Hi everyone,
I'd appreciate a code review of my project Cipher — a distributed Secret Rotation Service built as a capstone project for RustCamp UA certification.
Repo: GitHub - misikdmytro/cipher · GitHub
PR with full implementation: cipher by misikdmytro · Pull Request #1 · misikdmytro/cipher · GitHub
What it does
Cipher automates rotation of secrets stored in AWS Secrets Manager. It's split into 4 services in a Cargo workspace:
- API — HTTP REST (Actix-web), owns secrets metadata & webhook CRUD
- Scheduler — orchestrates rotation schedules, publishes events via RabbitMQ
- Rotator — stateless worker, executes actual rotation against AWS (blue/green strategy), publishes status events
- Notificator — consumes rotation events, delivers webhook notifications
Services talk to each other over gRPC (sync) and RabbitMQ/AMQP (async events). PostgreSQL via sqlx for persistence.
Stack / crates
Actix-web, tonic (gRPC + protobuf), sqlx (Postgres), lapin (RabbitMQ), AWS SDK, tokio, tracing, utoipa (OpenAPI docs).
What I'm looking for feedback on
- Overall architecture — does the service decomposition and communication pattern (gRPC + AMQP) make sense? Anything over-engineered or missing?
- Idiomatic Rust — trait usage, error handling, module structure, anything that smells off
- Domain modeling — the
domaincrate, how types and boundaries are defined - Async patterns — task spawning, graceful shutdown, RabbitMQ consumer lifecycle
- Testing approach — integration test setup, mocking strategies
This is a learning project, so don't hold back — blunt feedback is welcome.
Thanks!