container_config 0.1.0

data/lib/container_config/provider/base.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require "container_config"
+
+module ContainerConfig
+  module Provider
+    # Base config value provider
+    class Base
+      #
+      # Returns name of the config value provider
+      #
+      # @return [String] provider name
+      #
+      def name
+        raise ContainerConfig::MissingOverride, "Must override name method in derived class #{self.class}"
+      end
+
+      #
+      # Loads a configuration setting from the provider
+      #
+      # @param [String] key Configuration key to load
+      # @param [Array] _dig_keys Variable keys to use to load from providers that accept a dig structure
+      #                         defaults to the lowercase key split by underscores
+      #                         "MY_PASSWORD" => ["my", "password"]
+      # @param [Hash] options Options Hash
+      # @option options [String]  :default default value if the configuration setting cannot be found
+      # @option options [String]  :secret_mount_directory directory where secret files are mounted
+      #
+      # @return [Object] configuration setting value
+      #
+      def load(key, *_dig_keys, **options)
+        ContainerConfig.logger.debug do
+          "Loading configuration value for #{key} with options #{options} from #{self.class}"
+        end
+        nil
+      end
+    end
+  end
+end

data/lib/container_config/provider/default.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require "container_config/provider/base"
+
+module ContainerConfig
+  module Provider
+    # Default config value provider (handles :default option)
+    class Default < Base
+      # @see ContainerConfig::Provider::Base#name
+      def name
+        "Default Value"
+      end
+
+      #
+      # Loads a default configuration setting based on the value of options[:default]
+      #
+      # @param [String] key Configuration key to load
+      # @param [Array] dig_keys Variable keys to use to load from providers that accept a dig structure
+      # @param [Hash] options Options Hash
+      # @option options [String]  :default default value if the configuration setting cannot be found
+      #
+      # @return [Object] configuration setting value
+      #
+      def load(key, *dig_keys, **options)
+        super
+        options[:default]
+      end
+    end
+  end
+end

data/lib/container_config/provider/env.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require "container_config/provider/base"
+
+module ContainerConfig
+  module Provider
+    # Environment variable config value provider
+    class Env < Base
+      # @see ContainerConfig::Provider::Base#name
+      def name
+        "Environment Variable"
+      end
+
+      #
+      # Loads an environment value configuration setting
+      #
+      # @param [String] key Configuration key to load
+      # @param [Array] dig_keys Variable keys to use to load from providers that accept a dig structure
+      # @param [Hash] options Options Hash
+      #
+      # @return [Object] configuration setting value
+      #
+      def load(key, *dig_keys, **options)
+        super
+        ENV[key]
+      end
+    end
+  end
+end

data/lib/container_config/provider/rails_credential.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require "container_config/provider/base"
+
+module ContainerConfig
+  module Provider
+    # Rails credential config value provider
+    class RailsCredential < Base
+      # @see ContainerConfig::Provider::Base#name
+      def name
+        "Rails Credential"
+      end
+
+      #
+      # Loads a Rails credential configuration setting
+      #
+      # @param [String] key Configuration key to load
+      # @param [Array] dig_keys Variable keys to use to load from providers that accept a dig structure
+      #                         defaults to the lowercase key split by underscores
+      #                         "MY_PASSWORD" => ["my", "password"]
+      # @param [Hash] options Options Hash
+      #
+      # @return [Object] configuration setting value
+      #
+      def load(key, *dig_keys, **options)
+        super
+        ::Rails.application.credentials.config.dig(*dig_keys.map(&:to_sym))
+      end
+    end
+  end
+end

data/lib/container_config/provider/secret_volume.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+require "container_config/provider/base"
+
+module ContainerConfig
+  module Provider
+    # Secret volume mount config value provider
+    class SecretVolume < Base
+      # Default secret volume mount path used when globbing secret files
+      DEFAULT_SECRET_PATH = "/etc/*-secrets"
+
+      attr_accessor :default_directory, :directory
+
+      # @see ContainerConfig::Provider::Base#name
+      def name
+        "Secret Volume"
+      end
+
+      #
+      # Initializes a new ContainerConfig::Provider::SecretVolume
+      #
+      def initialize
+        super
+        @default_directory = DEFAULT_SECRET_PATH
+        @directory = nil
+      end
+
+      #
+      # Loads a secret volume mount configuration setting
+      #
+      # @param [String] key Configuration key to load
+      # @param [Array] dig_keys Variable keys to use to load from providers that accept a dig structure
+      #                         defaults to the lowercase key split by underscores
+      #                         "MY_PASSWORD" => ["my", "password"]
+      # @param [Hash] options Options Hash
+      # @option options [String]  :secret_mount_directory directory where secret files are mounted
+      #
+      # @return [Object] configuration setting value
+      #
+      def load(key, *dig_keys, **options)
+        super
+        secret_file = Dir.glob(File.join(secret_mount_directory(**options), "**", key)).first
+        return if secret_file.nil? || !File.exist?(secret_file)
+
+        File.read(secret_file)
+      end
+
+      private
+
+      def secret_mount_directory(options)
+        options[:secret_mount_directory] ||
+          directory ||
+          ENV["SECRET_MOUNT_DIRECTORY"] ||
+          default_directory
+      end
+    end
+  end
+end

data/lib/container_config/rails.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "container_config"
+require "container_config/rails/mailer"
+
+module ContainerConfig
+  # Rails configuration module
+  module Rails
+  end
+end

data/lib/container_config/rails/mailer.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+require "container_config"
+
+module ContainerConfig
+  module Rails
+    # Rails ActionMailer config module
+    module Mailer
+      #
+      # loads Rails ActionMailer configuration settings from environment variables, mounted secrets, or the application credentials
+      #
+      # @param [String] key base key for the Mailer config ("MAILER")
+      # @param [Hash] options Options Hash
+      # @option options [Boolean] :required whether to raise an exception if the settings cannot be found
+      # @option options [String] :secret_mount_directory directory where secret files are mounted
+      #
+      # @return [Hash] Mailer configuration hash with :perform_deliveries, :perform_caching, :raise_delivery_errors,
+      #                :delivery_method, :sendmail_settings, and :smtp_settings keys
+      #
+      def self.load(key, **options)
+        mail_config = {}
+
+        mail_config[:perform_deliveries] = ContainerConfig.load("#{key}_PERFORM_DELIVERIES", default: ::Rails.env.production?, type: :boolean)
+        mail_config[:perform_caching] = ContainerConfig.load("#{key}_PERFORM_CACHING", default: false, type: :boolean)
+        mail_config[:raise_delivery_errors] = ContainerConfig.load("#{key}_RAISE_DELIVERY_ERRORS", default: false, type: :boolean)
+        mail_config[:delivery_method] = ContainerConfig.load("#{key}_DELIVERY_METHOD", default: :sendmail, type: :symbol, enum: %i[smtp sendmail])
+        mail_config[:sendmail_settings] = mailer_sendmail_settings(key, **options)
+        mail_config[:smtp_settings] = mailer_smtp_settings(key, **options)
+
+        mail_config.compact
+      end
+
+      class << self
+        private
+
+        #
+        # load Mailer sendmail settings
+        #
+        # @param [String] key base key for the Mailer sendmail config
+        # @param [Hash] options Options Hash
+        # @option options [Boolean] :required whether to raise an exception if the settings cannot be found
+        # @option options [String] :secret_mount_directory directory where secret files are mounted
+        #
+        # @return [Hash] Sendmail settings hash with :location and :arguments keys
+        #
+        def mailer_sendmail_settings(key, **options)
+          {
+            location: ContainerConfig.load("#{key}_SENDMAIL_LOCATION", **options),
+            arguments: ContainerConfig.load("#{key}_SENDMAIL_ARGUMENTS", **options)
+          }.compact
+        end
+
+        #
+        # load Mailer SMTP settings
+        #
+        # @param [String] key base key for the Mailer SMTP config
+        # @param [Hash] options Options Hash
+        # @option options [Boolean] :required whether to raise an exception if the settings cannot be found
+        # @option options [String] :secret_mount_directory directory where secret files are mounted
+        #
+        # @return [Hash] SMTP settings hash with :address, :port, :domain, :user_name, :password, :authentication,
+        #                :enable_starttls_auto, :openssl_verify_mode, :ssl, and :tls keys
+        #
+        def mailer_smtp_settings(key, **options)
+          {
+            address: ContainerConfig.load("#{key}_SMTP_ADDRESS", **options),
+            port: ContainerConfig.load("#{key}_SMTP_PORT", **options, default: 25, type: :integer),
+            domain: ContainerConfig.load("#{key}_SMTP_DOMAIN", **options),
+            user_name: ContainerConfig.load("#{key}_SMTP_USER_NAME", **options),
+            password: ContainerConfig.load("#{key}_SMTP_PASSWORD", **options),
+            authentication: ContainerConfig.load("#{key}_SMTP_AUTHENTICATION", **options, type: :symbol, enum: [nil, :plain, :login, :cram_md5]),
+            enable_starttls_auto: ContainerConfig.load("#{key}_SMTP_ENABLE_STARTTLS_AUTO", **options, coerce_nil: false, type: :boolean),
+            openssl_verify_mode: ContainerConfig.load("#{key}_SMTP_OPENSSL_VERIFY_MODE", **options, coerce_nil: false, type: :ssl_verify_mode),
+            ssl: ContainerConfig.load("#{key}_SMTP_SSL", **options, coerce_nil: false, type: :boolean),
+            tls: ContainerConfig.load("#{key}_SMTP_TLS", **options, coerce_nil: false, type: :boolean)
+          }.compact
+        end
+      end
+    end
+  end
+end

data/lib/container_config/redis.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+require "container_config"
+
+module ContainerConfig
+  # Redis configuration module
+  module Redis
+    #
+    # Loads Redis configuration settings from environment variables, mounted secrets, or the application credentials
+    #
+    # @param [String] key base key for the Redis config ("QUEUE", "CACHE", etc.)
+    # @param [Hash] options Options Hash
+    # @option options [Boolean] :required whether to raise an exception if the settings cannot be found
+    # @option options [String] :secret_mount_directory directory where secret files are mounted
+    #
+    # @return [Hash] Redis configuration hash with :url, :password, and :sentinels keys
+    #                See https://github.com/redis/redis-rb for more information
+    #
+    def self.load(key, **options)
+      host = ContainerConfig.load("#{key}_HOST", **options, default: "localhost")
+      port = ContainerConfig.load("#{key}_PORT", **options, default: "6379")
+
+      url = ContainerConfig.load("#{key}_URL", **options, default: "redis://#{host}:#{port}")
+      sentinels = sentinel_info(key, **options)
+      password = ContainerConfig.load("#{key}_PASSWORD", **options)
+
+      # Ensure we never pass an empty string to Redis since it will be passed to the Redis AUTH
+      # command as-is and will cause an exception
+      password = nil if password.to_s.strip.empty?
+
+      redis_config = { url: url, password: password }
+      redis_config[:sentinels] = sentinels unless sentinels.empty?
+
+      # Add SSL configuration
+      redis_config[:ssl] = ContainerConfig.load("#{key}_SSL", **options, default: false)
+      redis_config[:ssl_params] = ssl_params(key, **options)
+
+      redis_config
+    end
+
+    class << self
+      private
+
+      #
+      # Load Redis Sentinel configuration settings
+      #
+      # @param [String] key base key for the Redis Sentinel config
+      # @param [Hash] options Options Hash
+      # @option options [Boolean] :required whether to raise an exception if the settings cannot be found
+      # @option options [String] :secret_mount_directory directory where secret files are mounted
+      #
+      # @return [Array] Redis sentinel configuration hashes, may be empty if no sentinel config exists
+      #                 Each hash will have :host, :port, and :password keys
+      #
+      def sentinel_info(key, **options)
+        sentinel_hosts = ContainerConfig.load("#{key}_SENTINELS", **options, default: [])
+        sentinel_hosts = sentinel_hosts.split(",").map(&:strip) if sentinel_hosts.is_a?(String)
+
+        sentinel_port = ContainerConfig.load("#{key}_SENTINEL_PORT", **options, default: "26379")
+        sentinel_password = ContainerConfig.load("#{key}_SENTINEL_PASSWORD", **options)
+
+        # Ensure we never pass an empty string to Redis since it will be passed to the Redis sentinel AUTH
+        # command as-is and will cause an exception
+        sentinel_password = nil if sentinel_password.to_s.strip.empty?
+
+        ssl_params = ssl_params("#{key}_SENTINEL", **options)
+
+        sentinel_hosts.map { |h| { host: h, port: sentinel_port, password: sentinel_password, ssl_params: ssl_params } }
+      end
+
+      #
+      # Load Redis SSL parameters
+      #
+      # @param [String] key base key for the Redis/Redis Sentinel config
+      # @param [Hash] options Options Hash
+      # @option options [Boolean] :required whether to raise an exception if the settings cannot be found
+      # @option options [String] :secret_mount_directory directory where secret files are mounted
+      #
+      # @return [Hash] SSL parameter hash (see OpenSSL::SSL::SSLContext documentation)
+      #
+      def ssl_params(key, **options)
+        ssl_params = {
+          ca_file: ContainerConfig.load("#{key}_SSL_CA_FILE", **options),
+          ca_path: ContainerConfig.load("#{key}_SSL_CA_PATH", **options),
+          cert: ContainerConfig.load("#{key}_SSL_CERT", **options, type: :ssl_certificate),
+          key: ContainerConfig.load("#{key}_SSL_KEY", **options, type: :ssl_key),
+          verify_mode: ContainerConfig.load("#{key}_SSL_VERIFY_MODE", **options, type: :ssl_verify_mode)
+        }
+
+        # Reject all nil key values
+        ssl_params.compact
+      end
+    end
+  end
+end

data/lib/container_config/version.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module ContainerConfig
+  # ContainerConfig version
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,167 @@
+--- !ruby/object:Gem::Specification
+name: container_config
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Matthew Newell
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2021-03-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.5'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+description: Loads container configuration values from environment variables, secrets,
+  and credentials.
+email:
+- matthewtnewell@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/main.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- container_config.gemspec
+- lib/container_config.rb
+- lib/container_config/coercer.rb
+- lib/container_config/coercer/base.rb
+- lib/container_config/coercer/boolean.rb
+- lib/container_config/coercer/float.rb
+- lib/container_config/coercer/integer.rb
+- lib/container_config/coercer/ssl_certificate.rb
+- lib/container_config/coercer/ssl_key.rb
+- lib/container_config/coercer/ssl_verify_mode.rb
+- lib/container_config/coercer/string.rb
+- lib/container_config/coercer/symbol.rb
+- lib/container_config/logger.rb
+- lib/container_config/provider.rb
+- lib/container_config/provider/base.rb
+- lib/container_config/provider/default.rb
+- lib/container_config/provider/env.rb
+- lib/container_config/provider/rails_credential.rb
+- lib/container_config/provider/secret_volume.rb
+- lib/container_config/rails.rb
+- lib/container_config/rails/mailer.rb
+- lib/container_config/redis.rb
+- lib/container_config/version.rb
+homepage: https://github.com/wheatevo/container_config
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/wheatevo/container_config
+  source_code_uri: https://github.com/wheatevo/container_config
+  changelog_uri: https://github.com/wheatevo/container_config/blob/master/CHANGELOG.md
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.4.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.4
+signing_key: 
+specification_version: 4
+summary: Loads container configuration values from environment variables, secrets,
+  and credentials.
+test_files: []