send SaveCredential request to frontend on docker store

add Docker credentials to app and CLI
start working on docker helper
2024-09-19 11:35:18 -04:00 · 2024-09-19 11:35:18 -04:00 · 2024-09-19 11:35:18 -04:00
34 changed files with 265 additions and 809 deletions
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "creddy",
-  "version": "0.6.3",
+  "version": "0.5.4",
  "scripts": {
    "dev": "vite",
    "build": "vite build",
--- a/src-tauri/Cargo.lock
+++ b/src-tauri/Cargo.lock
@ -218,6 +218,30 @@ dependencies = [
 "pin-project-lite",
 ]

+[[package]]
+name = "async-executor"
+version = "1.12.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c8828ec6e544c02b0d6691d21ed9f9218d0384a82542855073c2a3f58304aaf0"
+dependencies = [
+ "async-task",
+ "concurrent-queue",
+ "fastrand",
+ "futures-lite",
+ "slab",
+]
+
+[[package]]
+name = "async-fs"
+version = "2.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebcd09b382f40fcd159c2d695175b2ae620ffa5f3bd6f664131efff4e8b9e04a"
+dependencies = [
+ "async-lock",
+ "blocking",
+ "futures-lite",
+]
+
 [[package]]
 name = "async-io"
 version = "2.3.3"
@ -1217,7 +1241,7 @@ dependencies = [

 [[package]]
 name = "creddy"
-version = "0.6.3"
+version = "0.5.4"
 dependencies = [
 "argon2",
 "auto-launch",
@ -1251,6 +1275,7 @@ dependencies = [
 "tauri-plugin-dialog",
 "tauri-plugin-global-shortcut",
 "tauri-plugin-os",
+ "tauri-plugin-single-instance",
 "thiserror",
 "time",
 "tokio",
@ -1262,7 +1287,7 @@ dependencies = [

 [[package]]
 name = "creddy_cli"
-version = "0.6.0"
+version = "0.5.4"
 dependencies = [
 "anyhow",
 "clap",
@ -5622,6 +5647,21 @@ dependencies = [
 "thiserror",
 ]

+[[package]]
+name = "tauri-plugin-single-instance"
+version = "2.0.0-beta.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0ecafcc5214a5d3cd7a720c11e9c03cbd45ccaff721963485ec4ab481bdf4540"
+dependencies = [
+ "log",
+ "serde",
+ "serde_json",
+ "tauri",
+ "thiserror",
+ "windows-sys 0.52.0",
+ "zbus",
+]
+
 [[package]]
 name = "tauri-runtime"
 version = "2.0.0-beta.18"
@ -7002,9 +7042,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7b8e3d6ae3342792a6cc2340e4394334c7402f3d793b390d2c5494a4032b3030"
 dependencies = [
 "async-broadcast",
+ "async-executor",
+ "async-fs",
+ "async-io",
+ "async-lock",
 "async-process",
 "async-recursion",
+ "async-task",
 "async-trait",
+ "blocking",
 "derivative",
 "enumflags2",
 "event-listener 5.3.1",
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "creddy"
-version = "0.6.3"
+version = "0.5.4"
 description = "A friendly AWS credentials manager"
 authors = ["Joseph Montanaro"]
 license = ""
@ -30,7 +30,7 @@ tauri-build = { version = "2.0.0-beta", features = [] }

 [dependencies]
 creddy_cli = { path = "./creddy_cli" }
-tauri = { version = "2.0.0-beta", features = ["tray-icon", "test"] }
+tauri = { version = "2.0.0-beta", features = ["tray-icon"] }
 sodiumoxide = "0.2.7"
 sysinfo = "0.26.8"
 aws-config = "1.5.3"
@ -49,6 +49,7 @@ chacha20poly1305 = { version = "0.10.1", features = ["std"] }
 which = "4.4.0"
 windows = { version = "0.51.1", features = ["Win32_Foundation", "Win32_System_Pipes"] }
 time = "0.3.31"
+tauri-plugin-single-instance = "2.0.0-beta.9"
 tauri-plugin-global-shortcut = "2.0.0-beta.6"
 tauri-plugin-os = "2.0.0-beta.6"
 tauri-plugin-dialog = "2.0.0-beta.9"
--- a/src-tauri/creddy_cli/Cargo.toml
+++ b/src-tauri/creddy_cli/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "creddy_cli"
-version = "0.6.0"
+version = "0.5.4"
 edition = "2021"

 [dependencies]
--- a/src-tauri/creddy_cli/src/cli/docker.rs
+++ b/src-tauri/creddy_cli/src/cli/docker.rs
@ -1,4 +1,4 @@
-use std::io::{self, Read};
+use std::io;

 use anyhow::bail;

@ -12,47 +12,12 @@ use super::{

 pub fn docker_store(global_args: GlobalArgs) -> anyhow::Result<()> {
    let input: DockerCredential = serde_json::from_reader(io::stdin())?;
+    dbg!(&input);

-    let req = CliRequest::StoreDockerCredential(input);
-
-    match super::make_request(global_args.server_addr, &req)?? {
-        CliResponse::Empty => Ok(()),
-        r => bail!("Unexpected response from server: {r}"),
-    }
-}
-
-
-pub fn docker_get(global_args: GlobalArgs) -> anyhow::Result<()> {
-    let mut server_url = String::new();
-    io::stdin().read_to_string(&mut server_url)?;
-    let req = CliRequest::GetDockerCredential {
-       server_url: server_url.trim().to_owned()
-    };
-
-    let server_resp = super::make_request(global_args.server_addr, &req)?;
-    match server_resp {
-        Ok(CliResponse::Credential(CliCredential::Docker(d))) => {
-            println!("{}", serde_json::to_string(&d)?);
-        },
-        Err(e) if e.code == "NoCredentials" => {
-            // To indicate credentials are not found, a credential helper *must* print
-            // this message to stdout, then exit 1. Any other message/status will cause
-            // some builds to fail. This is, of course, not documented anywhere.
-            println!("credentials not found in native keychain");
-            std::process::exit(1);
-        },
-        Err(e) => Err(e)?,
-        Ok(r) => bail!("Unexpected response from server: {r}"),
-    }
-    Ok(())
-}
-
-
-pub fn docker_erase(global_args: GlobalArgs) -> anyhow::Result<()> {
-    let mut server_url = String::new();
-    io::stdin().read_to_string(&mut server_url)?;
-    let req = CliRequest::EraseDockerCredential {
-        server_url: server_url.trim().to_owned()
+    let req = CliRequest::SaveCredential {
+        name: input.username.clone(),
+        is_default: false, // is_default doesn't really mean anything for Docker credentials
+        credential: CliCredential::Docker(input),
    };

    match super::make_request(global_args.server_addr, &req)?? {
--- a/src-tauri/creddy_cli/src/cli/mod.rs
+++ b/src-tauri/creddy_cli/src/cli/mod.rs
@ -65,7 +65,7 @@ pub struct GlobalArgs {
 #[derive(Debug, Subcommand)]
 pub enum Action {
    /// Launch Creddy
-    Run(RunArgs),
+    Run,
    /// Request credentials from Creddy and output to stdout
    Get(GetArgs),
    /// Inject credentials into the environment of another command
@ -78,14 +78,6 @@ pub enum Action {
 }


-#[derive(Debug, Args)]
-pub struct RunArgs {
-    /// Minimize to system tray on launch
-    #[arg(long, default_value_t = false)]
-    pub minimized: bool,
-}
-
-
 #[derive(Debug, Args)]
 pub struct GetArgs {
    /// If unspecified, use default credentials
@ -110,7 +102,7 @@ pub struct ExecArgs {
 #[derive(Debug, Args)]
 pub struct InvokeArgs {
    #[arg(value_name = "ACTION", value_enum)]
-    pub shortcut_action: ShortcutAction,
+    shortcut_action: ShortcutAction,
 }


@ -126,7 +118,7 @@ pub enum DockerCmd {


 pub fn get(args: GetArgs, global: GlobalArgs) -> anyhow::Result<()> {
-    let req = CliRequest::GetAwsCredential {
+    let req = CliRequest::GetCredential {
        name: args.name,
        base: args.base,
    };
@ -153,7 +145,7 @@ pub fn exec(args: ExecArgs, global: GlobalArgs) -> anyhow::Result<()> {
    let mut cmd = ChildCommand::new(cmd_name);
    cmd.args(cmd_line);

-    let req = CliRequest::GetAwsCredential {
+    let req = CliRequest::GetCredential {
        name: args.get_args.name,
        base: args.get_args.base,
    };
@ -201,7 +193,7 @@ pub fn exec(args: ExecArgs, global: GlobalArgs) -> anyhow::Result<()> {


 pub fn invoke_shortcut(args: InvokeArgs, global: GlobalArgs) -> anyhow::Result<()> {
-    let req = CliRequest::InvokeShortcut{action: args.shortcut_action};
+    let req = CliRequest::InvokeShortcut(args.shortcut_action);
    match make_request(global.server_addr, &req)?? {
        CliResponse::Empty => Ok(()),
        r => bail!("Unexpected response from server: {r}"),
@ -211,9 +203,9 @@ pub fn invoke_shortcut(args: InvokeArgs, global: GlobalArgs) -> anyhow::Result<(

 pub fn docker_credential_helper(cmd: DockerCmd, global_args: GlobalArgs) -> anyhow::Result<()> {
    match cmd {
-        DockerCmd::Get => docker::docker_get(global_args),
+        DockerCmd::Get => todo!(),
        DockerCmd::Store => docker::docker_store(global_args),
-        DockerCmd::Erase => docker::docker_erase(global_args),
+        DockerCmd::Erase => todo!(),
    }
 }

--- a/src-tauri/creddy_cli/src/lib.rs
+++ b/src-tauri/creddy_cli/src/lib.rs
@ -1,26 +1,19 @@
 mod cli;
 pub use cli::{
-    Action,
    Cli,
-    docker_credential_helper,
+    Action,
    exec,
    get,
-    GlobalArgs,
-    RunArgs,
    invoke_shortcut,
+    docker_credential_helper,
 };

-pub use platform::{connect, server_addr};
+pub(crate) use platform::connect;
+pub use platform::server_addr;

 pub mod proto;


-pub fn show_window(global_args: GlobalArgs) -> anyhow::Result<()> {
-    let invoke = cli::InvokeArgs { shortcut_action: proto::ShortcutAction::ShowWindow };
-    cli::invoke_shortcut(invoke, global_args)
-}
-
-
 #[cfg(unix)]
 mod platform {
    use std::path::PathBuf;
@ -34,12 +27,7 @@ mod platform {
    pub fn server_addr(sock_name: &str) -> PathBuf {
        let mut path = dirs::runtime_dir()
            .unwrap_or_else(|| PathBuf::from("/tmp"));
-        if cfg!(debug_assertions) {
-            path.push(format!("{sock_name}.dev.sock"))
-        }
-        else {
-            path.push(format!("{sock_name}.sock"));
-        }
+        path.push(format!("{sock_name}.sock"));
        path
    }
 }
@ -48,11 +36,6 @@ mod platform {
 #[cfg(windows)]
 mod platform {
    pub fn server_addr(sock_name: &str) -> String {
-        if cfg!(debug_assertions) {
-            format!(r"\\.\pipe\{sock_name}.dev")
-        }
-        else {
-            format!(r"\\.\pipe\{sock_name}")
-        }
+        format!(r"\\.\pipe\{sock_name}")
    }
 }
--- a/src-tauri/creddy_cli/src/main.rs
+++ b/src-tauri/creddy_cli/src/main.rs
@ -1,17 +1,13 @@
 use std::env;
 use std::process::{self, Command};

-use creddy_cli::{
-    Action,
-    Cli,
-    RunArgs,
-};
+use creddy_cli::{Action, Cli};
+

 fn main() {
    let cli = Cli::parse();
    let res = match cli.action {
-        None => launch_gui(RunArgs { minimized: false }),
-        Some(Action::Run(run_args)) => launch_gui(run_args),
+        None | Some(Action::Run)=> launch_gui(),
        Some(Action::Get(args)) => creddy_cli::get(args, cli.global_args),
        Some(Action::Exec(args)) => creddy_cli::exec(args, cli.global_args),
        Some(Action::Shortcut(args)) => creddy_cli::invoke_shortcut(args, cli.global_args),
@ -25,7 +21,7 @@ fn main() {
 }


-fn launch_gui(run_args: RunArgs) -> anyhow::Result<()>  {
+fn launch_gui() -> anyhow::Result<()>  {
    let mut path = env::current_exe()?;
    path.pop(); // bin dir

@ -35,10 +31,6 @@ fn launch_gui(run_args: RunArgs) -> anyhow::Result<()>  {

    path.push("creddy.exe"); // exe in main install dir (aka gui exe)

-    let mut cmd = Command::new(path);
-    if run_args.minimized {
-        cmd.arg("--minimized");
-    }
-    cmd.spawn()?;
+    Command::new(path).spawn()?;
    Ok(())
 }
--- a/src-tauri/creddy_cli/src/proto.rs
+++ b/src-tauri/creddy_cli/src/proto.rs
@ -9,22 +9,17 @@ use serde::{Serialize, Deserialize};


 #[derive(Debug, Serialize, Deserialize)]
-#[serde(tag = "type")]
 pub enum CliRequest {
-    GetAwsCredential {
+    GetCredential {
        name: Option<String>,
        base: bool,
    },
-    GetDockerCredential {
-        server_url: String,
-    },
-    StoreDockerCredential(DockerCredential),
-    EraseDockerCredential {
-        server_url: String,
-    },
-    InvokeShortcut{
-        action: ShortcutAction,
+    SaveCredential {
+        name: String,
+        is_default: bool,
+        credential: CliCredential,
    },
+    InvokeShortcut(ShortcutAction),
 }


@ -99,8 +94,8 @@ pub struct DockerCredential {

 #[derive(Debug, Serialize, Deserialize)]
 pub struct ServerError {
-    pub code: String,
-    pub msg: String,
+    code: String,
+    msg: String,
 }

 impl Display for ServerError {
--- a/src-tauri/migrations/20240919135710_docker_creds.sql
+++ b/src-tauri/migrations/20240919135710_docker_creds.sql
@ -7,6 +7,5 @@ CREATE TABLE docker_credentials (
    server_url TEXT UNIQUE NOT NULL,
    username TEXT NOT NULL,
    secret_enc BLOB NOT NULL,
-    nonce BLOB NOT NULL,
-    FOREIGN KEY(id) REFERENCES credentials(id) ON DELETE CASCADE
+    nonce BLOB NOT NULL
 );
--- a/src-tauri/src/app.rs
+++ b/src-tauri/src/app.rs
@ -15,7 +15,7 @@ use tauri::{
    RunEvent,
    WindowEvent,
 };
-use creddy_cli::{GlobalArgs, RunArgs};
+use tauri::menu::MenuItem;

 use crate::{
    config::{self, AppConfig},
@ -32,13 +32,12 @@ use crate::{
 pub static APP: OnceCell<AppHandle> = OnceCell::new();


-pub fn run(run_args: RunArgs, global_args: GlobalArgs) -> tauri::Result<()> {
-    if let Ok(_) = creddy_cli::show_window(global_args) {
-        // app is already running, so terminate
-        return Ok(());
-    }
-
+pub fn run() -> tauri::Result<()> {
    tauri::Builder::default()
+        .plugin(tauri_plugin_single_instance::init(|app, _argv, _cwd| {
+            show_main_window(app)
+                .error_popup("Failed to show main window")
+        }))
        .plugin(tauri_plugin_global_shortcut::Builder::default().build())
        .plugin(tauri_plugin_os::init())
        .plugin(tauri_plugin_dialog::init())
@ -59,10 +58,9 @@ pub fn run(run_args: RunArgs, global_args: GlobalArgs) -> tauri::Result<()> {
            ipc::save_config,
            ipc::launch_terminal,
            ipc::get_setup_errors,
-            ipc::get_devmode,
            ipc::exit,
        ])
-        .setup(|app| rt::block_on(setup(app, run_args)))
+        .setup(|app| rt::block_on(setup(app)))
        .build(tauri::generate_context!())?
        .run(|app, run_event| {
            if let RunEvent::WindowEvent { event, .. } = run_event {
@ -88,11 +86,11 @@ pub async fn connect_db() -> Result<SqlitePool, SetupError> {
 }


-async fn setup(app: &mut App, run_args: RunArgs) -> Result<(), Box<dyn Error>> {
+async fn setup(app: &mut App) -> Result<(), Box<dyn Error>> {
    APP.set(app.handle().clone()).unwrap();
    tray::setup(app)?;
    // get_or_create_db_path doesn't create the actual db file, just the directory
-    let is_first_launch = !config::get_or_create_db_path()?.try_exists()?;
+    let is_first_launch = !config::get_or_create_db_path()?.exists();
    let pool = connect_db().await?;
    let mut setup_errors: Vec<String> = vec![];

@ -111,16 +109,10 @@ async fn setup(app: &mut App, run_args: RunArgs) -> Result<(), Box<dyn Error>> {
    creddy_server::serve(app.handle().clone())?;
    agent::serve(app.handle().clone())?;

-    // if this is the first launch, setup system with default auto-launch settings
-    if is_first_launch {
-        if let Err(e) = conf.set_auto_launch() {
-            setup_errors.push(format!("Failed to manage autolaunch: {e}"));
-        }
+    config::set_auto_launch(conf.start_on_login)?;
+    if let Err(_e) = config::set_auto_launch(conf.start_on_login) {
+        setup_errors.push("Error: Failed to manage autolaunch.".into());
    }
-    // otherwise, treat the system as the source of truth and ensure ours matches
-    else {
-        conf.match_auto_launch(&pool).await?;
-    };

    // if hotkeys fail to register, disable them so that this error doesn't have to keep showing up
    if let Err(_e) = shortcuts::register_hotkeys(&conf.hotkeys) {
@ -133,7 +125,7 @@ async fn setup(app: &mut App, run_args: RunArgs) -> Result<(), Box<dyn Error>> {
        .map(|names| names.split(':').any(|n| n == "GNOME"))
        .unwrap_or(false);

-    if !run_args.minimized {
+    if !conf.start_minimized || is_first_launch {
        show_main_window(&app.handle())?;
    }

@ -166,8 +158,8 @@ fn start_auto_locker(app: AppHandle) {
 pub fn show_main_window(app: &AppHandle) -> Result<(), WindowError> {
    let w = app.get_webview_window("main").ok_or(WindowError::NoMainWindow)?;
    w.show()?;
-    let menu = app.state::<tray::MenuItems>();
-    menu.after_show()?;
+    let show_hide = app.state::<MenuItem<tauri::Wry>>();
+    show_hide.set_text("Hide")?;
    Ok(())
 }

@ -175,8 +167,8 @@ pub fn show_main_window(app: &AppHandle) -> Result<(), WindowError> {
 pub fn hide_main_window(app: &AppHandle) -> Result<(), WindowError> {
    let w = app.get_webview_window("main").ok_or(WindowError::NoMainWindow)?;
    w.hide()?;
-    let menu = app.state::<tray::MenuItems>();
-    menu.after_hide()?;
+    let show_hide = app.state::<MenuItem<tauri::Wry>>();
+    show_hide.set_text("Show")?;
    Ok(())
 }

--- a/src-tauri/src/clientinfo.rs
+++ b/src-tauri/src/clientinfo.rs
@ -5,8 +5,7 @@ use sysinfo::{
    SystemExt,
    Pid,
    PidExt,
-    ProcessExt,
-    UserExt,
+    ProcessExt
 };
 use serde::{Serialize, Deserialize};

@ -17,16 +16,13 @@ use crate::errors::*;
 pub struct Client {
    pub pid: u32,
    pub exe: Option<PathBuf>,
-    pub username: Option<String>,
 }


 pub fn get_client(pid: u32, parent: bool) -> Result<Client, ClientInfoError> {
    let sys_pid = Pid::from_u32(pid);
-    let mut sys = System::new();
+    let mut sys = System::new();   
    sys.refresh_process(sys_pid);
-    sys.refresh_users_list();
-
    let mut proc = sys.process(sys_pid)
        .ok_or(ClientInfoError::ProcessNotFound)?;

@ -38,15 +34,10 @@ pub fn get_client(pid: u32, parent: bool) -> Result<Client, ClientInfoError> {
            .ok_or(ClientInfoError::ParentProcessNotFound)?;
    }

-    let username = proc.user_id()
-        .map(|uid| sys.get_user_by_id(uid))
-        .flatten()
-        .map(|u| u.name().to_owned());
-
    let exe = match proc.exe() {
        p if p == Path::new("") => None,
        p => Some(PathBuf::from(p)),
    };

-    Ok(Client { pid: proc.pid().as_u32(), exe, username })
+    Ok(Client { pid: proc.pid().as_u32(), exe })
 }
--- a/src-tauri/src/config.rs
+++ b/src-tauri/src/config.rs
@ -1,7 +1,7 @@
 use std::path::PathBuf;
 use std::time::Duration;

-use auto_launch::{AutoLaunch, AutoLaunchBuilder};
+use auto_launch::AutoLaunchBuilder;
 use is_terminal::IsTerminal;
 use serde::{Serialize, Deserialize};
 use sqlx::SqlitePool;
@ -89,49 +89,29 @@ impl AppConfig {
    pub async fn save(&self, pool: &SqlitePool) -> Result<(), sqlx::error::Error> {
        kv::save(pool, "config", self).await
    }
+}

-    /// Configure system with auto-launch settings
-    pub fn set_auto_launch(&self) -> Result<(), SetupError> {
-        let mgr = self.auto_launch_manager()?;

-        // if enabled, disabled regardless of desired end state because either:
-        // a) we are just going to leave it disabled, or
-        // b) we need to disable-and-reenable in case args are different
-        if mgr.is_enabled()? {
-            mgr.disable()?;
-        }
-        if self.start_on_login {
-            mgr.enable()?;
-        }
+pub fn set_auto_launch(is_configured: bool) -> Result<(), SetupError> {
+    let path_buf = std::env::current_exe()
+        .map_err(|e| auto_launch::Error::Io(e))?;
+    let path = path_buf
+        .to_string_lossy();

-        Ok(())
+    let auto = AutoLaunchBuilder::new()
+        .set_app_name("Creddy")
+        .set_app_path(&path)
+        .build()?;
+
+    let is_enabled = auto.is_enabled()?;
+    if is_configured && !is_enabled {
+        auto.enable()?;
+    }
+    else if !is_configured && is_enabled {
+        auto.disable()?;
    }

-    /// Match own auto-launch settings to system
-    pub async fn match_auto_launch(&mut self, pool: &SqlitePool) -> Result<(), SetupError> {
-        let mgr = self.auto_launch_manager()?;
-        let is_enabled = mgr.is_enabled()?;
-        if is_enabled != self.start_on_login {
-            self.start_on_login = is_enabled;
-            self.save(pool).await?;
-        }
-        Ok(())
-    }
-
-    fn auto_launch_manager(&self) -> Result<AutoLaunch, SetupError> {
-        let path_buf = std::env::current_exe()
-            .map_err(|e| auto_launch::Error::Io(e))?;
-
-        let name = if cfg!(debug_assertions) { "Creddy" } else { "Creddy (dev)" };
-        let mut builder = AutoLaunchBuilder::new();
-        builder.set_app_name(name);
-        builder.set_app_path(&path_buf.to_string_lossy());
-        if self.start_minimized {
-            builder.set_args(&["run", "--minimized"]);
-        }
-
-        Ok(builder.build()?)
-    }
+    Ok(())
 }


--- a/src-tauri/src/credentials/docker.rs
+++ b/src-tauri/src/credentials/docker.rs
@ -31,6 +31,7 @@ pub struct DockerCredential {
    pub secret: String,
 }

+
 impl PersistentCredential for DockerCredential {
    type Row = DockerRow;

--- a/src-tauri/src/credentials/mod.rs
+++ b/src-tauri/src/credentials/mod.rs
@ -83,23 +83,6 @@ pub trait PersistentCredential: for<'a> Deserialize<'a> + Sized {
        Self::from_row(row, crypto)
    }

-    async fn load_by<T>(column: &str, value: T, crypto: &Crypto, pool: &SqlitePool) -> Result<Self, LoadCredentialsError>
-    where T: Send + for<'q> sqlx::Encode<'q, Sqlite> + sqlx::Type<Sqlite>
-    {
-        let query = format!(
-            "SELECT * FROM {} where {} = ?",
-            Self::table_name(),
-            column,
-        );
-        let row: Self::Row = sqlx::query_as(&query)
-            .bind(value)
-            .fetch_optional(pool)
-            .await?
-            .ok_or(LoadCredentialsError::NoCredentials)?;
-
-        Self::from_row(row, crypto)
-    }
-
    async fn load_default(crypto: &Crypto, pool: &SqlitePool) -> Result<Self, LoadCredentialsError> {
        let q = format!(
            "SELECT details.*
@ -139,10 +122,3 @@ pub trait PersistentCredential: for<'a> Deserialize<'a> + Sized {
        Ok(creds)
    }
 }
-
-
-pub fn random_uuid() -> Uuid {
-    // a bit weird to use salt() for this, but it's convenient
-    let random_bytes = Crypto::salt();
-    Uuid::from_slice(&random_bytes[..16]).unwrap()
-}
--- a/src-tauri/src/errors.rs
+++ b/src-tauri/src/errors.rs
@ -173,7 +173,7 @@ pub enum HandlerError {
    StreamIOError(#[from] std::io::Error),
    #[error("Received invalid UTF-8 in request")]
    InvalidUtf8(#[from] FromUtf8Error),
-    #[error("Request malformed: {0}")]
+    #[error("HTTP request malformed")]
    BadRequest(#[from] serde_json::Error),
    #[error("HTTP request too large")]
    RequestTooLarge,
@ -183,8 +183,6 @@ pub enum HandlerError {
    Internal(#[from] RecvError),
    #[error("Error accessing credentials: {0}")]
    NoCredentials(#[from] GetCredentialsError),
-    #[error("Error saving credentials: {0}")]
-    SaveCredentials(#[from] SaveCredentialsError),
    #[error("Error getting client details: {0}")]
    ClientInfo(#[from] ClientInfoError),
    #[error("Error from Tauri: {0}")]
--- a/src-tauri/src/ipc.rs
+++ b/src-tauri/src/ipc.rs
@ -14,16 +14,9 @@ use crate::state::AppState;
 use crate::terminal;


-#[derive(Clone, Debug, Serialize, Deserialize)]
-pub enum RequestAction {
-    Access,
-    Delete,
-    Save,
-}
-
-
 #[derive(Clone, Debug, Serialize, Deserialize)]
 pub struct AwsRequestNotification {
+    pub id: u64,
    pub client: Client,
    pub name: Option<String>,
    pub base: bool,
@ -32,47 +25,27 @@ pub struct AwsRequestNotification {

 #[derive(Clone, Debug, Serialize, Deserialize)]
 pub struct SshRequestNotification {
+    pub id: u64,
    pub client: Client,
    pub key_name: String,
 }


-#[derive(Clone, Debug, Serialize, Deserialize)]
-pub struct DockerRequestNotification {
-    pub action: RequestAction,
-    pub client: Client,
-    pub server_url: String,
-}
-
-
 #[derive(Clone, Debug, Serialize, Deserialize)]
 #[serde(tag = "type")]
-pub enum RequestNotificationDetail {
+pub enum RequestNotification {
    Aws(AwsRequestNotification),
    Ssh(SshRequestNotification),
-    Docker(DockerRequestNotification),
 }

-impl RequestNotificationDetail {
-    pub fn new_aws(client: Client, name: Option<String>, base: bool) -> Self {
-        Self::Aws(AwsRequestNotification {client, name, base})
+impl RequestNotification {
+    pub fn new_aws(id: u64, client: Client, name: Option<String>, base: bool) -> Self {
+        Self::Aws(AwsRequestNotification {id, client, name, base})
    }

-    pub fn new_ssh(client: Client, key_name: String) -> Self {
-        Self::Ssh(SshRequestNotification {client, key_name})
+    pub fn new_ssh(id: u64, client: Client, key_name: String) -> Self {
+        Self::Ssh(SshRequestNotification {id, client, key_name})
    }
-
-    pub fn new_docker(action: RequestAction, client: Client, server_url: String) -> Self {
-        Self::Docker(DockerRequestNotification {action, client, server_url})
-    }
-}
-
-
-#[derive(Clone, Debug, Serialize, Deserialize)]
-pub struct RequestNotification {
-    pub id: u64,
-    #[serde(flatten)]
-    pub detail: RequestNotificationDetail,
 }


@ -204,12 +177,6 @@ pub async fn get_setup_errors(app_state: State<'_, AppState>) -> Result<Vec<Stri
 }


-#[tauri::command]
-pub fn get_devmode() -> bool {
-    cfg!(debug_assertions)
-}
-
-
 #[tauri::command]
 pub fn exit(app_handle: AppHandle) {
    app_handle.exit(0)
--- a/src-tauri/src/main.rs
+++ b/src-tauri/src/main.rs
@ -8,23 +8,14 @@ use creddy::{
    app,
    errors::ShowError,
 };
-use creddy_cli::{
-    Action,
-    Cli,
-    RunArgs,
-};
+use creddy_cli::{Action, Cli};


 fn main() {
    let cli = Cli::parse();
    let res = match cli.action {
-        None => {
-            let run_args = RunArgs { minimized: false };
-            app::run(run_args, cli.global_args).error_popup("Creddy encountered an error");
-            Ok(())
-        }
-        Some(Action::Run(run_args)) => {
-            app::run(run_args, cli.global_args).error_popup("Creddy encountered an error");
+        None | Some(Action::Run) => {
+            app::run().error_popup("Creddy encountered an error");
            Ok(())
        },
        Some(Action::Get(args)) => creddy_cli::get(args, cli.global_args),
--- a/src-tauri/src/srv/agent.rs
+++ b/src-tauri/src/srv/agent.rs
@ -6,11 +6,12 @@ use ssh_agent_lib::proto::message::{
 };
 use tauri::{AppHandle, Manager};
 use tokio_stream::StreamExt;
+use tokio::sync::oneshot;
 use tokio_util::codec::Framed;

 use crate::clientinfo;
 use crate::errors::*;
-use crate::ipc::{Approval, RequestNotificationDetail};
+use crate::ipc::{Approval, RequestNotification};
 use crate::state::AppState;

 use super::{CloseWaiter, Stream};
@ -39,7 +40,7 @@ async fn handle(
                // corrupt the framing. Clients don't seem to behave that way though?
                let waiter = CloseWaiter { stream: adapter.get_mut() };
                let resp = sign_request(req, app_handle.clone(), client_pid, waiter).await?;
-
+                
                // have to do this before we send since we can't inspect the message after
                let is_failure = matches!(resp, Message::Failure);
                adapter.send(resp).await?;
@ -68,21 +69,47 @@ async fn sign_request(
    req: SignRequest,
    app_handle: AppHandle,
    client_pid: u32,
-    waiter: CloseWaiter<'_>,
+    mut waiter: CloseWaiter<'_>,
 ) -> Result<Message, HandlerError> {
    let state = app_handle.state::<AppState>();
-
+        let rehide_ms = {
+        let config = state.config.read().await;
+        config.rehide_ms
+    };
    let client = clientinfo::get_client(client_pid, false)?;
-    let key_name = state.ssh_name_from_pubkey(&req.pubkey_blob).await?;
-    let detail = RequestNotificationDetail::new_ssh(client, key_name.clone());
+    let lease = state.acquire_visibility_lease(rehide_ms).await
+        .map_err(|_e| HandlerError::NoMainWindow)?;

-    let response = super::send_credentials_request(detail, app_handle.clone(), waiter).await?;
-    match response.approval {
-        Approval::Approved => {
-            let key = state.sshkey_by_name(&key_name).await?;
-            let sig = key.sign_request(&req)?;
-            Ok(Message::SignResponse(sig))
-        },
-        Approval::Denied => Err(HandlerError::Abandoned),
+    let (chan_send, chan_recv) = oneshot::channel();
+    let request_id = state.register_request(chan_send).await;
+
+    let proceed = async {
+        let key_name = state.ssh_name_from_pubkey(&req.pubkey_blob).await?;
+        let notification = RequestNotification::new_ssh(request_id, client, key_name.clone());
+        app_handle.emit("credential-request", &notification)?;
+
+        let response = tokio::select! {
+            r = chan_recv => r?,
+            _ = waiter.wait_for_close() => {
+                app_handle.emit("request-cancelled", request_id)?;
+                return Err(HandlerError::Abandoned);
+            },
+        };
+
+        if let Approval::Denied = response.approval {
+            return Ok(Message::Failure);
+        }
+
+        let key = state.sshkey_by_name(&key_name).await?;
+        let sig = key.sign_request(&req)?;
+        Ok(Message::SignResponse(sig))
+    };
+
+    let res = proceed.await;
+    if let Err(_) = &res {
+        state.unregister_request(request_id).await;
    }
+
+    lease.release();
+    res
 }
--- a/src-tauri/src/srv/creddy_server.rs
+++ b/src-tauri/src/srv/creddy_server.rs
@ -1,19 +1,10 @@
 use tauri::{AppHandle, Manager};
 use tokio::io::{AsyncReadExt, AsyncWriteExt};
+use tokio::sync::oneshot;

 use crate::clientinfo::{self, Client};
-use crate::credentials::{
-    self,
-    Credential,
-    CredentialRecord,
-    DockerCredential,
-};
 use crate::errors::*;
-use crate::ipc::{
-    Approval,
-    RequestAction,
-    RequestNotificationDetail
-};
+use crate::ipc::{Approval, RequestNotification};
 use crate::shortcuts::{self, ShortcutAction};
 use crate::state::AppState;
 use super::{
@ -55,19 +46,10 @@ async fn handle(

    let req: CliRequest = serde_json::from_slice(&buf)?;
    let res = match req {
-        CliRequest::GetAwsCredential{ name, base } => get_aws_credentials(
+        CliRequest::GetCredential{ name, base } => get_aws_credentials(
            name, base, client, app_handle, waiter
        ).await,
-        CliRequest::GetDockerCredential{ server_url } => get_docker_credential (
-            server_url, client, app_handle, waiter
-        ).await,
-        CliRequest::StoreDockerCredential(docker_credential) => store_docker_credential(
-             docker_credential, app_handle, client, waiter
-        ).await,
-        CliRequest::EraseDockerCredential { server_url } => erase_docker_credential(
-            server_url, app_handle, client, waiter
-        ).await,
-        CliRequest::InvokeShortcut{ action } => invoke_shortcut(action).await,
+        CliRequest::InvokeShortcut(action) => invoke_shortcut(action).await,
    };

    // doesn't make sense to send the error to the client if the client has already left
@ -92,132 +74,59 @@ async fn get_aws_credentials(
    base: bool,
    client: Client,
    app_handle: AppHandle,
-    waiter: CloseWaiter<'_>,
-) -> Result<CliResponse, HandlerError> {
-    let detail = RequestNotificationDetail::new_aws(client, name.clone(), base);
-    let response = super::send_credentials_request(detail, app_handle.clone(), waiter).await?;
-    match response.approval {
-        Approval::Approved => {
-            let state = app_handle.state::<AppState>();
-            if response.base {
-                let creds = state.get_aws_base(name).await?;
-                Ok(CliResponse::Credential(CliCredential::AwsBase(creds)))
-            }
-            else {
-                let creds = state.get_aws_session(name).await?.clone();
-                Ok(CliResponse::Credential(CliCredential::AwsSession(creds)))
-            }
-        },
-        Approval::Denied => Err(HandlerError::Denied),
-    }
-}
-
-async fn get_docker_credential(
-    server_url: String,
-    client: Client,
-    app_handle: AppHandle,
-    waiter: CloseWaiter<'_>,
+    mut waiter: CloseWaiter<'_>,
 ) -> Result<CliResponse, HandlerError> {
    let state = app_handle.state::<AppState>();
-    let meta = state.docker_credential_meta(&server_url).await.unwrap_or(None);
-    if  meta.is_none() {
-        return Err(
-            HandlerError::NoCredentials(
-                GetCredentialsError::Load(
-                    LoadCredentialsError::NoCredentials
-                )
-            )
+    let rehide_ms = {
+        let config = state.config.read().await;
+        config.rehide_ms
+    };
+    let lease = state.acquire_visibility_lease(rehide_ms).await
+        .map_err(|_e| HandlerError::NoMainWindow)?; // automate this conversion eventually?
+
+    let (chan_send, chan_recv) = oneshot::channel();
+    let request_id = state.register_request(chan_send).await;
+
+    // if an error occurs in any of the following, we want to abort the operation
+    // but ? returns immediately, and we want to unregister the request before returning
+    // so we bundle it all up in an async block and return a Result so we can handle errors
+    let proceed = async {
+        let notification = RequestNotification::new_aws(
+            request_id, client, name.clone(), base
        );
-    }
+        app_handle.emit("credential-request", &notification)?;

-    let detail = RequestNotificationDetail::new_docker(
-        RequestAction::Access,
-        client,
-        server_url.clone()
-    );
-    let response = super::send_credentials_request(detail, app_handle.clone(), waiter).await?;
-    match response.approval {
-        Approval::Approved => {
-            let creds = state.get_docker_credential(&server_url).await?;
-            Ok(CliResponse::Credential(CliCredential::Docker(creds)))
-        },
-        Approval::Denied => {
-            Err(HandlerError::Denied)
-        },
-    }
-}
+        let response = tokio::select! {
+            r = chan_recv => r?,
+            _ = waiter.wait_for_close() => {
+                app_handle.emit("request-cancelled", request_id)?;
+                return Err(HandlerError::Abandoned);
+            },
+        };

-async fn store_docker_credential(
-    docker_credential: DockerCredential,
-    app_handle: AppHandle,
-    client: Client,
-    waiter: CloseWaiter<'_>,
-) -> Result<CliResponse, HandlerError> {
-    let state = app_handle.state::<AppState>();
-
-    // We want to do this before asking for confirmation from the user, because Docker has an annoying
-    // habit of calling `get` and then immediately turning around and calling `store` with the same
-    // data. In that case we want to avoid asking for confirmation at all.
-    match state.get_docker_credential(&docker_credential.server_url).await {
-        // if there is already a credential with this server_url, and it is unchanged, we're done
-        Ok(c) if c == docker_credential => return Ok(CliResponse::Empty),
-        // otherwise we are making an update, so proceed
-        Ok(_) => (),
-        // if the app is locked, then this isn't the situation described above, so proceed
-        Err(GetCredentialsError::Locked) => (),
-        // if the app is unlocked, and there is no matching credential, proceed
-        Err(GetCredentialsError::Load(LoadCredentialsError::NoCredentials)) => (),
-        // any other error is a failure
-        Err(e) => return Err(e.into()),
+        match response.approval {
+            Approval::Approved => {
+                if response.base {
+                    let creds = state.get_aws_base(name).await?;
+                    Ok(CliResponse::Credential(CliCredential::AwsBase(creds)))
+                }
+                else {
+                    let creds = state.get_aws_session(name).await?.clone();
+                    Ok(CliResponse::Credential(CliCredential::AwsSession(creds)))
+                }
+            },
+            Approval::Denied => Err(HandlerError::Denied),
+        }
    };

-    let detail = RequestNotificationDetail::new_docker(
-        RequestAction::Save,
-        client,
-        docker_credential.server_url.clone(),
-    );
-    let response = super::send_credentials_request(detail, app_handle.clone(), waiter).await?;
-    if matches!(response.approval, Approval::Denied) {
-        return Err(HandlerError::Denied);
-    }
-
-    let (id, name) = state.docker_credential_meta(&docker_credential.server_url)
-        .await
-        .map_err(|e| GetCredentialsError::Load(e))?
-        .unwrap_or_else(|| (credentials::random_uuid(), docker_credential.server_url.clone()));
-
-    let record = CredentialRecord {
-        id,
-        name,
-        is_default: false,
-        credential: Credential::Docker(docker_credential)
+    let result = match proceed.await {
+        Ok(r) => Ok(r),
+        Err(e) => {
+            state.unregister_request(request_id).await;
+            Err(e)
+        },
    };
-    state.save_credential(record).await?;

-    Ok(CliResponse::Empty)
-}
-
-async fn erase_docker_credential(
-    server_url: String,
-    app_handle: AppHandle,
-    client: Client,
-    waiter: CloseWaiter<'_>
-) -> Result<CliResponse, HandlerError> {
-    let state = app_handle.state::<AppState>();
-
-    let detail = RequestNotificationDetail::new_docker(
-        RequestAction::Delete,
-        client,
-        server_url.clone(),
-    );
-    let resp = super::send_credentials_request(detail, app_handle.clone(), waiter).await?;
-    match resp.approval {
-        Approval::Approved => {
-            state.delete_credential_by_name(&server_url).await?;
-            Ok(CliResponse::Empty)
-        }
-        Approval::Denied => {
-            Err(HandlerError::Denied)
-        }
-    }
+    lease.release();
+    result
 }
--- a/src-tauri/src/srv/mod.rs
+++ b/src-tauri/src/srv/mod.rs
@ -3,22 +3,13 @@ use std::future::Future;
 use tauri::{
    AppHandle,
    async_runtime as rt,
-    Manager,
-    Runtime,
 };
 use tokio::io::AsyncReadExt;
-use tokio::sync::oneshot;
 use serde::{Serialize, Deserialize};

-use crate::credentials::{
-    AwsBaseCredential,
-    AwsSessionCredential,
-    DockerCredential,
-};
+use crate::credentials::{AwsBaseCredential, AwsSessionCredential};
 use crate::errors::*;
-use crate::ipc::{RequestNotification, RequestNotificationDetail, RequestResponse};
 use crate::shortcuts::ShortcutAction;
-use crate::state::AppState;

 pub mod creddy_server;
 pub mod agent;
@ -29,22 +20,12 @@ use platform::Stream;
 // so that we avoid polluting the standalone CLI with a bunch of dependencies
 // that would make it impossible to build a completely static-linked version
 #[derive(Debug, Serialize, Deserialize)]
-#[serde(tag = "type")]
 pub enum CliRequest {
-    GetAwsCredential {
+    GetCredential {
        name: Option<String>,
        base: bool,
    },
-    GetDockerCredential {
-        server_url: String,
-    },
-    StoreDockerCredential(DockerCredential),
-    EraseDockerCredential {
-        server_url: String,
-    },
-    InvokeShortcut{
-        action: ShortcutAction,
-    },
+    InvokeShortcut(ShortcutAction),
 }


@ -59,7 +40,6 @@ pub enum CliResponse {
 pub enum CliCredential {
    AwsBase(AwsBaseCredential),
    AwsSession(AwsSessionCredential),
-    Docker(DockerCredential),
 }


@ -81,11 +61,9 @@ impl<'s> CloseWaiter<'s> {
 }


-// note: AppHandle is generic over `Runtime` for testing
-fn serve<H, F, R>(sock_name: &str, app_handle: AppHandle<R>, handler: H) -> std::io::Result<()>
-    where H: Copy + Send + Fn(Stream, AppHandle<R>, u32) -> F + 'static,
+fn serve<H, F>(sock_name: &str, app_handle: AppHandle, handler: H) -> std::io::Result<()>
+    where H: Copy + Send + Fn(Stream, AppHandle, u32) -> F + 'static,
          F: Send + Future<Output = Result<(), HandlerError>>,
-          R: Runtime
 {
    let (mut listener, addr) = platform::bind(sock_name)?;
    rt::spawn(async move {
@ -109,48 +87,6 @@ fn serve<H, F, R>(sock_name: &str, app_handle: AppHandle<R>, handler: H) -> std:
 }


-async fn send_credentials_request(
-    detail: RequestNotificationDetail,
-    app_handle: AppHandle,
-    mut waiter: CloseWaiter<'_>
-) -> Result<RequestResponse, HandlerError> {
-    let state = app_handle.state::<AppState>();
-    let rehide_ms = {
-        let config = state.config.read().await;
-        config.rehide_ms
-    };
-
-    let lease = state.acquire_visibility_lease(rehide_ms).await
-        .map_err(|_e| HandlerError::NoMainWindow)?;
-
-    let (chan_send, chan_recv) = oneshot::channel();
-    let request_id = state.register_request(chan_send).await;
-    let notification = RequestNotification { id: request_id, detail };
-
-    // the following could fail in various ways, but we want to make sure
-    // the request gets unregistered on any failure, so we wrap this all
-    // up in an async block so that we only have to handle the error case once
-    let proceed = async {
-        app_handle.emit("credential-request", &notification)?;
-        tokio::select! {
-            r = chan_recv => Ok(r?),
-            _ = waiter.wait_for_close() => {
-                app_handle.emit("request-cancelled", request_id)?;
-                Err(HandlerError::Abandoned)
-            },
-        }
-    };
-
-    let res = proceed.await;
-    if let Err(_) = &res {
-        state.unregister_request(request_id).await;
-    }
-
-    lease.release();
-    res
-}
-
-
 #[cfg(unix)]
 mod platform {
    use std::io::ErrorKind;
@ -226,31 +162,3 @@ mod platform {
        Ok((stream, pid))
    }
 }
-
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use tokio::io::AsyncWriteExt;
-
-    #[tokio::test]
-    async fn test_server_connect() {
-        let app = tauri::test::mock_app();
-        serve("creddy_server_test", app.app_handle().clone(), |mut stream, _handle, _pid| {
-            async move {
-                let buf = serde_json::to_vec(&CliResponse::Empty).unwrap();
-                stream.write_all(&buf).await.unwrap();
-                Ok(())
-            }
-        }).unwrap();
-
-        let addr = creddy_cli::server_addr("creddy_server_test");
-        let mut stream = creddy_cli::connect(Some(addr)).await.unwrap();
-
-        let mut buf = Vec::new();
-        stream.read_to_end(&mut buf).await.unwrap();
-        let resp: CliResponse = serde_json::from_slice(&buf).unwrap();
-
-        assert!(matches!(resp, CliResponse::Empty))
-    }
-}
--- a/src-tauri/src/state.rs
+++ b/src-tauri/src/state.rs
@ -19,10 +19,9 @@ use crate::app;
 use crate::credentials::{
    AppSession,
    AwsSessionCredential,
-    DockerCredential,
    SshKey,
 };
-use crate::config::AppConfig;
+use crate::{config, config::AppConfig};
 use crate::credentials::{
    AwsBaseCredential,
    Credential,
@ -32,7 +31,6 @@ use crate::credentials::{
 use crate::ipc::{self, RequestResponse};
 use crate::errors::*;
 use crate::shortcuts;
-use crate::tray;


 #[derive(Debug)]
@ -162,13 +160,6 @@ impl AppState {
        Ok(())
    }

-    pub async fn delete_credential_by_name(&self, name: &str) -> Result<(), SaveCredentialsError> {
-        sqlx::query!("DELETE FROM credentials WHERE name = ?", name)
-            .execute(&self.pool)
-            .await?;
-        Ok(())
-    }
-
    pub async fn list_credentials(&self) -> Result<Vec<CredentialRecord>, GetCredentialsError> {
        let session = self.app_session.read().await;
        let crypto = session.try_get_crypto()?;
@ -202,11 +193,10 @@ impl AppState {

    pub async fn update_config(&self, new_config: AppConfig) -> Result<(), SetupError> {
        let mut live_config = self.config.write().await;
-
+        
        // update autostart if necessary
-        if new_config.start_on_login != live_config.start_on_login
-            || new_config.start_minimized != live_config.start_minimized {
-            new_config.set_auto_launch()?;
+        if new_config.start_on_login != live_config.start_on_login {
+            config::set_auto_launch(new_config.start_on_login)?;
        }

        // re-register hotkeys if necessary
@ -254,11 +244,7 @@ impl AppState {

    pub async fn unlock(&self, passphrase: &str) -> Result<(), UnlockError> {
        let mut session = self.app_session.write().await;
-        session.unlock(passphrase)?;
-        let app_handle = app::APP.get().unwrap();
-        let menu = app_handle.state::<tray::MenuItems>();
-        let _ = menu.after_unlock(); // we don't care if this fails, it's non-essential
-        Ok(())
+        session.unlock(passphrase)
    }

    pub async fn lock(&self) -> Result<(), LockError> {
@ -272,9 +258,6 @@ impl AppState {
                let app_handle = app::APP.get().unwrap();
                app_handle.emit("locked", None::<usize>)?;

-                let menu = app_handle.state::<tray::MenuItems>();
-                let _ = menu.after_lock();
-
                Ok(())
            }
        }
@ -339,30 +322,6 @@ impl AppState {
        Ok(k)
    }

-    pub async fn docker_credential_meta(
-        &self, server_url: &str
-    ) -> Result<Option<(Uuid, String)>, LoadCredentialsError> {
-        let res = sqlx::query!(
-            r#"SELECT
-                c.id as "id: Uuid",
-                c.name
-            FROM
-                credentials c
-                JOIN docker_credentials d
-                    ON d.id = c.id
-            WHERE d.server_url = ?"#,
-            server_url
-        ).fetch_optional(&self.pool).await?;
-        Ok(res.map(|row| (row.id, row.name)))
-    }
-
-    pub async fn get_docker_credential(&self, server_url: &str) -> Result<DockerCredential, GetCredentialsError> {
-        let app_session = self.app_session.read().await;
-        let crypto = app_session.try_get_crypto()?;
-        let d = DockerCredential::load_by("server_url", server_url.to_owned(), crypto, &self.pool).await?;
-        Ok(d)
-    }
-
    pub async fn signal_activity(&self) {
        let mut last_activity = self.last_activity.write().await;
        *last_activity = OffsetDateTime::now_utc();
--- a/src-tauri/src/tray.rs
+++ b/src-tauri/src/tray.rs
@ -7,74 +7,27 @@ use tauri::{
 use tauri::menu::{
    MenuBuilder,
    MenuEvent,
-    MenuItem,
    MenuItemBuilder,
-    PredefinedMenuItem,
 };

 use crate::app;
 use crate::state::AppState;


-pub struct MenuItems {
-    pub status: MenuItem<tauri::Wry>,
-    pub show_hide: MenuItem<tauri::Wry>,
-}
-
-impl MenuItems {
-    pub fn after_show(&self) -> tauri::Result<()> {
-        self.show_hide.set_text("Hide")
-    }
-
-    pub fn after_hide(&self) -> tauri::Result<()> {
-        self.show_hide.set_text("Show")
-    }
-
-    pub fn after_lock(&self) -> tauri::Result<()> {
-        if cfg!(debug_assertions) {
-            self.status.set_text("Creddy (dev): Locked")
-        }
-        else {
-            self.status.set_text("Creddy: Locked")
-        }
-    }
-
-    pub fn after_unlock(&self) -> tauri::Result<()> {
-        if cfg!(debug_assertions) {
-            self.status.set_text("Creddy (dev): Unlocked")
-        }
-        else {
-            self.status.set_text("Creddy: Unlocked")
-        }
-    }
-}
-
-
 pub fn setup(app: &App) -> tauri::Result<()> {
-    let status_text =
-        if cfg!(debug_assertions) {
-            "Creddy (dev): Locked"
-        }
-        else {
-            "Creddy: Locked"
-        };
-
-    let status = MenuItemBuilder::with_id("status", status_text)
-        .enabled(false)
-        .build(app)?;
-    let sep = PredefinedMenuItem::separator(app)?;
    let show_hide = MenuItemBuilder::with_id("show_hide", "Show").build(app)?;
    let exit = MenuItemBuilder::with_id("exit", "Exit").build(app)?;

    let menu = MenuBuilder::new(app)
-        .items(&[&status, &sep, &show_hide, &exit]);
+        .items(&[&show_hide, &exit])
+        .build()?;

    let tray = app.tray_by_id("main").unwrap();
-    tray.set_menu(Some(menu.build()?))?;
+    tray.set_menu(Some(menu))?;
    tray.on_menu_event(handle_event);

-    // stash these so we can find them later to change the text
-    app.manage(MenuItems { status, show_hide });
+    // stash this so we can find it later to change the text
+    app.manage(show_hide);

    Ok(())
 }
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@ -50,7 +50,7 @@
    }
  },
  "productName": "creddy",
-  "version": "0.6.3",
+  "version": "0.5.4",
  "identifier": "creddy",
  "plugins": {},
  "app": {
--- a/src/App.svelte
+++ b/src/App.svelte
@ -14,7 +14,6 @@ import Unlock from './views/Unlock.svelte';
 // set up app state
 invoke('get_config').then(config => $appState.config = config);
 invoke('get_session_status').then(status => $appState.sessionStatus = status);
-invoke('get_devmode').then(dm => $appState.devmode = dm)
 getVersion().then(version => $appState.appVersion = version);
 invoke('get_setup_errors')
    .then(errs => {
@ -52,7 +51,7 @@ acceptRequest();
 </script>


-<svelte:window
+<svelte:window 
    on:click={() => invoke('signal_activity')}
    on:keydown={() => invoke('signal_activity')}
 />
@ -71,9 +70,3 @@ acceptRequest();
    <!-- normal operation -->
    <svelte:component this="{$currentView}" />
 {/if}
-
-{#if $appState.devmode }
-    <div class="fixed left-0 bottom-0 right-0 py-1 bg-warning text-xs text-center text-warning-content">
-        This is a development build of Creddy.
-    </div>
-{/if}
--- a/src/ui/PassphraseInput.svelte
+++ b/src/ui/PassphraseInput.svelte
@ -4,10 +4,10 @@
    export let value = '';
    export let placeholder = '';
    export let autofocus = false;
-    export let show = false;
    let classes = '';
    export {classes as class};

+    let show = false;
    let input;

    export function focus() {
--- a/src/views/Approve.svelte
+++ b/src/views/Approve.svelte
@ -7,7 +7,6 @@
    import ShowResponse from './approve/ShowResponse.svelte';
    import Unlock from './Unlock.svelte';

-    console.log($appState.currentRequest);

    // Extra 50ms so the window can finish disappearing before the redraw
    const rehideDelay = Math.min(5000, $appState.config.rehide_ms + 100);
--- a/src/views/ManageCredentials.svelte
+++ b/src/views/ManageCredentials.svelte
@ -6,8 +6,9 @@

    import AwsCredential from './credentials/AwsCredential.svelte';
    import ConfirmDelete from './credentials/ConfirmDelete.svelte';
-    import DockerCredential from './credentials/DockerCredential.svelte';
    import SshKey from './credentials/SshKey.svelte';
+    // import NewSshKey from './credentials/NewSshKey.svelte';
+    // import EditSshKey from './credentials/EditSshKey.svelte';
    import Icon from '../ui/Icon.svelte';
    import Nav from '../ui/Nav.svelte';

@ -15,7 +16,6 @@
    let records = null
    $: awsRecords = (records || []).filter(r => r.credential.type === 'AwsBase');
    $: sshRecords = (records || []).filter(r => r.credential.type === 'Ssh');
-    $: dockerRecords = (records || []).filter(r => r.credential.type === 'Docker');

    let defaults = writable({});
    async function loadCreds() {
@ -47,17 +47,6 @@
        records = records;
    }

-    function newDocker() {
-        records.push({
-            id: crypto.randomUUID(),
-            name: null,
-            is_default: false,
-            credential: {type: 'Docker', ServerURL: '', Username: '', Secret: ''},
-            isNew: true,
-        });
-        records = records;
-    }
-
    let confirmDelete;
    function handleDelete(evt) {
        const record = evt.detail;
@ -128,29 +117,6 @@
        {/if}
    </div>

-    <div class="flex flex-col gap-y-4">
-        <div class="divider">
-            <h2 class="text-xl font-bold">Docker credentials</h2>
-        </div>
-
-        {#if dockerRecords.length > 0}
-            {#each dockerRecords as record (record.id)}
-                <DockerCredential {record} on:save={loadCreds} on:delete={handleDelete} />
-            {/each}
-            <button class="btn btn-primary btn-wide mx-auto" on:click={newDocker}>
-                <Icon name="plus-circle-mini" class="size-5" />
-                Add
-            </button>
-        {:else if records !== null}
-            <div class="flex flex-col gap-6 items-center rounded-box border-2 border-dashed border-neutral-content/30 p-6">
-                <div>You have no saved Docker credentials.</div>
-                <button class="btn btn-primary btn-wide mx-auto" on:click={newDocker}>
-                    <Icon name="plus-circle-mini" class="size-5" />
-                    Add
-                </button>
-            </div>
-        {/if}
-    </div>
 </div>

 <ConfirmDelete bind:this={confirmDelete} on:confirm={loadCreds} />
--- a/src/views/Settings.svelte
+++ b/src/views/Settings.svelte
@ -20,6 +20,7 @@
    let error = null;
    async function save() {
        try {
+            throw('wtf');
            await invoke('save_config', {config});
            $appState.config = await invoke('get_config');
        }
@ -40,20 +41,18 @@

 <form on:submit|preventDefault={save}>
    <div class="max-w-lg mx-auto my-1.5 p-4 space-y-16">
-        <SettingsGroup name="General">
+        <SettingsGroup name="General">            
            <ToggleSetting title="Start on login" bind:value={config.start_on_login}>
                <svelte:fragment slot="description">
                    Start Creddy when you log in to your computer.
                </svelte:fragment>
            </ToggleSetting>

-            {#if config.start_on_login}
-                <ToggleSetting title="Start minimized" bind:value={config.start_minimized}>
-                    <svelte:fragment slot="description">
-                        Minimize to the system tray when starting on login.
-                    </svelte:fragment>
-                </ToggleSetting>
-            {/if}
+            <ToggleSetting title="Start minimized" bind:value={config.start_minimized}>
+                <svelte:fragment slot="description">
+                    Minimize to the system tray at startup.
+                </svelte:fragment>
+            </ToggleSetting>

            <NumericSetting title="Re-hide delay" bind:value={config.rehide_ms} min={0} unit="Milliseconds">
                <svelte:fragment slot="description">
--- a/src/views/approve/CollectResponse.svelte
+++ b/src/views/approve/CollectResponse.svelte
@ -14,7 +14,7 @@
    // Extract executable name from full path
    const client = $appState.currentRequest.client;
    const m = client.exe?.match(/\/([^/]+?$)|\\([^\\]+?$)/);
-    const appName = m ? m[1] || m[2] : '';
+    const appName = m[1] || m[2];

    const dispatch = createEventDispatcher();

@ -26,12 +26,6 @@
        };
        dispatch('response');
    }
-
-    const actionDescriptions = {
-        Access: 'access your',
-        Delete: 'delete your',
-        Save: 'create new',
-    };
 </script>


@ -40,7 +34,7 @@
        <div>
            <svg xmlns="http://www.w3.org/2000/svg" class="stroke-current flex-shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" /></svg>
            <span>
-                WARNING: This application is requesting your base AWS credentials.
+                WARNING: This application is requesting your base AWS credentials. 
                These credentials are less secure than session credentials, since they don't expire automatically.
            </span>
        </div>
@ -57,8 +51,6 @@
            {/if}
        {:else if $appState.currentRequest.type === 'Ssh'}
            {appName ? `"${appName}"` : 'An application'} would like to use your SSH key "{$appState.currentRequest.key_name}".
-        {:else if $appState.currentRequest.type === 'Docker'}
-            {appName ? `"${appName}"` : 'An application'} would like to {actionDescriptions[$appState.currentRequest.action]} Docker credentials for <code>{$appState.currentRequest.server_url}</code>.
        {/if}
    </h2>

@ -67,8 +59,6 @@
        <code class="">{@html client.exe ? breakPath(client.exe) : 'Unknown'}</code>
        <div class="text-right">PID:</div>
        <code>{client.pid}</code>
-        <div class="text-right">User:</div>
-        <code>{client.username ?? 'Unknown'}</code>
    </div>
 </div>

--- a/src/views/credentials/AwsCredential.svelte
+++ b/src/views/credentials/AwsCredential.svelte
@ -5,19 +5,20 @@

    import ErrorAlert from '../../ui/ErrorAlert.svelte';
    import Icon from '../../ui/Icon.svelte';
-    import PassphraseInput from '../../ui/PassphraseInput.svelte';
-

    export let record;
    export let defaults;

+    import PassphraseInput from '../../ui/PassphraseInput.svelte';
+
+
    const dispatch = createEventDispatcher();

    let showDetails = record.isNew ? true : false;

    let local = JSON.parse(JSON.stringify(record));
    $: isModified = JSON.stringify(local) !== JSON.stringify(record);
-
+    
    // explicitly subscribe to updates to `default`, so that we can update
    // our local copy even if the component hasn't been recreated
    // (sadly we can't use a reactive binding because reasons I guess)
@ -30,7 +31,7 @@
        showDetails = false;
    }

-
+    
 </script>


--- a/src/views/credentials/ConfirmDelete.svelte
+++ b/src/views/credentials/ConfirmDelete.svelte
@ -26,12 +26,9 @@
        if (record.credential.type === 'AwsBase') {
            return 'AWS credential';
        }
-        else if (record.credential.type === 'Ssh') {
+        if (record.credential.type === 'Ssh') {
            return 'SSH key';
        }
-        else {
-            return `${record.credential.type} credential`;
-        }
    }
 </script>

--- a/src/views/credentials/DockerCredential.svelte
+++ b/src/views/credentials/DockerCredential.svelte
@ -1,112 +0,0 @@
-<script>
-
-    import { createEventDispatcher } from 'svelte';
-    import { fade, slide } from 'svelte/transition';
-    import { invoke } from '@tauri-apps/api/core';
-
-    import ErrorAlert from '../../ui/ErrorAlert.svelte';
-    import Icon from '../../ui/Icon.svelte';
-    import PassphraseInput from '../../ui/PassphraseInput.svelte';
-
-
-    export let record;
-
-    let local = JSON.parse(JSON.stringify(record));
-    $: isModified = JSON.stringify(local) !== JSON.stringify(record);
-    let showDetails = record?.isNew;
-
-    let alert;
-    const dispatch = createEventDispatcher();
-    async function saveCredential() {
-        await invoke('save_credential', {record: local});
-        dispatch('save', local);
-        showDetails = false;
-    }
-</script>
-
-<div class="rounded-box space-y-4 bg-base-200">
-    <div class="flex items-center px-6 py-4 gap-x-4">
-        {#if !record.isNew}
-            {#if showDetails}
-                <input
-                    type="text"
-                    class="input input-bordered bg-transparent text-lg font-bold grow"
-                    bind:value={local.name}
-                >
-            {:else}
-                <h3 class="text-lg font-bold break-all">
-                    {record.name}
-                </h3>
-            {/if}
-        {/if}
-
-        <div class="join ml-auto">
-            <button
-                type="button"
-                class="btn btn-outline join-item"
-                on:click={() => showDetails = !showDetails}
-            >
-                <Icon name="pencil" class="size-6" />
-            </button>
-            <button
-                type="button"
-                class="btn btn-outline btn-error join-item"
-                on:click={() => dispatch('delete', record)}
-            >
-                <Icon name="trash" class="size-6" />
-            </button>
-        </div>
-    </div>
-
-    {#if showDetails}
-        <form
-            transition:slide|local={{duration: 200}}
-            class=" px-6 pb-4 space-y-4"
-            on:submit|preventDefault={() => alert.run(saveCredential)}
-        >
-            <ErrorAlert bind:this={alert} />
-
-            <div class="grid grid-cols-[auto_1fr] items-center gap-4">
-                {#if record.isNew}
-                    <span class="justify-self-end">Name</span>
-                    <input
-                        type="text"
-                        class="input input-bordered bg-transparent"
-                        bind:value={local.name}
-                    >
-                {/if}
-
-                <span class="justify-self-end">Server URL</span>
-                <input
-                    type="text"
-                    class="input input-bordered font-mono bg-transparent"
-                    bind:value={local.credential.ServerURL}
-                >
-
-                <span class="justify-self-end">Username</span>
-                <input
-                    type="text"
-                    class="input input-bordered font-mono bg-transparent"
-                    bind:value={local.credential.Username}
-                >
-
-                <span>Password</span>
-                <div class="font-mono">
-                    <PassphraseInput class="bg-transparent" bind:value={local.credential.Secret} />
-                </div>
-            </div>
-
-            <div class="flex justify-end">
-                {#if isModified}
-                    <button
-                        transition:fade={{duration: 100}}
-                        type="submit"
-                        class="btn btn-primary"
-                    >
-                        Save
-                    </button>
-                {/if}
-            </div>
-        </form>
-    {/if}
-</div>
--- a/src/views/passphrase/EnterPassphrase.svelte
+++ b/src/views/passphrase/EnterPassphrase.svelte
@ -14,7 +14,6 @@

    const dispatch = createEventDispatcher();

-    let showPassphrase = false;
    let alert;
    let saving = false;
    let passphrase = '';
@ -53,6 +52,7 @@
        try {
            await alert.run(async () => {
                await invoke('set_passphrase', {passphrase})
+                throw('something bad happened');
                $appState.sessionStatus = 'unlocked';
                dispatch('save');
            });
@ -73,7 +73,6 @@
        </div>
        <PassphraseInput
            bind:value={passphrase}
-            bind:show={showPassphrase}
            on:input={onInput}
            placeholder="correct horse battery staple"
        />
@ -85,7 +84,6 @@
        </div>
        <PassphraseInput
            bind:value={confirmPassphrase}
-            bind:show={showPassphrase}
            on:input={onInput} on:change={onChange}
            placeholder="correct horse battery staple"
        />
Author	SHA1	Message	Date
Joseph Montanaro	e4a7c62828	send SaveCredential request to frontend on docker store	2024-09-19 11:35:18 -04:00
Joseph Montanaro	0fc97d28e0	add Docker credentials to app and CLI	2024-09-19 11:35:18 -04:00
Joseph Montanaro	b1a5f9f11a	start working on docker helper	2024-09-19 11:35:18 -04:00