legion-settings 1.2.0 → 1.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 295484b08142fb1f6411ac9fbcd7d8f2222070c9a24d365c32df967281dc7f99
-  data.tar.gz: 9c2edecfcd659f6646256444fac34769c4d909df8247dab6965bbd0533067c23
+  metadata.gz: 7e6bfc5465268327a07174136c9b4cc7eb8793345bc43b61bbefbf99fdf2406a
+  data.tar.gz: 9e6b1384a02334a6aecbe50474f184bfb7996d16efe36d9b80744a4feb6171bc
 SHA512:
-  metadata.gz: 30905e3f6ebbd1195ad34cea678b187c0e05700d65ed2593dd9ad7d735e8f7db771f16cdc86ae87b99abf0887c3a8ddd3429a4ae1073ea65ba904fb894578d32
-  data.tar.gz: 81349d2d33e693b560b78842a4530eedd6aaf9a723785bb31a4783255b1bd0101e8089817f616a58f99ee3737b3f3fdecbfe5c9ec56a392f906b01ec3db45d70
+  metadata.gz: c8d084a1a0b75578ada3bb4f765bf7948ed9f9969e03717d10bf357d82895d1717b7e634e5f7ce8385bc3f1f4734e7e8e0d00a24ad4596a04f72f950c1ec84ec
+  data.tar.gz: 6f2ed8e7febb6d6a9f9e36b3d86a5522230f7254bf46aaa4e966c9d60b91f71f80a8a2e46de9510f77bedbda53d759426d087c71fdecbb15c2ef2c1efdb08298

data/.github/workflows/ci.yml

@@ -0,0 +1,16 @@
+name: CI
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+jobs:
+  ci:
+    uses: LegionIO/.github/.github/workflows/ci.yml@main
+
+  release:
+    needs: ci
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    uses: LegionIO/.github/.github/workflows/release.yml@main
+    secrets:
+      rubygems-api-key: ${{ secrets.RUBYGEMS_API_KEY }}

data/.rubocop.yml

@@ -1,18 +1,50 @@
+AllCops:
+  TargetRubyVersion: 3.4
+  NewCops: enable
+  SuggestExtensions: false
+
 Layout/LineLength:
-  Max: 120
+  Max: 160
+
+Layout/SpaceAroundEqualsInParameterDefault:
+  EnforcedStyle: space
+
+Layout/HashAlignment:
+  EnforcedHashRocketStyle: table
+  EnforcedColonStyle: table
+
 Metrics/MethodLength:
-  Max: 30
+  Max: 50
+
 Metrics/ClassLength:
   Max: 1500
+
+Metrics/ModuleLength:
+  Max: 1500
+
 Metrics/BlockLength:
-  Max: 50
+  Max: 40
+  Exclude:
+    - 'spec/**/*'
+
+Metrics/AbcSize:
+  Max: 60
+
+Metrics/CyclomaticComplexity:
+  Max: 15
+
+Metrics/PerceivedComplexity:
+  Max: 17
+
 Style/Documentation:
   Enabled: false
-AllCops:
-  TargetRubyVersion: 2.6
-  NewCops: enable
-  SuggestExtensions: false
+
+Style/SymbolArray:
+  Enabled: true
+
 Style/FrozenStringLiteralComment:
+  Enabled: true
+  EnforcedStyle: always
+
+Naming/FileName:
   Enabled: false
-Gemspec/RequiredRubyVersion:
-  Enabled: false

data/CHANGELOG.md

@@ -1,4 +1,16 @@
 # Legion::Settings Changelog
 
+## [1.2.2] - 2026-03-16
+
+### Added
+- `role` key in default settings with `profile` and `extensions` fields for extension profile filtering
+
+## v1.2.1
+
+### Added
+- `dev_mode?` method — returns true when `LEGION_DEV=true` env var or `Settings[:dev]` is set
+- Dev mode soft validation: `validate!` warns instead of raising when dev mode is active
+- Warning output via `Legion::Logging.warn` (falls back to `$stderr` if logging unavailable)
+
 ## v1.2.0
-Moving from BitBucket to GitHub inside the Optum org. All git history is reset from this point on
+Moving from BitBucket to GitHub. All git history is reset from this point on

data/CLAUDE.md

@@ -0,0 +1,115 @@
+# legion-settings: Configuration Management for LegionIO
+
+**Repository Level 3 Documentation**
+- **Parent**: `/Users/miverso2/rubymine/legion/CLAUDE.md`
+
+## Purpose
+
+Hash-like configuration store for the LegionIO framework. Loads settings from JSON files, directories, and environment variables. Provides a unified `Legion::Settings[:key]` accessor used by all other Legion gems. Includes schema-based validation with type inference, enum constraints, and cross-module checks.
+
+**GitHub**: https://github.com/LegionIO/legion-settings
+**License**: Apache-2.0
+
+## Architecture
+
+```
+Legion::Settings (singleton module)
+├── .load(config_dir:, config_file:, config_dirs:)  # Initialize loader
+├── .[](:key)                                         # Hash-like accessor (auto-loads if needed)
+├── .set_prop(key, value)                             # Set a value
+├── .merge_settings(key, hash)                        # Merge module defaults + register schema
+├── .define_schema(key, overrides)                    # Add enum/required constraints
+├── .add_cross_validation(&block)                     # Register cross-module validation
+├── .validate!                                        # Run all validations, raise on errors
+├── .schema                                           # Access Schema instance
+├── .errors                                           # Access collected errors
+│
+├── Loader               # Core: loads env vars, files, directories, merges settings
+│   ├── .load_env        # Load environment variables (LEGION_API_PORT)
+│   ├── .load_file       # Load single JSON file
+│   ├── .load_directory  # Load all JSON files from directory
+│   ├── .load_module_settings    # Merge with module priority
+│   └── .load_module_default     # Merge with default priority
+│
+├── Schema               # Type inference, validation, unknown key detection
+│   ├── .register        # Infer types from defaults
+│   ├── .define_override # Add enum/required/type constraints
+│   ├── .validate_module # Validate values against schema
+│   └── .detect_unknown_keys  # Find typos via Levenshtein distance
+│
+├── ValidationError      # Collects all errors, raises once with formatted message
+├── OS                   # OS detection helpers
+└── CORE_MODULES         # [:transport, :cache, :crypt, :data, :logging, :client]
+```
+
+### Key Design Patterns
+
+- **Auto-Load on Access**: `Legion::Settings[:key]` auto-loads if not initialized
+- **Directory-Based Config**: Loads all `.json` files from config directories (default paths: `/etc/legionio`, `~/legionio`, `./settings`)
+- **Module Merging**: Each Legion module registers its defaults via `merge_settings` during startup
+- **Schema Inference**: Types are inferred from default values — no manual schema definitions needed
+- **Two-Pass Validation**: Per-module on merge (catches type mismatches immediately) + cross-module on `validate!` (catches dependency conflicts)
+- **Self-Service Registration**: LEX modules register schemas alongside defaults via `merge_settings` — no core changes needed
+- **Fail-Fast**: `validate!` collects all errors and raises `ValidationError` once with a formatted message
+- **Lazy Logging**: Falls back to `::Logger.new($stdout)` if `Legion::Logging` isn't loaded yet
+
+## Dependencies
+
+| Gem | Purpose |
+|-----|---------|
+| `legion-json` (>= 1.2) | JSON file parsing |
+
+## File Map
+
+| Path | Purpose |
+|------|---------|
+| `lib/legion/settings.rb` | Module entry, singleton accessors, schema integration, validation orchestration |
+| `lib/legion/settings/loader.rb` | Config loading from env/files/directories, deep merge, indifferent access |
+| `lib/legion/settings/schema.rb` | Type inference, validation logic, unknown key detection (Levenshtein) |
+| `lib/legion/settings/validation_error.rb` | Error collection and formatted reporting |
+| `lib/legion/settings/os.rb` | OS detection helpers |
+| `lib/legion/settings/version.rb` | VERSION constant |
+| `spec/legion/settings_spec.rb` | Core settings module tests |
+| `spec/legion/settings_module_spec.rb` | Module-level accessor and merge tests |
+| `spec/legion/loader_spec.rb` | Loader: env/file/directory loading tests |
+| `spec/legion/settings/schema_spec.rb` | Schema validation tests |
+| `spec/legion/settings/validation_error_spec.rb` | Error formatting tests |
+| `spec/legion/settings/integration_spec.rb` | End-to-end validation tests |
+| `spec/legion/settings/role_defaults_spec.rb` | Role profile default settings tests |
+
+## Role in LegionIO
+
+**Core configuration gem** - every other Legion gem reads its configuration from `Legion::Settings`. Settings are organized by module key:
+
+```ruby
+Legion::Settings[:transport]  # legion-transport config
+Legion::Settings[:cache]      # legion-cache config
+Legion::Settings[:crypt]      # legion-crypt config
+Legion::Settings[:data]       # legion-data config
+Legion::Settings[:client]     # Node identity (name, hostname, ready state)
+Legion::Settings[:role]       # Extension profile filtering (profile, extensions)
+```
+
+### Validation Usage
+
+```ruby
+# Modules register defaults (schema inferred automatically)
+Legion::Settings.merge_settings('transport', { host: 'localhost', port: 5672 })
+
+# Optional: add constraints beyond type inference
+Legion::Settings.define_schema('cache', { driver: { enum: %w[dalli redis] } })
+
+# Optional: cross-module validation
+Legion::Settings.add_cross_validation do |settings, errors|
+  if settings[:crypt][:cluster_secret].nil? && settings[:transport][:connected]
+    errors << { module: :crypt, path: 'crypt.cluster_secret', message: 'required when transport is connected' }
+  end
+end
+
+# Validate all at once (raises ValidationError with all collected errors)
+Legion::Settings.validate!
+```
+
+---
+
+**Maintained By**: Matthew Iverson (@Esity)

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gemspec

data/LICENSE

@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2021 Optum
+   Copyright 2021 Esity
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

data/README.md

@@ -1,36 +1,57 @@
-Legion::Settings
-=====
+# legion-settings
 
-Legion::Settings is a hash like class used to store LegionIO Settings. 
+Configuration management module for the [LegionIO](https://github.com/LegionIO/LegionIO) framework. Loads settings from JSON files, directories, and environment variables. Provides a unified `Legion::Settings[:key]` accessor used by all other Legion gems.
 
-Supported Ruby versions and implementations
-------------------------------------------------
+## Installation
 
-Legion::Json should work identically on:
+```bash
+gem install legion-settings
+```
 
-* JRuby 9.2+
-* Ruby 2.4+
+Or add to your Gemfile:
 
+```ruby
+gem 'legion-settings'
+```
 
-Installation and Usage
-------------------------
+## Usage
 
-You can verify your installation using this piece of code:
+```ruby
+require 'legion/settings'
 
-```bash
-gem install legion-json
+Legion::Settings.load(config_dir: './')  # loads all .json files in the directory
+
+Legion::Settings[:client][:hostname]
+Legion::Settings[:transport][:connection][:host]
 ```
 
-```ruby
-require 'legion-settings'
-Legion::Settings.load(config_dir: './') # will automatically load json files it has access to inside this dir
+### Config Paths (checked in order)
 
-Legion::Settings[:client][:hostname]
-Legion::Settings[:client][:new_attribute] = 'foobar'
+1. `/etc/legionio/`
+2. `~/legionio/`
+3. `./settings/`
+
+Each Legion module registers its own defaults via `merge_settings` during startup.
+
+### Schema Validation
+
+Types are inferred automatically from default values. Optional constraints can be added:
 
+```ruby
+Legion::Settings.merge_settings('mymodule', { host: 'localhost', port: 8080 })
+Legion::Settings.define_schema('mymodule', { port: { required: true } })
+Legion::Settings.validate!  # raises ValidationError if any settings are invalid
+
+# In development, warn instead of raising:
+# Set LEGION_DEV=true or Legion::Settings.set_prop(:dev, true)
+# validate! will warn to $stderr (or Legion::Logging) instead of raising
 ```
 
-Authors
-----------
+## Requirements
+
+- Ruby >= 3.4
+- `legion-json`
+
+## License
 
-* [Matthew Iverson](https://github.com/Esity) - current maintainer
+Apache-2.0

data/legion-settings.gemspec

@@ -6,24 +6,24 @@ Gem::Specification.new do |spec|
   spec.name = 'legion-settings'
   spec.version       = Legion::Settings::VERSION
   spec.authors       = ['Esity']
-  spec.email         = %w[matthewdiverson@gmail.com ruby@optum.com]
+  spec.email         = ['matthewdiverson@gmail.com']
 
   spec.summary       = 'Legion::Settings'
   spec.description   = 'A gem written to handle LegionIO Settings in a consistent way across extensions'
-  spec.homepage      = 'https://github.com/Optum/legion-settings'
+  spec.homepage      = 'https://github.com/LegionIO/legion-settings'
   spec.license       = 'Apache-2.0'
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.4'
+  spec.required_ruby_version = '>= 3.4'
   spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.test_files        = spec.files.select { |p| p =~ %r{^test/.*_test.rb} }
-  spec.extra_rdoc_files  = %w[README.md LICENSE CHANGELOG.md]
+  spec.extra_rdoc_files = %w[README.md LICENSE CHANGELOG.md]
   spec.metadata = {
-    'bug_tracker_uri' => 'https://github.com/Optum/legion-settings/issues',
-    'changelog_uri' => 'https://github.com/Optum/legion-settings/src/main/CHANGELOG.md',
-    'documentation_uri' => 'https://github.com/Optum/legion-settings',
-    'homepage_uri' => 'https://github.com/Optum/LegionIO',
-    'source_code_uri' => 'https://github.com/Optum/legion-settings',
-    'wiki_uri' => 'https://github.com/Optum/legion-settings/wiki'
+    'bug_tracker_uri'       => 'https://github.com/LegionIO/legion-settings/issues',
+    'changelog_uri'         => 'https://github.com/LegionIO/legion-settings/blob/main/CHANGELOG.md',
+    'documentation_uri'     => 'https://github.com/LegionIO/legion-settings',
+    'homepage_uri'          => 'https://github.com/LegionIO/LegionIO',
+    'source_code_uri'       => 'https://github.com/LegionIO/legion-settings',
+    'wiki_uri'              => 'https://github.com/LegionIO/legion-settings/wiki',
+    'rubygems_mfa_required' => 'true'
   }
 
   spec.add_dependency 'legion-json', '>= 1.2'

data/lib/legion/settings/loader.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'socket'
 require 'legion/settings/os'
 
@@ -20,37 +22,38 @@ module Legion
       def client_defaults
         {
           hostname: system_hostname,
-          address: system_address,
-          name: "#{::Socket.gethostname.tr('.', '_')}.#{::Process.pid}",
-          ready: false
+          address:  system_address,
+          name:     "#{::Socket.gethostname.tr('.', '_')}.#{::Process.pid}",
+          ready:    false
         }
       end
 
       def default_settings
         {
-          client: client_defaults,
-          cluster: { public_keys: {} },
-          crypt: {
-            cluster_secret: nil,
+          client:                     client_defaults,
+          cluster:                    { public_keys: {} },
+          crypt:                      {
+            cluster_secret:         nil,
             cluster_secret_timeout: 5,
-            vault: { connected: false }
+            vault:                  { connected: false }
           },
-          cache: { enabled: true, connected: false, driver: 'dalli' },
-          extensions: {},
-          reload: false,
-          reloading: false,
-          auto_install_missing_lex: true,
+          cache:                      { enabled: true, connected: false, driver: 'dalli' },
+          extensions:                 {},
+          reload:                     false,
+          reloading:                  false,
+          auto_install_missing_lex:   true,
           default_extension_settings: {
             logger: { level: 'info', trace: false, extended: false }
           },
-          logging: {
-            level: 'info',
-            location: 'stdout',
-            trace: true,
+          logging:                    {
+            level:             'info',
+            location:          'stdout',
+            trace:             true,
             backtrace_logging: true
           },
-          transport: { connected: false },
-          data: { connected: false }
+          transport:                  { connected: false },
+          data:                       { connected: false },
+          role:                       { profile: nil, extensions: [] }
         }
       end
 
@@ -66,6 +69,11 @@ module Legion
         to_hash[key]
       end
 
+      def []=(key, value)
+        @settings[key] = value
+        @indifferent_access = false
+      end
+
       def hexdigest
         if @hexdigest && @indifferent_access
           @hexdigest
@@ -147,8 +155,9 @@ module Legion
       end
 
       def validate
-        validator = Validator.new
-        @errors += validator.run(@settings, legion_service_name)
+        Legion::Settings.validate!
+      rescue Legion::Settings::ValidationError
+        # errors are already collected in @errors
       end
 
       private
@@ -191,11 +200,12 @@ module Legion
       end
 
       def read_config_file(file)
-        contents = IO.read(file)
+        contents = File.read(file).dup
         if contents.respond_to?(:force_encoding)
           encoding = ::Encoding::ASCII_8BIT
           contents = contents.force_encoding(encoding)
-          contents.sub!("\xEF\xBB\xBF".force_encoding(encoding), '')
+          bom = (+"\xEF\xBB\xBF").force_encoding(encoding)
+          contents.sub!(bom, '')
         else
           contents.sub!(/^\357\273\277/, '')
         end
@@ -216,7 +226,6 @@ module Legion
         merged
       end
 
-      # rubocop:disable Metrics/AbcSize
       def deep_diff(hash_one, hash_two)
         keys = hash_one.keys.concat(hash_two.keys).uniq
         keys.each_with_object({}) do |key, diff|
@@ -229,15 +238,12 @@ module Legion
                       end
         end
       end
-      # rubocop:enable Metrics/AbcSize
 
       def create_loaded_tempfile!
         dir = ENV['LEGION_LOADED_TEMPFILE_DIR'] || Dir.tmpdir
         file_name = "legion_#{legion_service_name}_loaded_files"
         path = File.join(dir, file_name)
-        File.open(path, 'w') do |file|
-          file.write(@loaded_files.join(':'))
-        end
+        File.write(path, @loaded_files.join(':'))
         path
       end
 

data/lib/legion/settings/os.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Legion
   module Settings
     module OS
@@ -14,15 +16,10 @@ module Legion
       end
 
       def self.linux?
-        OS.unix? and !OS.mac?
-      end
-
-      def self.jruby?
-        RUBY_ENGINE == 'jruby'
+        OS.unix? && !OS.mac?
       end
 
       def os
-        return 'jruby' if jruby?
         return 'windows' if windows?
         return 'mac' if mac?
         return 'unix' if unix?

data/lib/legion/settings/schema.rb

@@ -0,0 +1,202 @@
+# frozen_string_literal: true
+
+module Legion
+  module Settings
+    class Schema
+      def initialize
+        @schemas = {}
+        @registered = []
+      end
+
+      def register(mod_name, defaults)
+        mod_name = mod_name.to_sym
+        @registered << mod_name unless @registered.include?(mod_name)
+        @schemas[mod_name] ||= {}
+        infer_types(defaults, @schemas[mod_name])
+      end
+
+      def define_override(mod_name, overrides)
+        mod_name = mod_name.to_sym
+        @schemas[mod_name] ||= {}
+        apply_overrides(overrides, @schemas[mod_name])
+      end
+
+      def constraint(mod_name, key_path)
+        node = @schemas[mod_name.to_sym]
+        key_path.each do |key|
+          return nil unless node.is_a?(Hash) && node.key?(key)
+
+          node = node[key]
+        end
+        node
+      end
+
+      def registered_modules
+        @registered.dup
+      end
+
+      def schema_for(mod_name)
+        @schemas[mod_name.to_sym]
+      end
+
+      def validate_module(mod_name, values)
+        mod_name = mod_name.to_sym
+        mod_schema = @schemas[mod_name]
+        return [] if mod_schema.nil?
+
+        errors = []
+        validate_node(mod_schema, values, mod_name, '', errors)
+        errors
+      end
+
+      TYPE_NAMES = { string: 'String', integer: 'Integer', float: 'Float', boolean: 'Boolean',
+                     array: 'Array', hash: 'Hash' }.freeze
+
+      def detect_unknown_keys(settings, known_defaults: [])
+        warnings = []
+        all_known = @registered + known_defaults
+
+        settings.each_key do |key|
+          next if all_known.include?(key)
+
+          suggestion = find_similar(key, all_known)
+          msg = "top-level key :#{key} is not registered by any module"
+          msg += " (did you mean :#{suggestion}?)" if suggestion
+          warnings << { module: :unknown_key, path: key.to_s, message: msg }
+        end
+
+        check_first_level_keys(settings, warnings)
+        warnings
+      end
+
+      private
+
+      def infer_types(defaults, target)
+        defaults.each do |key, value|
+          target[key] ||= {}
+          if value.is_a?(Hash) && !value.empty?
+            infer_types(value, target[key])
+          else
+            target[key][:type] = infer_type(value)
+          end
+        end
+      end
+
+      def infer_type(value)
+        case value
+        when String      then :string
+        when Integer     then :integer
+        when Float       then :float
+        when true, false then :boolean
+        when Array       then :array
+        when Hash        then :hash
+        else :any
+        end
+      end
+
+      def apply_overrides(overrides, target)
+        overrides.each do |key, value|
+          target[key] ||= {}
+          if value.is_a?(Hash) && !value.key?(:type) && !value.key?(:required) && !value.key?(:enum)
+            apply_overrides(value, target[key])
+          else
+            target[key].merge!(value)
+          end
+        end
+      end
+
+      def validate_node(schema_node, value_node, mod_name, path_prefix, errors)
+        schema_node.each do |key, constraint|
+          current_path = path_prefix.empty? ? key.to_s : "#{path_prefix}.#{key}"
+          value = value_node.is_a?(Hash) ? value_node[key] : nil
+
+          if constraint.is_a?(Hash) && constraint.key?(:type)
+            validate_leaf(constraint, value, mod_name, current_path, errors)
+          elsif constraint.is_a?(Hash)
+            validate_node(constraint, value, mod_name, current_path, errors) if value.is_a?(Hash)
+          end
+        end
+      end
+
+      def validate_leaf(constraint, value, mod_name, path, errors)
+        if value.nil?
+          errors << { module: mod_name, path: path, message: 'is required but was nil' } if constraint[:required]
+          return
+        end
+
+        validate_type(constraint, value, mod_name, path, errors)
+        validate_enum(constraint, value, mod_name, path, errors)
+      end
+
+      def validate_type(constraint, value, mod_name, path, errors)
+        expected = constraint[:type]
+        return if expected == :any
+
+        valid = case expected
+                when :string  then value.is_a?(String)
+                when :integer then value.is_a?(Integer)
+                when :float   then value.is_a?(Float) || value.is_a?(Integer)
+                when :boolean then value.is_a?(TrueClass) || value.is_a?(FalseClass)
+                when :array   then value.is_a?(Array)
+                when :hash    then value.is_a?(Hash)
+                else true
+                end
+        return if valid
+
+        type_name = TYPE_NAMES.fetch(expected, expected.to_s)
+        errors << { module: mod_name, path: path, message: "expected #{type_name}, got #{value.class} (#{value.inspect})" }
+      end
+
+      def validate_enum(constraint, value, mod_name, path, errors)
+        return unless constraint[:enum]
+        return if constraint[:enum].include?(value)
+
+        errors << { module: mod_name, path: path, message: "expected one of #{constraint[:enum].inspect}, got #{value.inspect}" }
+      end
+
+      def check_first_level_keys(settings, warnings)
+        @schemas.each do |mod_name, mod_schema|
+          values = settings[mod_name]
+          next unless values.is_a?(Hash)
+
+          known_keys = mod_schema.keys
+          values.each_key do |key|
+            next if known_keys.include?(key)
+
+            suggestion = find_similar(key, known_keys)
+            msg = "unknown key :#{key}"
+            msg += " (did you mean :#{suggestion}?)" if suggestion
+            warnings << { module: mod_name, path: "#{mod_name}.#{key}", message: msg }
+          end
+        end
+      end
+
+      def find_similar(key, candidates)
+        key_str = key.to_s
+        candidates.map(&:to_s).select { |c| levenshtein(key_str, c) <= 2 }
+                              .min_by { |c| levenshtein(key_str, c) }
+                              &.to_sym
+      end
+
+      def levenshtein(str_a, str_b)
+        m = str_a.length
+        n = str_b.length
+        return m if n.zero?
+        return n if m.zero?
+
+        matrix = Array.new(m + 1) { |i| i }
+        (1..n).each do |j|
+          prev = matrix[0]
+          matrix[0] = j
+          (1..m).each do |i|
+            cost = str_a[i - 1] == str_b[j - 1] ? 0 : 1
+            temp = matrix[i]
+            matrix[i] = [matrix[i] + 1, matrix[i - 1] + 1, prev + cost].min
+            prev = temp
+          end
+        end
+        matrix[m]
+      end
+    end
+  end
+end

data/lib/legion/settings/validation_error.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Legion
+  module Settings
+    class ValidationError < StandardError
+      attr_reader :errors
+
+      def initialize(errors)
+        @errors = errors
+        super(format_message)
+      end
+
+      private
+
+      def format_message
+        count = @errors.length
+        label = count == 1 ? 'error' : 'errors'
+        lines = @errors.map do |err|
+          "  [#{err[:module]}] #{err[:path]}: #{err[:message]}"
+        end
+        "#{count} configuration #{label} detected:\n\n#{lines.join("\n")}"
+      end
+    end
+  end
+end

data/lib/legion/settings/version.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module Legion
   module Settings
-    VERSION = '1.2.0'.freeze
+    VERSION = '1.2.2'
   end
 end

data/lib/legion/settings.rb

@@ -1,10 +1,16 @@
+# frozen_string_literal: true
+
 require 'legion/json'
 require 'legion/settings/version'
 require 'legion/json/parse_error'
 require 'legion/settings/loader'
+require 'legion/settings/schema'
+require 'legion/settings/validation_error'
 
 module Legion
   module Settings
+    CORE_MODULES = %i[transport cache crypt data logging client].freeze
+
     class << self
       attr_accessor :loader
 
@@ -28,7 +34,6 @@ module Legion
         @loader = load if @loader.nil?
         @loader[key]
       rescue NoMethodError, TypeError
-        logger.fatal 'rescue inside [](key)'
         nil
       end
 
@@ -42,6 +47,45 @@ module Legion
         thing = {}
         thing[key.to_sym] = hash
         @loader.load_module_settings(thing)
+        schema.register(key.to_sym, hash)
+        validate_module_on_merge(key.to_sym)
+      end
+
+      def define_schema(key, overrides)
+        schema.define_override(key.to_sym, overrides)
+      end
+
+      def add_cross_validation(&block)
+        cross_validations << block
+      end
+
+      def dev_mode?
+        return true if ENV['LEGION_DEV'] == 'true'
+
+        Legion::Settings[:dev] ? true : false
+      rescue StandardError
+        false
+      end
+
+      def validate!
+        @loader = load if @loader.nil?
+        revalidate_all_modules
+        run_cross_validations
+        detect_unknown_keys
+        return if errors.empty?
+
+        raise ValidationError, errors unless dev_mode?
+
+        warn_validation_errors(errors)
+      end
+
+      def schema
+        @schema ||= Schema.new
+      end
+
+      def errors
+        @loader = load if @loader.nil?
+        @loader.errors
       end
 
       def logger
@@ -49,9 +93,68 @@ module Legion
                     ::Legion::Logging
                   else
                     require 'logger'
-                    ::Logger.new($stdout)
+                    l = ::Logger.new($stdout)
+                    l.formatter = proc do |severity, datetime, _progname, msg|
+                      "[#{datetime.strftime('%Y-%m-%d %H:%M:%S %z')}] #{severity} #{msg}\n"
+                    end
+                    l
                   end
       end
+
+      private
+
+      def cross_validations
+        @cross_validations ||= []
+      end
+
+      def warn_validation_errors(errs)
+        count = errs.length
+        label = count == 1 ? 'error' : 'errors'
+        message = "Legion::Settings dev mode: #{count} configuration #{label} detected (not raising):\n"
+        message += errs.map { |e| "  [#{e[:module]}] #{e[:path]}: #{e[:message]}" }.join("\n")
+        if ::Legion.const_defined?('Logging')
+          ::Legion::Logging.warn(message)
+        else
+          warn(message)
+        end
+      end
+
+      def validate_module_on_merge(mod_name)
+        values = @loader[mod_name]
+        return unless values.is_a?(Hash)
+
+        module_errors = schema.validate_module(mod_name, values)
+        @loader.errors.concat(module_errors)
+      end
+
+      def revalidate_all_modules
+        schema.registered_modules.each do |mod_name|
+          values = @loader[mod_name]
+          next unless values.is_a?(Hash)
+
+          module_errors = schema.validate_module(mod_name, values)
+          @loader.errors.concat(module_errors)
+        end
+        @loader.errors.uniq!
+      end
+
+      def run_cross_validations
+        settings_hash = @loader.to_hash
+        cross_validations.each do |block|
+          block.call(settings_hash, @loader.errors)
+        end
+      end
+
+      def detect_unknown_keys
+        default_keys = @loader.default_settings.keys
+        registered = schema.registered_modules
+        known_defaults = default_keys - registered
+
+        warnings = schema.detect_unknown_keys(@loader.to_hash, known_defaults: known_defaults)
+        warnings.each do |w|
+          @loader.errors << w
+        end
+      end
     end
   end
 end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: legion-settings
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.2.2
 platform: ruby
 authors:
 - Esity
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-06-04 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: legion-json
@@ -28,46 +27,40 @@ description: A gem written to handle LegionIO Settings in a consistent way acros
   extensions
 email:
 - matthewdiverson@gmail.com
-- ruby@optum.com
 executables: []
 extensions: []
 extra_rdoc_files:
-- README.md
-- LICENSE
 - CHANGELOG.md
+- LICENSE
+- README.md
 files:
-- ".github/workflows/sourcehawk-scan.yml"
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rubocop.yml"
 - CHANGELOG.md
-- CODE_OF_CONDUCT.md
-- CONTRIBUTING.md
+- CLAUDE.md
 - Gemfile
-- INDIVIDUAL_CONTRIBUTOR_LICENSE.md
 - LICENSE
-- NOTICE.txt
 - README.md
-- SECURITY.md
-- attribution.txt
 - legion-settings.gemspec
 - lib/legion/settings.rb
 - lib/legion/settings/loader.rb
 - lib/legion/settings/os.rb
-- lib/legion/settings/validators/legion.rb
+- lib/legion/settings/schema.rb
+- lib/legion/settings/validation_error.rb
 - lib/legion/settings/version.rb
 - sonar-project.properties
-- sourcehawk.yml
-homepage: https://github.com/Optum/legion-settings
+homepage: https://github.com/LegionIO/legion-settings
 licenses:
 - Apache-2.0
 metadata:
-  bug_tracker_uri: https://github.com/Optum/legion-settings/issues
-  changelog_uri: https://github.com/Optum/legion-settings/src/main/CHANGELOG.md
-  documentation_uri: https://github.com/Optum/legion-settings
-  homepage_uri: https://github.com/Optum/LegionIO
-  source_code_uri: https://github.com/Optum/legion-settings
-  wiki_uri: https://github.com/Optum/legion-settings/wiki
-post_install_message:
+  bug_tracker_uri: https://github.com/LegionIO/legion-settings/issues
+  changelog_uri: https://github.com/LegionIO/legion-settings/blob/main/CHANGELOG.md
+  documentation_uri: https://github.com/LegionIO/legion-settings
+  homepage_uri: https://github.com/LegionIO/LegionIO
+  source_code_uri: https://github.com/LegionIO/legion-settings
+  wiki_uri: https://github.com/LegionIO/legion-settings/wiki
+  rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths:
 - lib
@@ -75,15 +68,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '3.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
-signing_key:
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Legion::Settings
 test_files: []

data/.github/workflows/sourcehawk-scan.yml

@@ -1,20 +0,0 @@
-name: Sourcehawk Scan
-on:
-  push:
-    branches:
-      - main
-      - master
-  pull_request:
-    branches:
-      - main
-      - master
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Sourcehawk Scan
-        uses: optum/sourcehawk-scan-github-action@main
-
-
-

data/CODE_OF_CONDUCT.md

@@ -1,75 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, gender identity and expression, level of experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project email
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at [opensource@optum.com][email]. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an incident.
-Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
-[email]: mailto:opensource@optum.com

data/CONTRIBUTING.md

@@ -1,55 +0,0 @@
-# Contribution Guidelines
-
-Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms. Please also review our [Contributor License Agreement ("CLA")](INDIVIDUAL_CONTRIBUTOR_LICENSE.md) prior to submitting changes to the project.  You will need to attest to this agreement following the instructions in the [Paperwork for Pull Requests](#paperwork-for-pull-requests) section below.
-
----
-
-# How to Contribute
-
-Now that we have the disclaimer out of the way, let's get into how you can be a part of our project. There are many different ways to contribute.
-
-## Issues
-
-We track our work using Issues in GitHub. Feel free to open up your own issue to point out areas for improvement or to suggest your own new experiment. If you are comfortable with signing the waiver linked above and contributing code or documentation, grab your own issue and start working.
-
-## Coding Standards
-
-We have some general guidelines towards contributing to this project.
-Please run RSpec and Rubocop while developing code for LegionIO
-
-### Languages
-
-*Ruby*
-
-## Pull Requests
-
-If you've gotten as far as reading this section, then thank you for your suggestions.
-
-## Paperwork for Pull Requests
-
-* Please read this guide and make sure you agree with our [Contributor License Agreement ("CLA")](INDIVIDUAL_CONTRIBUTOR_LICENSE.md).
-* Make sure git knows your name and email address:
-   ```
-   $ git config user.name "J. Random User"
-   $ git config user.email "j.random.user@example.com"
-   ```
->The name and email address must be valid as we cannot accept anonymous contributions.
-* Write good commit messages.
-> Concise commit messages that describe your changes help us better understand your contributions.
-* The first time you open a pull request in this repository, you will see a comment on your PR with a link that will allow you to sign our Contributor License Agreement (CLA) if necessary.
-> The link will take you to a page that allows you to view our CLA.  You will need to click the `Sign in with GitHub to agree button` and authorize the cla-assistant application to access the email addresses associated with your GitHub account.  Agreeing to the CLA is also considered to be an attestation that you either wrote or have the rights to contribute the code.  All committers to the PR branch will be required to sign the CLA, but you will only need to sign once.  This CLA applies to all repositories in the Optum org.
-
-## General Guidelines
-
-Ensure your pull request (PR) adheres to the following guidelines:
-
-* Try to make the name concise and descriptive.
-* Give a good description of the change being made. Since this is very subjective, see the [Updating Your Pull Request (PR)](#updating-your-pull-request-pr) section below for further details.
-* Every pull request should be associated with one or more issues. If no issue exists yet, please create your own.
-* Make sure that all applicable issues are mentioned somewhere in the PR description. This can be done by typing # to bring up a list of issues.
-
-### Updating Your Pull Request (PR)
-
-A lot of times, making a PR adhere to the standards above can be difficult. If the maintainers notice anything that we'd like changed, we'll ask you to edit your PR before we merge it. This applies to both the content documented in the PR and the changed contained within the branch being merged. There's no need to open a new PR. Just edit the existing one.
-
-[email]: mailto:opensource@optum.com

data/INDIVIDUAL_CONTRIBUTOR_LICENSE.md

@@ -1,30 +0,0 @@
-# Individual Contributor License Agreement ("Agreement") V2.0
-
-Thank you for your interest in this Optum project (the "PROJECT"). In order to clarify the intellectual property license granted with Contributions from any person or entity, the PROJECT must have a Contributor License Agreement ("CLA") on file that has been signed by each Contributor, indicating agreement to the license terms below. This license is for your protection as a Contributor as well as the protection of the PROJECT and its users; it does not change your rights to use your own Contributions for any other purpose.
-
-You accept and agree to the following terms and conditions for Your present and future Contributions submitted to the PROJECT. In return, the PROJECT shall not use Your Contributions in a way that is inconsistent with stated project goals in effect at the time of the Contribution. Except for the license granted herein to the PROJECT and recipients of software distributed by the PROJECT, You reserve all right, title, and interest in and to Your Contributions.
-1.	Definitions.
-
-"You" (or "Your") shall mean the copyright owner or legal entity authorized by the copyright owner that is making this Agreement with the PROJECT. For legal entities, the entity making a Contribution and all other entities that control, are controlled by, or are under common control with that entity are considered to be a single Contributor. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
-
-"Contribution" shall mean any original work of authorship, including any modifications or additions to an existing work, that is intentionally submitted by You to the PROJECT for inclusion in, or documentation of, any of the products owned or managed by the PROJECT (the "Work"). For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the PROJECT or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the PROJECT for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by You as "Not a Contribution."
-
-2.	Grant of Copyright License.
-
-Subject to the terms and conditions of this Agreement, You hereby grant to the PROJECT and to recipients of software distributed by the PROJECT a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and such derivative works.
-
-3.	Grant of Patent License.
-
-Subject to the terms and conditions of this Agreement, You hereby grant to the PROJECT and to recipients of software distributed by the PROJECT a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by You that are necessarily infringed by Your Contribution(s) alone or by combination of Your Contribution(s) with the Work to which such Contribution(s) was submitted. If any entity institutes patent litigation against You or any other entity (including a cross-claim or counterclaim in a lawsuit) alleging that your Contribution, or the Work to which you have contributed, constitutes direct or contributory patent infringement, then any patent licenses granted to that entity under this Agreement for that Contribution or Work shall terminate as of the date such litigation is filed.
-
-4.	Representations.
-
-    (a)	You represent that you are legally entitled to grant the above license. If your employer(s) has rights to intellectual property that you create that includes your Contributions, you represent that you have received permission to make Contributions on behalf of that employer, that your employer has waived such rights for your Contributions to the PROJECT, or that your employer has executed a separate Corporate CLA with the PROJECT.
-
-    (b)	You represent that each of Your Contributions is Your original creation (see section 6 for submissions on behalf of others). You represent that Your Contribution submissions include complete details of any third-party license or other restriction (including, but not limited to, related patents and trademarks) of which you are personally aware and which are associated with any part of Your Contributions.
-
-5.   You are not expected to provide support for Your Contributions, except to the extent You desire to provide support. You may provide support for free, for a fee, or not at all. Unless required by applicable law or agreed to in writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.
-
-6.  Should You wish to submit work that is not Your original creation, You may submit it to the PROJECT separately from any Contribution, identifying the complete details of its source and of any license or other restriction (including, but not limited to, related patents, trademarks, and license agreements) of which you are personally aware, and conspicuously marking the work as "Submitted on behalf of a third-party: [named here]".
-
-7.  You agree to notify the PROJECT of any facts or circumstances of which you become aware that would make these representations inaccurate in any respect. 

data/NOTICE.txt

@@ -1,9 +0,0 @@
-Legion::Settings(legion-settings)
-Copyright 2021 Optum
-
-Project Description:
-====================
-A gem written to handle LegionIO Settings in a consistent way across extensions
-
-Author(s):
-Esity

data/SECURITY.md

@@ -1,9 +0,0 @@
-# Security Policy
-
-## Supported Versions
-| Version | Supported          |
-| ------- | ------------------ |
-| 1.x.x   | :white_check_mark: |
-
-## Reporting a Vulnerability
-To be added

data/attribution.txt

@@ -1 +0,0 @@
-Add attributions here.

data/lib/legion/settings/validators/legion.rb

@@ -1,29 +0,0 @@
-module Legion
-  module Settings
-    module Validators
-      module Legion
-        def validate_legion_spawn(legion)
-          spawn = legion[:spawn]
-          if is_a_hash?(spawn)
-            if is_an_integer?(spawn[:limit])
-              (spawn[:limit]).positive? ||
-                invalid(legion, 'legion spawn limit must be greater than 0')
-            else
-              invalid(legion, 'legion spawn limit must be an integer')
-            end
-          else
-            invalid(legion, 'legion spawn must be a hash')
-          end
-        end
-
-        def validate_legion(legion)
-          if is_a_hash?(legion)
-            validate_legion_spawn(legion)
-          else
-            invalid(legion, 'legion must be a hash')
-          end
-        end
-      end
-    end
-  end
-end

data/sourcehawk.yml

@@ -1,4 +0,0 @@
-
-config-locations:
-  - https://raw.githubusercontent.com/optum/.github/main/sourcehawk.yml
-