cargo fmt

Author: zfarrell

src/catalog/backend.rs

@@ -309,4 +309,3 @@ where
         Ok(())
     }
 }
-

src/catalog/sqlite_manager.rs

@@ -275,19 +275,17 @@ impl CatalogManager for SqliteCatalogManager {
                 .execute(self.backend.pool())
                 .await?
             }
-            None => {
-                sqlx::query(
-                    "UPDATE secrets SET provider = ?, provider_ref = ?, status = ?, updated_at = ? \
+            None => sqlx::query(
+                "UPDATE secrets SET provider = ?, provider_ref = ?, status = ?, updated_at = ? \
                      WHERE name = ?",
-                )
-                .bind(&metadata.provider)
-                .bind(&metadata.provider_ref)
-                .bind(metadata.status.as_str())
-                .bind(&updated_at)
-                .bind(&metadata.name)
-                .execute(self.backend.pool())
-                .await?
-            }
+            )
+            .bind(&metadata.provider)
+            .bind(&metadata.provider_ref)
+            .bind(metadata.status.as_str())
+            .bind(&updated_at)
+            .bind(&metadata.name)
+            .execute(self.backend.pool())
+            .await?,
         };
 
         Ok(result.rows_affected() > 0)

src/datafetch/native/postgres.rs

@@ -61,7 +61,9 @@ pub async fn resolve_connection_string(
         .await
         .map_err(|e| DataFetchError::Connection(e.to_string()))?;
 
-    Ok(build_connection_string(host, port, user, database, &password))
+    Ok(build_connection_string(
+        host, port, user, database, &password,
+    ))
 }
 
 /// Connect to PostgreSQL with automatic SSL retry.

src/secrets/backend.rs

@@ -63,11 +63,10 @@ pub trait SecretBackend: Debug + Send + Sync {
     ///
     /// Returns a `BackendWrite` so the manager knows whether it was a create
     /// vs update and can persist any backend-provided metadata.
-    async fn put(&self, record: &SecretRecord, value: &[u8])
-        -> Result<BackendWrite, BackendError>;
+    async fn put(&self, record: &SecretRecord, value: &[u8]) -> Result<BackendWrite, BackendError>;
 
     /// Delete the entry identified by `record`.
     ///
     /// Returns `true` if something was deleted, `false` if it didn't exist.
     async fn delete(&self, record: &SecretRecord) -> Result<bool, BackendError>;
-}
+}

src/secrets/encrypted_catalog_backend.rs

@@ -97,11 +97,7 @@ impl SecretBackend for EncryptedCatalogBackend {
         }
     }
 
-    async fn put(
-        &self,
-        record: &SecretRecord,
-        value: &[u8],
-    ) -> Result<BackendWrite, BackendError> {
+    async fn put(&self, record: &SecretRecord, value: &[u8]) -> Result<BackendWrite, BackendError> {
         // Encrypt the value using the secret name as AAD
         let ciphertext = encrypt(&self.key, value, &record.name)
             .map_err(|e| BackendError::Storage(format!("Encryption failed: {}", e)))?;
@@ -268,7 +264,10 @@ mod tests {
         let result = backend2.get(&rec).await;
 
         assert!(result.is_err());
-        assert!(result.unwrap_err().to_string().contains("Decryption failed"));
+        assert!(result
+            .unwrap_err()
+            .to_string()
+            .contains("Decryption failed"));
     }
 
     #[tokio::test]
@@ -308,4 +307,4 @@ mod tests {
         let result = EncryptedCatalogBackend::from_base64_key("not-valid-base64!!!", catalog);
         assert!(result.is_err());
     }
-}
+}

src/secrets/encryption.rs

@@ -25,8 +25,8 @@ const HEADER_SIZE: usize = 4 + 1 + 1 + NONCE_SIZE; // 18 bytes
 /// * `plaintext` - Data to encrypt
 /// * `aad` - Associated authenticated data (secret name, prevents blob swapping)
 pub fn encrypt(key: &[u8; 32], plaintext: &[u8], aad: &str) -> Result<Vec<u8>, EncryptError> {
-    let cipher = Aes256GcmSiv::new_from_slice(key)
-        .map_err(|e| EncryptError::CipherInit(e.to_string()))?;
+    let cipher =
+        Aes256GcmSiv::new_from_slice(key).map_err(|e| EncryptError::CipherInit(e.to_string()))?;
 
     // Generate random nonce
     let mut nonce_bytes = [0u8; NONCE_SIZE];
@@ -89,8 +89,8 @@ pub fn decrypt(key: &[u8; 32], encrypted: &[u8], aad: &str) -> Result<Vec<u8>, D
         .expect("slice length matches NONCE_SIZE");
     let ciphertext = &encrypted[HEADER_SIZE..];
 
-    let cipher = Aes256GcmSiv::new_from_slice(key)
-        .map_err(|e| DecryptError::CipherInit(e.to_string()))?;
+    let cipher =
+        Aes256GcmSiv::new_from_slice(key).map_err(|e| DecryptError::CipherInit(e.to_string()))?;
 
     let nonce = Nonce::from(nonce_bytes);
 
@@ -233,4 +233,4 @@ mod tests {
         let decrypted = decrypt(&key, &encrypted, "name").unwrap();
         assert_eq!(decrypted, plaintext);
     }
-}
+}

src/source.rs

@@ -19,9 +19,10 @@ impl Credential {
         match self {
             Credential::None => Err(anyhow::anyhow!("no credential configured")),
             Credential::SecretRef { name } => {
-                let bytes = secrets.get(name).await.map_err(|e| {
-                    anyhow::anyhow!("failed to resolve secret '{}': {}", name, e)
-                })?;
+                let bytes = secrets
+                    .get(name)
+                    .await
+                    .map_err(|e| anyhow::anyhow!("failed to resolve secret '{}': {}", name, e))?;
                 String::from_utf8(bytes)
                     .map_err(|_| anyhow::anyhow!("secret '{}' is not valid UTF-8", name))
             }

tests/catalog_manager_suite.rs

@@ -479,15 +479,10 @@ macro_rules! catalog_manager_tests {
                 };
 
                 // First create should succeed
-                catalog
-                    .create_secret_metadata(&metadata)
-                    .await
-                    .unwrap();
+                catalog.create_secret_metadata(&metadata).await.unwrap();
 
                 // Second create with same name should fail (unique constraint)
-                let result = catalog
-                    .create_secret_metadata(&metadata)
-                    .await;
+                let result = catalog.create_secret_metadata(&metadata).await;
 
                 assert!(result.is_err());
             }

tests/datafetch_tests.rs

@@ -155,7 +155,14 @@ async fn test_duckdb_fetch_table() {
     let mut writer = StreamingParquetWriter::new(output_path.clone());
 
     let result = fetcher
-        .fetch_table(&source, &secrets, None, "test_schema", "products", &mut writer)
+        .fetch_table(
+            &source,
+            &secrets,
+            None,
+            "test_schema",
+            "products",
+            &mut writer,
+        )
         .await;
     assert!(result.is_ok(), "Fetch should succeed: {:?}", result.err());
 
@@ -187,4 +194,4 @@ async fn test_duckdb_fetch_table() {
     assert!(schema.field_with_name("name").is_ok());
     assert!(schema.field_with_name("price").is_ok());
     assert!(schema.field_with_name("in_stock").is_ok());
-}
+}

tests/http_server_tests.rs

@@ -802,7 +802,10 @@ async fn test_update_secret() -> Result<()> {
 
     // Verify updated_at is different from created_at
     let updated_at = update_json["updated_at"].as_str().unwrap();
-    assert_ne!(created_at, updated_at, "updated_at should change after update");
+    assert_ne!(
+        created_at, updated_at,
+        "updated_at should change after update"
+    );
 
     // Verify the new value can be retrieved via the manager
     let secret_value = app.engine.secret_manager().get("test_secret").await?;