README
¶
config
This repository contains the configuration parsing and management package designed for Emitter (https://emitter.io) service and related services. The configuration contains a flexible and multi-level secret overrides with Environment Variable and Hashicorp Vault providers implemented out of the box.
Installation
If you want to use this package, you can simply go get it as shown below.
go get github.com/emitter-io/config
Usage
import (
cfg "github.com/emitter-io/config"
)
// NewDefault creates a default configuration.
func NewDefault() cfg.Config {
return &Config{
ListenAddr: ":8080",
Cluster: &ClusterConfig{
ListenAddr: ":4000",
AdvertiseAddr: "public:4000",
Passphrase: "emitter-io",
},
}
}
// Config represents main configuration.
type Config struct {
ListenAddr string `json:"listen"` // The API port used for TCP & Websocket communication.'
License string `json:"license"` // The port used for gossip.'
TLS *cfg.TLSConfig `json:"tls,omitempty"` // The API port used for Secure TCP & Websocket communication.'
Secrets *cfg.VaultConfig `json:"vault,omitempty"` // The configuration for the Hashicorp Vault.
Storage *cfg.ProviderConfig `json:"storage,omitempty"` // The configuration for the storage provider.
Contract *cfg.ProviderConfig `json:"contract,omitempty"` // The configuration for the contract provider.
}
// Vault returns a vault configuration.
func (c *Config) Vault() *cfg.VaultConfig {
return c.Secrets
}
func main() {
// Parse the configuration
cfg, err := config.ReadOrCreate("emitter", "config.json", NewDefault, config.NewEnvironmentProvider(), config.NewVaultProvider("app"))
if err != nil {
panic("Unable to parse configuration, due to " + err.Error())
}
...
}
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertCacher ¶
CertCacher represents a contract which allows for retrieval of certificate cache
func TLS ¶
func TLS(cfg *TLSConfig, stores ...CertCacher) (*tls.Config, http.Handler, CertCacher)
TLS returns a TLS configuration which can be applied or validated. This requires a set of valid stores in the first place, so for this to work it needs to be called once the stores are configured (aka Configure() method was called). This should work well if called at some point after calling config.ReadOrCreate().
type Config ¶
type Config interface{}
Config represents a configuration interface.
func ReadOrCreate ¶
func ReadOrCreate(prefix string, path string, newDefault func() Config, stores ...SecretReader) (cfg Config, err error)
ReadOrCreate reads or creates the configuration object.
type EnvironmentProvider ¶
type EnvironmentProvider struct {
// contains filtered or unexported fields
}
EnvironmentProvider represents a security provider which uses environment variables to store secrets.
func NewEnvironmentProvider ¶
func NewEnvironmentProvider() *EnvironmentProvider
NewEnvironmentProvider creates a new environment security provider.
func (*EnvironmentProvider) Configure ¶
func (p *EnvironmentProvider) Configure(config map[string]interface{}) (err error)
Configure configures the security provider.
func (*EnvironmentProvider) GetSecret ¶
func (p *EnvironmentProvider) GetSecret(secretName string) (string, bool)
GetSecret retrieves a secret from the provider
func (*EnvironmentProvider) Name ¶
func (p *EnvironmentProvider) Name() string
Name returns the name of the security provider.
type Provider ¶
Provider represents a configurable provider.
func LoadProvider ¶
func LoadProvider(config *ProviderConfig, providers ...Provider) Provider
LoadProvider loads a provider from the configuration or panics if the configuration is specified, but the provider was not found or not able to configure. This uses the first provider as a default value.
type ProviderConfig ¶
type ProviderConfig struct {
// The storage provider, this can either be specific builtin or the plugin path (file or
// url) if the plugin is specified, it must contain a constructor function named 'New'
// which returns an interface{}.
Provider string `json:"provider"`
// The configuration for a provider. This specifies various parameters to provide to the
// specific provider during the Configure() call.
Config map[string]interface{} `json:"config,omitempty"`
}
ProviderConfig represents provider configuration.
func (*ProviderConfig) Load ¶
func (c *ProviderConfig) Load(builtins ...Provider) (Provider, error)
Load loads a provider from the configuration and uses one or several builtins provided.
func (*ProviderConfig) LoadOrPanic ¶
func (c *ProviderConfig) LoadOrPanic(builtins ...Provider) Provider
LoadOrPanic loads a provider from the configuration and uses one or several builtins provided. If the provider is not found, it panics.
type SecretReader ¶
SecretReader represents a contract for a store capable of resolving secrets.
type SecretStore ¶
type SecretStore interface {
SecretReader
GetCache() (autocert.Cache, bool)
}
SecretStore represents a contract for a store capable of resolving secrets. On top of that, also capable of caching certificates.
type TLSConfig ¶
type TLSConfig struct {
ListenAddr string `json:"listen"` // The address to listen on.
Host string `json:"host"` // The hostname to whitelist.
Email string `json:"email,omitempty"` // The email address for autocert.
Certificate string `json:"certificate,omitempty"` // The certificate request.
PrivateKey string `json:"private,omitempty"` // The private key for the certificate.
}
TLSConfig represents TLS listener configuration.
Source Files
Directories