module SecretConfig

Centralized Configuration and Secrets Management for Ruby and Rails applications.

Expanding values inline for date, time, hostname, pid and random values.

${date}             # Current date in the format of "%Y%m%d" (CCYYMMDD)
${date:format}      # Current date in the supplied format. See strftime
${time}             # Current date and time down to ms in the format of "%Y%m%d%Y%H%M%S%L" (CCYYMMDDHHMMSSmmm)
${time:format}      # Current date and time in the supplied format. See strftime
${env:name}         # Extract value from the named environment value.
                    #   Raises SecretConfig::MissingEnvironmentVariable when the env var is not defined.
${env:name,default} # Extract value from the named environment value.
                    #   Returns the supplied default value when the env var is not defined.
${hostname}         # Full name of this host.
${hostname:short}   # Short name of this host. Everything up to the first period.
${pid}              # Process Id for this process.
${random}           # URL safe Random 32 byte value.
${random:size}      # URL safe Random value of `size` bytes.
${select:a,b,c,d}   # Randomly select one of the supplied values. A new new value is selected on restart or refresh.
                    # Values are separated by `,` and cannot include `,` in their values.
                    # Values are stripped of leading and trailing spaces.

Parse strings containing ${key:value1,value2,value3} Where `key` is a method implemented by a class inheriting from this class

The following `key`s are reserved:

Notes:

Constants

FILTERED
NODE_KEY

When a node is both a value and a hash/branch in the tree, put its value in its hash with the following key:

RANDOM
VERSION

Public Class Methods

check_env_var=(check_env_var) click to toggle source
# File lib/secret_config.rb, line 95
def self.check_env_var=(check_env_var)
  @check_env_var = check_env_var
end
check_env_var?() click to toggle source

Check the environment variables for a matching key and override the value returned from the central registry.

# File lib/secret_config.rb, line 91
def self.check_env_var?
  @check_env_var
end
configure(path) { |config| ... } click to toggle source

Fetch configuration in a block by supplying the root path once.

Example:

SecretConfig.configure("suppliers/kafka_service") do |config|
  Kafka::Client.new(
    seed_brokers:       config.fetch("brokers", separator: ","),
    delivery_interval:  config.fetch("delivery_interval", type: :integer, default: 0),
    delivery_threshold: config.fetch("delivery_threshold", type: :integer, default: 0),
    max_queue_size:     config.fetch("max_queue_size", type: :integer, default: 10_000),
    max_retries:        config.fetch("max_retries", type: :integer, default: -1),
    retry_backoffs:     config.fetch("retry_backoff", type: :integer, default: 0),
  )
end

If `SecretConfig.configure` was not used it would have looked like:

Kafka::Client.new(
  seed_brokers:       SecretConfig.fetch("suppliers/kafka_service/brokers", separator: ","),
  delivery_interval:  SecretConfig.fetch("suppliers/kafka_service/delivery_interval", type: :integer, default: 0),
  delivery_threshold: SecretConfig.fetch("suppliers/kafka_service/delivery_threshold", type: :integer, default: 0),
  max_queue_size:     SecretConfig.fetch("suppliers/kafka_service/max_queue_size", type: :integer, default: 10_000),
  max_retries:        SecretConfig.fetch("suppliers/kafka_service/max_retries", type: :integer, default: -1),
  retry_backoffs:     SecretConfig.fetch("suppliers/kafka_service/retry_backoff", type: :integer, default: 0),
)
# File lib/secret_config.rb, line 69
def self.configure(path)
  config = Config.new(path, registry)
  yield(config)
end
filters() click to toggle source

Filters to apply when returning the configuration

# File lib/secret_config.rb, line 81
def self.filters
  @filters
end
filters=(filters) click to toggle source
# File lib/secret_config.rb, line 85
def self.filters=(filters)
  @filters = filters
end
registry() click to toggle source

Returns the global registry. Unless `.use` was called above, it will default to a file provider.

# File lib/secret_config.rb, line 76
def self.registry
  @registry ||= SecretConfig::Registry.new
end
use(provider, path: nil, **args) click to toggle source

Which provider to use along with any arguments The path will be overriden by env var `SECRET_CONFIG_PATH` if present.

# File lib/secret_config.rb, line 42
def self.use(provider, path: nil, **args)
  @registry = SecretConfig::Registry.new(path: path, provider: provider, provider_args: args)
end