legion-settings 1.3.4 → 1.3.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f66aca7decaa9e60f84abf3d4b2538f42a90978289916f535395991161bb8e24
-  data.tar.gz: 41c5f1bac7ec1e12d0034ad872816405588d880542efbe7c420ec958697f1991
+  metadata.gz: 226a1ae2303f64b96fc48bd42101545a9d06b73aefab19278f27007c406c39d2
+  data.tar.gz: 4cbf2414166794436869ed44646f86c2860e7bdad4a07feebbd2536fe0e15276
 SHA512:
-  metadata.gz: 967b78c6ca4e9e2bee7a2ac1e53c6198a0b0606985e16fca8734c061be6b5b5b4f30e7ed882c387af00554f3323e9008269e036eaec09e9b7ee12d1e1c8ad349
-  data.tar.gz: 2451834575d97a57f1f11c41556f48cf581358624c793d8ac011158b174df2072988d1135af0b9fc3656d1fd608734ab155a2f5b7419d71f77a613e5d8677994
+  metadata.gz: 0b719320bd415ffbf14d68c5a43122dddf8182a0cfddca05915ba8f36490ede658abcb74fa499f320711a20fb5ec67d4f108c17fa4a1b35ee6a51dac801d0402
+  data.tar.gz: 88220500e2cc7a8542ce32b26c94b8ccf143d6b90d7ef0054a32f8d4507d175534dd8ac4ddae724ac8cfaa1fb4e88ac099200ca7d028fe4e258fe945398d939a

data/CHANGELOG.md

@@ -1,5 +1,19 @@
 # Legion::Settings Changelog
 
+## [1.3.6] - 2026-03-20
+
+### Fixed
+- Guard all `Legion::Logging` calls in loader with `defined?` check to prevent `NameError` when legion-logging is not loaded (fixes CI for downstream gems like legion-transport)
+
+## [1.3.5] - 2026-03-19
+
+### Added
+- DNS-based bootstrap discovery: auto-detect corporate config from `legion-bootstrap.<search-domain>`
+- `Settings[:dns]` populated with FQDN, default domain, search domains, and nameservers
+- `DnsBootstrap` class with DNS resolution, HTTPS fetch, local caching, and background refresh
+- First boot blocks on fetch; subsequent boots use cache with async refresh
+- Opt-out via `LEGION_DNS_BOOTSTRAP=false` environment variable
+
 ## [1.3.4] - 2026-03-18
 
 ### Fixed

data/CLAUDE.md

@@ -8,6 +8,7 @@
 Hash-like configuration store for the LegionIO framework. Loads settings from JSON files, directories, and environment variables. Provides a unified `Legion::Settings[:key]` accessor used by all other Legion gems. Includes schema-based validation with type inference, enum constraints, and cross-module checks.
 
 **GitHub**: https://github.com/LegionIO/legion-settings
+**Version**: 1.3.5
 **License**: Apache-2.0
 
 ## Architecture
@@ -26,11 +27,19 @@ Legion::Settings (singleton module)
 │
 ├── Loader               # Core: loads env vars, files, directories, merges settings
 │   ├── .load_env        # Load environment variables (LEGION_API_PORT)
+│   ├── .load_dns_bootstrap  # DNS-based corporate config discovery (baseline defaults)
 │   ├── .load_file       # Load single JSON file
 │   ├── .load_directory  # Load all JSON files from directory
 │   ├── .load_module_settings    # Merge with module priority
 │   └── .load_module_default     # Merge with default priority
 │
+├── DnsBootstrap         # DNS-based corporate config auto-discovery
+│   ├── .resolve?        # Check if legion-bootstrap.<domain> resolves
+│   ├── .fetch           # HTTPS GET /legion/bootstrap.json
+│   ├── .write_cache     # Atomic write to ~/.legionio/settings/_dns_bootstrap.json
+│   ├── .read_cache      # Read + strip metadata, delete if corrupted
+│   └── .cache_exists?   # Check for cached config
+│
 ├── Schema               # Type inference, validation, unknown key detection
 │   ├── .register        # Infer types from defaults
 │   ├── .define_override # Add enum/required/type constraints
@@ -45,7 +54,9 @@ Legion::Settings (singleton module)
 ### Key Design Patterns
 
 - **Auto-Load on Access**: `Legion::Settings[:key]` auto-loads if not initialized
+- **DNS Bootstrap Discovery**: On load, resolves `legion-bootstrap.<search-domain>` to fetch corporate baseline config. First boot blocks; subsequent boots use cache + async refresh. Disabled via `LEGION_DNS_BOOTSTRAP=false`
 - **Directory-Based Config**: Loads all `.json` files from config directories (default paths: `/etc/legionio`, `~/legionio`, `./settings`)
+- **Load Priority** (lowest to highest): hardcoded defaults < DNS bootstrap < local JSON files < CLI flags < secret resolution
 - **Module Merging**: Each Legion module registers its defaults via `merge_settings` during startup
 - **Schema Inference**: Types are inferred from default values — no manual schema definitions needed
 - **Two-Pass Validation**: Per-module on merge (catches type mismatches immediately) + cross-module on `validate!` (catches dependency conflicts)
@@ -69,13 +80,15 @@ Legion::Settings (singleton module)
 | `lib/legion/settings/validation_error.rb` | Error collection and formatted reporting |
 | `lib/legion/settings/os.rb` | OS detection helpers |
 | `lib/legion/settings/resolver.rb` | Secret resolution: `vault://` and `env://` URI references, fallback chains |
+| `lib/legion/settings/dns_bootstrap.rb` | DNS-based corporate config discovery, caching, background refresh |
 | `lib/legion/settings/version.rb` | VERSION constant |
 | `spec/legion/settings_spec.rb` | Core settings module tests |
 | `spec/legion/settings_module_spec.rb` | Module-level accessor and merge tests |
 | `spec/legion/loader_spec.rb` | Loader: env/file/directory loading tests |
 | `spec/legion/settings/schema_spec.rb` | Schema validation tests |
 | `spec/legion/settings/validation_error_spec.rb` | Error formatting tests |
-| `spec/legion/settings/integration_spec.rb` | End-to-end validation tests |
+| `spec/legion/settings/integration_spec.rb` | End-to-end validation + DNS bootstrap override tests |
+| `spec/legion/settings/dns_bootstrap_spec.rb` | DnsBootstrap class tests (resolve, fetch, cache) |
 | `spec/legion/settings/role_defaults_spec.rb` | Role profile default settings tests |
 | `spec/legion/settings/resolver_spec.rb` | Secret resolver tests (env://, vault://, lease://, fallback chains) |
 

data/README.md

@@ -2,6 +2,8 @@
 
 Configuration management module for the [LegionIO](https://github.com/LegionIO/LegionIO) framework. Loads settings from JSON files, directories, and environment variables. Provides a unified `Legion::Settings[:key]` accessor used by all other Legion gems.
 
+**Version**: 1.3.5
+
 ## Installation
 
 ```bash

data/lib/legion/settings/dns_bootstrap.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+require 'fileutils'
+require 'json'
+require 'net/http'
+require 'resolv'
+require 'uri'
+
+module Legion
+  module Settings
+    class DnsBootstrap
+      CACHE_FILENAME = '_dns_bootstrap.json'
+      HOSTNAME_PREFIX = 'legion-bootstrap'
+      URL_PATH = '/legion/bootstrap.json'
+      HTTP_TIMEOUT = 10
+
+      attr_reader :default_domain, :hostname, :url, :cache_path
+
+      def initialize(default_domain:, cache_dir: nil)
+        @default_domain = default_domain
+        @hostname = "#{HOSTNAME_PREFIX}.#{default_domain}"
+        @url = "https://#{@hostname}#{URL_PATH}"
+        dir = cache_dir || File.expand_path('~/.legionio/settings')
+        @cache_path = File.join(dir, CACHE_FILENAME)
+      end
+
+      def resolve?
+        Resolv.getaddress(@hostname)
+        true
+      rescue Resolv::ResolvError, Resolv::ResolvTimeout
+        false
+      end
+
+      def fetch
+        return nil unless resolve?
+
+        uri = URI.parse(@url)
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+        http.open_timeout = HTTP_TIMEOUT
+        http.read_timeout = HTTP_TIMEOUT
+        response = http.request(Net::HTTP::Get.new(uri))
+        return nil unless response.is_a?(Net::HTTPSuccess)
+
+        ::JSON.parse(response.body, symbolize_names: true)
+      rescue StandardError
+        nil
+      end
+
+      def write_cache(config)
+        FileUtils.mkdir_p(File.dirname(@cache_path))
+        payload = config.merge(
+          _dns_bootstrap_meta: {
+            fetched_at: Time.now.utc.iso8601,
+            hostname:   @hostname,
+            url:        @url
+          }
+        )
+        tmp = "#{@cache_path}.tmp"
+        File.write(tmp, ::JSON.pretty_generate(payload))
+        File.rename(tmp, @cache_path)
+      end
+
+      def read_cache
+        return nil unless File.exist?(@cache_path)
+
+        raw = ::JSON.parse(File.read(@cache_path), symbolize_names: true)
+        raw.delete(:_dns_bootstrap_meta)
+        raw
+      rescue ::JSON::ParserError
+        FileUtils.rm_f(@cache_path)
+        nil
+      end
+
+      def cache_exists?
+        File.exist?(@cache_path)
+      end
+    end
+  end
+end

data/lib/legion/settings/loader.rb

@@ -1,7 +1,9 @@
 # frozen_string_literal: true
 
+require 'resolv'
 require 'socket'
 require 'legion/settings/os'
+require_relative 'dns_bootstrap'
 
 module Legion
   module Settings
@@ -19,6 +21,17 @@ module Legion
         @loaded_files = []
       end
 
+      def dns_defaults
+        resolv_config = read_resolv_config
+        {
+          fqdn:           detect_fqdn,
+          default_domain: resolv_config[:search_domains]&.first,
+          search_domains: resolv_config[:search_domains] || [],
+          nameservers:    resolv_config[:nameservers] || [],
+          bootstrap:      { enabled: true }
+        }
+      end
+
       def client_defaults
         {
           hostname: system_hostname,
@@ -71,7 +84,8 @@ module Legion
           },
           transport:                  { connected: false },
           data:                       { connected: false },
-          role:                       { profile: nil, extensions: [] }
+          role:                       { profile: nil, extensions: [] },
+          dns:                        dns_defaults
         }
       end
 
@@ -116,6 +130,27 @@ module Legion
         load_api_env
       end
 
+      def load_dns_bootstrap(cache_dir: nil)
+        return if ENV['LEGION_DNS_BOOTSTRAP'] == 'false'
+
+        domain = @settings.dig(:dns, :default_domain)
+        return unless domain
+        return unless @settings.dig(:dns, :bootstrap, :enabled)
+
+        dir = cache_dir || File.expand_path('~/.legionio/settings')
+        bootstrap = DnsBootstrap.new(default_domain: domain, cache_dir: dir)
+
+        config = if bootstrap.cache_exists?
+                   load_dns_from_cache(bootstrap)
+                 else
+                   load_dns_first_boot(bootstrap)
+                 end
+
+        return unless config
+
+        merge_dns_config(config, bootstrap)
+      end
+
       def load_module_settings(config)
         @settings = deep_merge(config, @settings)
       end
@@ -127,7 +162,7 @@ module Legion
       end
 
       def load_file(file)
-        Legion::Logging.debug("Trying to load file #{file}")
+        log_debug("Trying to load file #{file}")
         if File.file?(file) && File.readable?(file)
           begin
             contents = read_config_file(file)
@@ -138,11 +173,11 @@ module Legion
             # @indifferent_access = false
             @loaded_files << file
           rescue Legion::JSON::ParseError => e
-            Legion::Logging.error("config file must be valid json: #{file}")
-            Legion::Logging.error("  parse error: #{e.message}")
+            log_error("config file must be valid json: #{file}")
+            log_error("  parse error: #{e.message}")
           end
         else
-          Legion::Logging.warn("Config file does not exist or is not readable file:#{file}")
+          log_warn("Config file does not exist or is not readable file:#{file}")
         end
       end
 
@@ -164,7 +199,7 @@ module Legion
           @settings[:client][:subscriptions].uniq!
           @indifferent_access = false
         else
-          Legion::Logging.warn('unable to apply legion client overrides, reason: client subscriptions is not an array')
+          log_warn('unable to apply legion client overrides, reason: client subscriptions is not an array')
         end
       end
 
@@ -184,6 +219,39 @@ module Legion
 
       private
 
+      def load_dns_from_cache(bootstrap)
+        config = bootstrap.read_cache
+        start_dns_background_refresh(bootstrap) if config
+        config
+      end
+
+      def load_dns_first_boot(bootstrap)
+        log_debug("DNS bootstrap: first boot, fetching from #{bootstrap.url}")
+        config = bootstrap.fetch
+        bootstrap.write_cache(config) if config
+        config
+      end
+
+      def merge_dns_config(config, bootstrap)
+        @settings = deep_merge(config, @settings)
+        @settings[:dns] ||= {}
+        @settings[:dns][:corp_bootstrap] = {
+          discovered: true,
+          hostname:   bootstrap.hostname,
+          url:        bootstrap.url
+        }
+        @indifferent_access = false
+      end
+
+      def start_dns_background_refresh(bootstrap)
+        Thread.new do
+          fresh = bootstrap.fetch
+          bootstrap.write_cache(fresh) if fresh
+        rescue StandardError
+          # Background refresh is best-effort
+        end
+      end
+
       def setting_category(category)
         @settings[category].map do |name, details|
           details.merge(name: name.to_s)
@@ -217,7 +285,7 @@ module Legion
 
         @settings[:api] ||= {}
         @settings[:api][:port] = ENV['LEGION_API_PORT'].to_i
-        Legion::Logging.warn("using api port environment variable, api: #{@settings[:api]}")
+        log_warn("using api port environment variable, api: #{@settings[:api]}")
         @indifferent_access = false
       end
 
@@ -287,20 +355,51 @@ module Legion
         'unknown'
       end
 
+      def log_debug(message)
+        Legion::Logging.debug(message) if defined?(Legion::Logging)
+      end
+
+      def log_warn(message)
+        defined?(Legion::Logging) ? Legion::Logging.warn(message) : warn(message)
+      end
+
+      def log_error(message)
+        defined?(Legion::Logging) ? Legion::Logging.error(message) : warn(message)
+      end
+
       def warning(message, data = {})
         @warnings << {
           message: message
         }.merge(data)
-        Legion::Logging.warn(message)
+        log_warn(message)
       end
 
       def load_error(message, data = {})
         @errors << {
           message: message
         }.merge(data)
-        Legion::Logging.error(message)
+        log_error(message)
         raise(Error, message)
       end
+
+      def read_resolv_config
+        config = Resolv::DNS::Config.default_config_hash
+        {
+          search_domains: config[:search]&.map(&:to_s)&.uniq,
+          nameservers:    config[:nameserver]&.map(&:to_s)&.uniq
+        }
+      rescue StandardError
+        { search_domains: [], nameservers: [] }
+      end
+
+      def detect_fqdn
+        fqdn = Addrinfo.getaddrinfo(Socket.gethostname, nil).first&.canonname
+        return nil if fqdn.nil?
+
+        fqdn.include?('.') ? fqdn : nil
+      rescue StandardError
+        nil
+      end
     end
   end
 end

data/lib/legion/settings/version.rb

@@ -2,6 +2,6 @@
 
 module Legion
   module Settings
-    VERSION = '1.3.4'
+    VERSION = '1.3.6'
   end
 end

data/lib/legion/settings.rb

@@ -17,6 +17,7 @@ module Legion
       def load(options = {})
         @loader = Legion::Settings::Loader.new
         @loader.load_env
+        @loader.load_dns_bootstrap
         @loader.load_file(options[:config_file]) if options[:config_file]
         @loader.load_directory(options[:config_dir]) if options[:config_dir]
         options[:config_dirs]&.each do |directory|

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: legion-settings
 version: !ruby/object:Gem::Version
-  version: 1.3.4
+  version: 1.3.6
 platform: ruby
 authors:
 - Esity
@@ -46,6 +46,7 @@ files:
 - docs/plans/2026-03-17-config-error-filename-implementation.md
 - legion-settings.gemspec
 - lib/legion/settings.rb
+- lib/legion/settings/dns_bootstrap.rb
 - lib/legion/settings/loader.rb
 - lib/legion/settings/os.rb
 - lib/legion/settings/resolver.rb