) -> Result<u64, StreamError> {
        if request.pod_sandbox_id == 0 {
            return Err(StreamError::SandboxNotFound(0));
        }
        let session_id = alloc_session_id();
        let session = StreamSession {
            id: session_id,
            session_type: String::from("port-forward"),
            target_id: request.pod_sandbox_id,
            state: StreamState::Active,
            buffer: Vec::new(),
            created_tick: current_tick,
        };
        self.sessions.insert(session_id, session);
        Ok(session_id)
    }

    /// Close a streaming session.
    pub fn close_session(&mut self, session_id: u64) -> Result<(), StreamError> {
        let session = self
            .sessions
            .get_mut(&session_id)
            .ok_or(StreamError::SessionNotFound(session_id))?;
        if session.state == StreamState::Closed {
            return Err(StreamError::SessionClosed(session_id));
        }
        session.state = StreamState::Closed;
        Ok(())
    }

    /// Get session status.
    pub fn session_status(&self, session_id: u64) -> Option<&StreamSession> {
        self.sessions.get(&session_id)
    }

    /// Count active sessions.
    pub fn active_session_count(&self) -> usize {
        self.sessions
            .values()
            .filter(|s| s.state == StreamState::Active)
            .count()
    }

    /// Remove closed sessions.
    pub fn cleanup_closed(&mut self) -> usize {
        let before = self.sessions.len();
        self.sessions.retain(|_, s| s.state != StreamState::Closed);
        before - self.sessions.len()
    }
}

// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------

#[cfg(test)]
mod tests {
    #[allow(unused_imports)]
    use alloc::string::ToString;
    #[allow(unused_imports)]
    use alloc::vec;

    use super::*;

    #[test]
    fn test_exec_sync_ok() {
        let svc = StreamingService::new();
        let req = ExecRequest {
            container_id: 1,
            command: vec![String::from("ls")],
            stdin: false,
            stdout: true,
            stderr: true,
            tty: false,
        };
        let resp = svc.exec_sync(&req).unwrap();
        assert_eq!(resp.exit_code, 0);
    }

    #[test]
    fn test_exec_sync_not_found() {
        let svc = StreamingService::new();
        let req = ExecRequest {
            container_id: 0,
            command: vec![String::from("ls")],
            stdin: false,
            stdout: true,
            stderr: true,
            tty: false,
        };
        assert_eq!(svc.exec_sync(&req), Err(StreamError::ContainerNotFound(0)));
    }

    #[test]
    fn test_run_command_async() {
        let mut svc = StreamingService::new();
        let req = ExecRequest {
            container_id: 5,
            command: vec![String::from("sh")],
            stdin: true,
            stdout: true,
            stderr: true,
            tty: true,
        };
        let sid = svc.run_command(&req, 100).unwrap();
        let session = svc.session_status(sid).unwrap();
        assert_eq!(session.session_type, "run");
        assert_eq!(session.state, StreamState::Active);
    }

    #[test]
    fn test_attach() {
        let mut svc = StreamingService::new();
        let req = AttachRequest {
            container_id: 3,
            stdin: true,
            stdout: true,
            stderr: false,
            tty: false,
        };
        let sid = svc.attach(&req, 200).unwrap();
        assert_eq!(svc.active_session_count(), 1);
        let session = svc.session_status(sid).unwrap();
        assert_eq!(session.session_type, "attach");
    }

    #[test]
    fn test_port_forward() {
        let mut svc = StreamingService::new();
        let req = PortForwardRequest {
            pod_sandbox_id: 7,
            port: 8080,
        };
        let sid = svc.port_forward(&req, 300).unwrap();
        let session = svc.session_status(sid).unwrap();
        assert_eq!(session.session_type, "port-forward");
    }

    #[test]
    fn test_close_and_double_close() {
        let mut svc = StreamingService::new();
        let req = ExecRequest {
            container_id: 1,
            command: Vec::new(),
            stdin: false,
            stdout: false,
            stderr: false,
            tty: false,
        };
        let sid = svc.run_command(&req, 100).unwrap();
        svc.close_session(sid).unwrap();
        assert_eq!(svc.close_session(sid), Err(StreamError::SessionClosed(sid)));
    }
}