config

package
v0.466.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 17, 2025 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Overview

Package config is the FTL configuration and secret management API.

Index

Constants

View Source 
const ASMSyncInterval = time.Second * 10
View Source 
const OnePasswordSyncInterval = time.Second * 10

Variables

View Source 
var ErrNotFound = errors.New("not found")

ErrNotFound is returned when a configuration entry is not found or cannot be resolved.

Functions

func Load 

func Load[T any, R Role](ctx context.Context, provider Provider[R], ref Ref) (out T, err error)

Load a typed configuration value.

func NewASMFactory 

func NewASMFactory(client ASMClient) (ProviderKind, Factory[Secrets])

func NewFileProviderFactory 

func NewFileProviderFactory[R Role]() (ProviderKind, Factory[R])

NewFileProviderFactory creates a new FileProvider for the given role.

The path is the directory where the file will be stored. The file will be named after the role, either "configuration.json" or "secrets.json".

func NewMemoryProviderFactory 

func NewMemoryProviderFactory[R Role]() (ProviderKind, Factory[R])

func NewOnePasswordProviderFactory 

func NewOnePasswordProviderFactory() (ProviderKind, Factory[Secrets])

func NewRemoteProviderFactory 

func NewRemoteProviderFactory[R Role](client adminpbconnect.AdminServiceClient) (ProviderKind, Factory[R])

func Store 

func Store[T any, R Role](ctx context.Context, provider Provider[R], ref Ref, value T) error

Store a typed configuration value.

Types

type ASM 

type ASM struct {
	// contains filtered or unexported fields
}

func NewASM 

func NewASM(realm string, client ASMClient) *ASM

func (*ASM) Close 

func (a *ASM) Close(ctx context.Context) error

func (*ASM) Delete 

func (a *ASM) Delete(ctx context.Context, ref Ref) error

func (*ASM) Key 

func (a *ASM) Key() ProviderKey

func (*ASM) Role 

func (a *ASM) Role() Secrets

func (*ASM) Store 

func (a *ASM) Store(ctx context.Context, ref Ref, value []byte) error

func (*ASM) Sync 

func (a *ASM) Sync(ctx context.Context) (map[Ref]SyncedValue, error)

func (*ASM) SyncInterval 

func (a *ASM) SyncInterval() time.Duration

type ASMClient 

type ASMClient interface {
	DeleteSecret(ctx context.Context, input *secretsmanager.DeleteSecretInput, options ...func(*secretsmanager.Options)) (*secretsmanager.DeleteSecretOutput, error)
	CreateSecret(ctx context.Context, input *secretsmanager.CreateSecretInput, options ...func(*secretsmanager.Options)) (*secretsmanager.CreateSecretOutput, error)
	UpdateSecret(ctx context.Context, input *secretsmanager.UpdateSecretInput, options ...func(*secretsmanager.Options)) (*secretsmanager.UpdateSecretOutput, error)
	ListSecrets(ctx context.Context, input *secretsmanager.ListSecretsInput, options ...func(*secretsmanager.Options)) (*secretsmanager.ListSecretsOutput, error)
	BatchGetSecretValue(ctx context.Context, input *secretsmanager.BatchGetSecretValueInput, options ...func(*secretsmanager.Options)) (*secretsmanager.BatchGetSecretValueOutput, error)
}

type ASMSecret 

type ASMSecret struct {
	Value   []byte
	Created time.Time
	Updated time.Time
}

type AsynchronousProvider 

type AsynchronousProvider[R Role] interface {
	BaseProvider[R]

	// SyncInterval returns the desired time between syncs.
	SyncInterval() time.Duration

	// Sync is called periodically to update the cache with the latest values.
	//
	// SyncInterval() provides the desired time between syncs.
	//
	// If Sync() returns an error, sync will be retried with an exponential backoff.
	Sync(ctx context.Context) (map[Ref]SyncedValue, error)
}

AsynchronousProvider is an interface for Provider's that support syncing values. This is recommended if the Provider allows batch access, or is expensive to load.

type BaseProvider 

type BaseProvider[R Role] interface {
	// Role returns the role of the provider (either Configuration or Secrets)
	Role() R

	// Key returns the key of the provider.
	Key() ProviderKey

	// Store a configuration value and return its key.
	Store(ctx context.Context, ref Ref, value []byte) error
	// Delete a configuration value.
	Delete(ctx context.Context, ref Ref) error
	// Close the provider.
	Close(ctx context.Context) error
}

BaseProvider is the base generic interface for storing and retrieving configuration and secrets.

Note that implementations of this interface should be thread-safe, and also must implement either SynchronousProvider or AsynchronousProvider.

type CacheDecorator 

type CacheDecorator[R Role] struct {
	// contains filtered or unexported fields
}

CacheDecorator decorates asynchronous providers with a cache to provide synchronous access.

func NewCacheDecorator 

func NewCacheDecorator[R Role](ctx context.Context, provider AsynchronousProvider[R]) *CacheDecorator[R]

NewCacheDecorator decorates asynchronous providers with a cache to provide synchronous access.

The returned cache will block until the initial synchronization is complete, and will periodically refresh the cache based on the provider's refresh interval.

func (*CacheDecorator[R]) Close 

func (c *CacheDecorator[R]) Close(ctx context.Context) error

func (*CacheDecorator[R]) Delete 

func (c *CacheDecorator[R]) Delete(ctx context.Context, ref Ref) error

func (*CacheDecorator[R]) Key 

func (c *CacheDecorator[R]) Key() ProviderKey

func (*CacheDecorator[R]) List 

func (c *CacheDecorator[R]) List(ctx context.Context, withValues bool) ([]Value, error)

func (*CacheDecorator[R]) Load 

func (c *CacheDecorator[R]) Load(ctx context.Context, ref Ref) ([]byte, error)

func (*CacheDecorator[R]) Role 

func (c *CacheDecorator[R]) Role() R

func (*CacheDecorator[R]) Store 

func (c *CacheDecorator[R]) Store(ctx context.Context, ref Ref, value []byte) error

type Configuration 

type Configuration struct{}

func (Configuration) String 

func (Configuration) String() string

type Entry 

type Entry struct {
	Ref
	Accessor *url.URL
}

Entry in the configuration store.

type EnvarDecorator 

type EnvarDecorator[R Role] struct {
	Provider[R]
}

EnvarDecorator overlays an existing provider with one that loads values from environment variables in the form FTL_<ROLE>_<MODULE>_<NAME>. eg. FTL_CONFIGURATION_ECHO_USERNAME

func NewEnvarDecorator 

func NewEnvarDecorator[R Role](provider Provider[R]) *EnvarDecorator[R]

NewEnvarDecorator overlays an existing provider with one that loads values from environment variables in the form FTL_<ROLE>_<MODULE>_<NAME>. eg. FTL_CONFIGURATION_ECHO_USERNAME

func (*EnvarDecorator[R]) Close 

func (e *EnvarDecorator[R]) Close(ctx context.Context) error

func (*EnvarDecorator[R]) Delete 

func (e *EnvarDecorator[R]) Delete(ctx context.Context, ref Ref) error

func (*EnvarDecorator[R]) List 

func (e *EnvarDecorator[R]) List(ctx context.Context, withValues bool) ([]Value, error)

func (*EnvarDecorator[R]) Load 

func (e *EnvarDecorator[R]) Load(ctx context.Context, ref Ref) ([]byte, error)

func (*EnvarDecorator[R]) Store 

func (e *EnvarDecorator[R]) Store(ctx context.Context, ref Ref, value []byte) error

type Factory 

type Factory[R Role] func(ctx context.Context, projectRoot string, key ProviderKey) (BaseProvider[R], error)

Factory is a function that creates a Provider.

"projectRoot" is the root directory of the project. "key" is the provider key, including any configuration options.

type FileProvider 

type FileProvider[R Role] struct {
	// contains filtered or unexported fields
}

func NewFileProvider 

func NewFileProvider[R Role](profile, dir string) *FileProvider[R]

NewFileProvider stores configuration/secrets in a file.

Mutations are atomic and concurrent safe, using a lock file to prevent concurrent writes.

func (*FileProvider[R]) Close 

func (f *FileProvider[R]) Close(ctx context.Context) error

func (*FileProvider[R]) Delete 

func (f *FileProvider[R]) Delete(ctx context.Context, ref Ref) error

func (*FileProvider[R]) Key 

func (f *FileProvider[R]) Key() ProviderKey

func (*FileProvider[R]) List 

func (f *FileProvider[R]) List(ctx context.Context, withValues bool) ([]Value, error)

func (*FileProvider[R]) Load 

func (f *FileProvider[R]) Load(ctx context.Context, ref Ref) ([]byte, error)

func (*FileProvider[R]) Role 

func (f *FileProvider[R]) Role() R

func (*FileProvider[R]) Store 

func (f *FileProvider[R]) Store(ctx context.Context, ref Ref, value []byte) error

type MemoryProvider 

type MemoryProvider[R Role] struct {
	// contains filtered or unexported fields
}

func NewMemoryProvider 

func NewMemoryProvider[R Role]() *MemoryProvider[R]

func (*MemoryProvider[R]) Close 

func (m *MemoryProvider[R]) Close(ctx context.Context) error

func (*MemoryProvider[R]) Delete 

func (m *MemoryProvider[R]) Delete(ctx context.Context, ref Ref) error

func (*MemoryProvider[R]) Key 

func (m *MemoryProvider[R]) Key() ProviderKey

func (*MemoryProvider[R]) List 

func (m *MemoryProvider[R]) List(ctx context.Context, withValues bool) ([]Value, error)

func (*MemoryProvider[R]) Load 

func (m *MemoryProvider[R]) Load(ctx context.Context, ref Ref) ([]byte, error)

func (*MemoryProvider[R]) Role 

func (m *MemoryProvider[R]) Role() R

func (*MemoryProvider[R]) Store 

func (m *MemoryProvider[R]) Store(ctx context.Context, ref Ref, value []byte) error

type OnePasswordProvider 

type OnePasswordProvider struct {
	// contains filtered or unexported fields
}

OnePasswordProvider is a configuration provider that reads passwords from 1Password vaults via the "op" command line tool.

func NewOnePasswordProvider 

func NewOnePasswordProvider(vault, realm string) (OnePasswordProvider, error)

func (OnePasswordProvider) Close 

func (o OnePasswordProvider) Close(ctx context.Context) error

func (OnePasswordProvider) Delete 

func (o OnePasswordProvider) Delete(ctx context.Context, ref Ref) error

func (OnePasswordProvider) Key 

func (o OnePasswordProvider) Key() ProviderKey

Key in the form op:<vault>.

func (OnePasswordProvider) Role 

func (OnePasswordProvider) Role() Secrets

func (OnePasswordProvider) Store 

func (o OnePasswordProvider) Store(ctx context.Context, ref Ref, value []byte) error

Store will save the given secret in 1Password via the `op` command.

op does not support "create or update" as a single command. Neither does it support specifying an ID on create. Because of this, we need check if the item exists before creating it, and update it if it does.

func (OnePasswordProvider) Sync 

func (o OnePasswordProvider) Sync(ctx context.Context) (map[Ref]SyncedValue, error)

Sync will fetch all secrets from the 1Password vault and store them in the values map. Do not just sync the o.Vault, instead find all vaults found in entries and sync them.

func (OnePasswordProvider) SyncInterval 

func (o OnePasswordProvider) SyncInterval() time.Duration

type Provider 

type Provider[R Role] interface {
	BaseProvider[R]

	// Load a configuration value.
	Load(ctx context.Context, ref Ref) ([]byte, error)
	// List all configuration keys.
	List(ctx context.Context, withValues bool) ([]Value, error)
}

Provider is an interface for storing and retrieving configuration and secrets.

type ProviderKey 

type ProviderKey string

ProviderKey is the key of a provider, eg. "op:realm:vault".

func NewProviderKey 

func NewProviderKey(kind ProviderKind, payload ...string) ProviderKey

func (ProviderKey) Kind 

func (p ProviderKey) Kind() ProviderKind

func (ProviderKey) Payload 

func (p ProviderKey) Payload() []string

func (ProviderKey) String 

func (p ProviderKey) String() string

type ProviderKind 

type ProviderKind string

ProviderKind is the kind of provider, eg. "asm", "file", etc. 

const ASMProviderKind ProviderKind = "asm"
const MemoryProviderKind ProviderKind = "memory"
const OnePasswordProviderKind ProviderKind = "op"
const RemoteProviderKind ProviderKind = "remote"
var FileProviderKind ProviderKind = "file"

func (ProviderKind) String 

func (p ProviderKind) String() string

type Ref 

type Ref struct {
	// If [Module] is omitted the Ref is considered to be a global value.
	Module optional.Option[string]
	Name   string
}

A Ref is a reference to a configuration value.

func NewRef 

func NewRef(module optional.Option[string], name string) Ref

NewRef creates a new Ref.

If [module] is empty, the Ref is considered to be a global configuration value.

func ParseRef 

func ParseRef(s string) Ref

ParseRef parses a string into a Ref.

func (Ref) String 

func (k Ref) String() string

func (*Ref) UnmarshalText 

func (k *Ref) UnmarshalText(text []byte) error

type Registry 

type Registry[R Role] struct {
	// contains filtered or unexported fields
}

Registry that lazily constructs configuration providers.

func NewConfigurationRegistry 

func NewConfigurationRegistry(adminClient adminpbconnect.AdminServiceClient) *Registry[Configuration]

func NewRegistry 

func NewRegistry[R Role]() *Registry[R]

func NewSecretsRegistry 

func NewSecretsRegistry(adminClient adminpbconnect.AdminServiceClient) *Registry[Secrets]

func (*Registry[R]) Get 

func (r *Registry[R]) Get(ctx context.Context, projectRoot string, key ProviderKey) (Provider[R], error)

func (*Registry[R]) Providers 

func (r *Registry[R]) Providers() []ProviderKind

Providers returns the list of registered provider keys.

func (*Registry[R]) Register 

func (r *Registry[R]) Register(name ProviderKind, factory Factory[R])

type RemoteProvider 

type RemoteProvider[R Role] struct {
	// contains filtered or unexported fields
}

RemoteProvider provides configuration management of a remote cluster via the FTL admin service.

func NewRemoteProvider 

func NewRemoteProvider[R Role](client adminpbconnect.AdminServiceClient) *RemoteProvider[R]

func (*RemoteProvider[R]) Close 

func (s *RemoteProvider[R]) Close(ctx context.Context) error

func (*RemoteProvider[R]) Delete 

func (s *RemoteProvider[R]) Delete(ctx context.Context, ref Ref) error

func (*RemoteProvider[R]) Key 

func (s *RemoteProvider[R]) Key() ProviderKey

func (*RemoteProvider[R]) List 

func (s *RemoteProvider[R]) List(ctx context.Context, withValues bool) ([]Value, error)

func (*RemoteProvider[R]) Load 

func (s *RemoteProvider[R]) Load(ctx context.Context, ref Ref) ([]byte, error)

func (*RemoteProvider[R]) Role 

func (s *RemoteProvider[R]) Role() R

func (*RemoteProvider[R]) Store 

func (s *RemoteProvider[R]) Store(ctx context.Context, ref Ref, value []byte) error

type Role 

type Role interface {
	Secrets | Configuration
	String() string
}

Role of a Provider.

type Secrets 

type Secrets struct{}

func (Secrets) String 

func (Secrets) String() string

type SyncedValue 

type SyncedValue struct {
	Value []byte

	// VersionToken is a way of storing a version provided by the source of truth (eg: lastModified)
	// it is nil when:
	// - the owner of the cache is not using version tokens
	// - the cache is updated after writing
	VersionToken optional.Option[VersionToken]
}

type Value 

type Value struct {
	Ref
	Value optional.Option[[]byte]
}

Value represents a configuration value with its reference.

type VersionToken 

type VersionToken any

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.