configstore

package
v0.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Overview

Package configstore provides storage backends for GitHub App credentials. It supports multiple storage backends including AWS SSM Parameter Store, local .env files, and individual files.

Index

Constants

View Source 
const (
	EnvGitHubAppID         = "GITHUB_APP_ID"
	EnvGitHubAppSlug       = "GITHUB_APP_SLUG"
	EnvGitHubAppHTMLURL    = "GITHUB_APP_HTML_URL"
	EnvGitHubAppPrivateKey = "GITHUB_APP_PRIVATE_KEY"
	EnvGitHubWebhookSecret = "GITHUB_WEBHOOK_SECRET"
	EnvGitHubClientID      = "GITHUB_CLIENT_ID"
	EnvGitHubClientSecret  = "GITHUB_CLIENT_SECRET"
)
View Source 
const (
	EnvGitHubAppInstallerEnabled = "GITHUB_APP_INSTALLER_ENABLED"
	EnvStorageMode               = "STORAGE_MODE"
	EnvStorageDir                = "STORAGE_DIR"
	EnvAWSSSMParameterPfx        = "AWS_SSM_PARAMETER_PREFIX"
	EnvAWSSSMKMSKeyID            = "AWS_SSM_KMS_KEY_ID"
	EnvAWSSSMTags                = "AWS_SSM_TAGS"
)
View Source 
const (
	// StorageModeEnvFile saves credentials to a .env file (default mode).
	StorageModeEnvFile = "envfile"
	// StorageModeFiles saves credentials as individual files in a directory.
	StorageModeFiles = "files"
	// StorageModeAWSSSM saves credentials to AWS SSM Parameter Store.
	StorageModeAWSSSM = "aws-ssm"
)

Storage mode constants for STORAGE_MODE environment variable.

Variables

This section is empty.

Functions

func GetEnvDefault 

func GetEnvDefault(key, defaultValue string) string

GetEnvDefault returns an env var value, or defaultValue if not set or empty.

func InstallerEnabled 

func InstallerEnabled() bool

InstallerEnabled returns true if the installer is enabled via environment variable.

Types

type AWSSSMStore 

type AWSSSMStore struct {
	ParameterPrefix string
	KMSKeyID        string
	Tags            map[string]string
	// contains filtered or unexported fields
}

AWSSSMStore saves credentials to AWS SSM Parameter Store with encryption.

func NewAWSSSMStore 

func NewAWSSSMStore(prefix string, opts ...SSMStoreOption) (*AWSSSMStore, error)

NewAWSSSMStore creates a new AWS SSM Parameter Store backend. The prefix is normalized to always end with a slash.

func (*AWSSSMStore) DisableInstaller 

func (s *AWSSSMStore) DisableInstaller(ctx context.Context) error

DisableInstaller sets a parameter to disable the installer.

func (*AWSSSMStore) Save 

func (s *AWSSSMStore) Save(ctx context.Context, creds *AppCredentials) error

Save writes credentials to AWS SSM as encrypted SecureString parameters.

func (*AWSSSMStore) Status 

func (s *AWSSSMStore) Status(ctx context.Context) (*InstallerStatus, error)

Status returns the current registration state by checking required SSM parameters.

type AppCredentials 

type AppCredentials struct {
	AppID         int64      `json:"id"`
	AppSlug       string     `json:"slug"`
	ClientID      string     `json:"client_id"`
	ClientSecret  string     `json:"client_secret"`
	WebhookSecret string     `json:"webhook_secret"`
	PrivateKey    string     `json:"pem"`
	HTMLURL       string     `json:"html_url"`
	HookConfig    HookConfig `json:"hook_config"`

	// CustomFields stores additional app-specific values alongside credentials.
	CustomFields map[string]string `json:"-"`
}

AppCredentials holds credentials returned from GitHub App manifest creation.

type HookConfig 

type HookConfig struct {
	URL string `json:"url"`
}

HookConfig contains webhook configuration returned from GitHub.

type InstallerStatus 

type InstallerStatus struct {
	Registered        bool
	InstallerDisabled bool
	AppID             int64
	AppSlug           string
	HTMLURL           string
}

InstallerStatus describes the current GitHub App registration state.

type LocalEnvFileStore 

type LocalEnvFileStore struct {
	FilePath string
}

LocalEnvFileStore saves credentials to a .env file.

func NewLocalEnvFileStore 

func NewLocalEnvFileStore(filepath string) *LocalEnvFileStore

NewLocalEnvFileStore creates a store that saves credentials to the given path.

func (*LocalEnvFileStore) DisableInstaller 

func (s *LocalEnvFileStore) DisableInstaller(ctx context.Context) error

DisableInstaller sets GITHUB_APP_INSTALLER_ENABLED=false in the .env file.

func (*LocalEnvFileStore) Save 

func (s *LocalEnvFileStore) Save(ctx context.Context, creds *AppCredentials) error

Save writes credentials to .env format, preserving existing content. It also sets the environment variables in the current process so they are immediately available to the application.

func (*LocalEnvFileStore) Status 

func (s *LocalEnvFileStore) Status(ctx context.Context) (*InstallerStatus, error)

Status returns the current registration state by checking the .env file.

type LocalFileStore 

type LocalFileStore struct {
	Dir string
}

LocalFileStore saves credentials as individual files in a directory.

func NewLocalFileStore 

func NewLocalFileStore(dir string) *LocalFileStore

NewLocalFileStore creates a store that saves credentials as files in dir.

func (*LocalFileStore) DisableInstaller 

func (s *LocalFileStore) DisableInstaller(ctx context.Context) error

DisableInstaller creates a marker file to disable the installer.

func (*LocalFileStore) Save 

func (s *LocalFileStore) Save(ctx context.Context, creds *AppCredentials) error

Save writes credentials to individual files in the store directory.

func (*LocalFileStore) Status 

func (s *LocalFileStore) Status(ctx context.Context) (*InstallerStatus, error)

Status returns the current registration state by checking required files.

type SSMClient 

type SSMClient interface {
	PutParameter(ctx context.Context, params *ssm.PutParameterInput,
		optFns ...func(*ssm.Options)) (*ssm.PutParameterOutput, error)
	GetParameter(ctx context.Context, params *ssm.GetParameterInput,
		optFns ...func(*ssm.Options)) (*ssm.GetParameterOutput, error)
}

SSMClient defines the interface for AWS SSM operations.

type SSMStoreOption 

type SSMStoreOption func(*AWSSSMStore)

SSMStoreOption is a functional option for configuring AWSSSMStore.

func WithKMSKey 

func WithKMSKey(keyID string) SSMStoreOption

WithKMSKey sets a custom KMS key ID for parameter encryption.

func WithSSMClient 

func WithSSMClient(client SSMClient) SSMStoreOption

WithSSMClient sets a custom SSM client.

func WithTags 

func WithTags(tags map[string]string) SSMStoreOption

WithTags adds AWS tags to all created parameters.

type Store 

type Store interface {
	Save(ctx context.Context, creds *AppCredentials) error
	Status(ctx context.Context) (*InstallerStatus, error)
	DisableInstaller(ctx context.Context) error
}

Store saves app credentials to various backends (local disk, AWS SSM, etc).

func NewFromEnv 

func NewFromEnv() (Store, error)

NewFromEnv creates a Store based on environment variable configuration. It reads STORAGE_MODE to determine the backend type:

  • "envfile" (default): saves to a .env file at STORAGE_DIR (default: ./.env)
  • "files": saves to individual files in STORAGE_DIR directory
  • "aws-ssm": saves to AWS SSM Parameter Store with AWS_SSM_PARAMETER_PREFIX

Returns an error if configuration is invalid or store creation fails.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.