Adds ability to specify a default secret path when loading from vault (…

…#225)
sitture · Sep 12, 2024 · fad43d7 · fad43d7
1 parent 689ac8e
commit fad43d7
Show file tree

Hide file tree

Showing 20 changed files with 434 additions and 289 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,12 @@ All notable changes to this project are documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## 1.9.0
+
+### Updates
+
+- Adds ability to specify a default secret path when loading from vault.
+
 ## 1.8.0
 
 ### Updates

diff --git a/README.md b/README.md
@@ -44,20 +44,21 @@ compile 'com.github.sitture:env-config:${version}'
 
 ## Configuration
 
-| system property                | environment variable           | description                                                                                                                                               |
-|--------------------------------|--------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `env.config.path`              | `ENV_CONFIG_PATH`              | The base directory where the configuration files are lived. **default:** `config` directory under the project.                                            |
-| `env.config.environment`       | `ENV_CONFIG_ENVIRONMENT`       | The environment to activate. **default:** `default` directory under the base configuration directory.                                                     |
-| `env.config.profiles.path`     | `ENV_CONFIG_PROFILES_PATH`     | The base directory where the profile based configuration files are lived. **default:** `${env.config.path}/${env.config.environment}/`                    |
-| `env.config.profile`           | `ENV_CONFIG_PROFILE`           | The profile to activate from the active environment directory.                                                                                            |
-| `env.config.keepass.enabled`   | `ENV_CONFIG_KEEPASS_ENABLED`   | Whether to load properties from a keepass file. **default:** `false`                                                                                      |
-| `env.config.keepass.filename`  | `ENV_CONFIG_KEEPASS_FILENAME`  | The keepass filename to load from the resources folder (src/main/resources). **default:** the root project directory name. i.e. `project.build.directory` |
-| `env.config.keepass.masterkey` | `ENV_CONFIG_KEEPASS_MASTERKEY` | The password to open the keepass file. This is required if `env.config.keepass.enabled=true`.                                                             |
-| `env.config.vault.enabled`     | `ENV_CONFIG_VAULT_ENABLED`     | Whether to load properties from a vault secret. **default:** `false`                                                                                      |
-| `env.config.vault.address`     | `ENV_CONFIG_VAULT_ADDRESS`     | The host address of the vault instance. This is required if `env.config.vault.enabled=true`.                                                              |
-| `env.config.vault.namespace`   | `ENV_CONFIG_VAULT_NAMESPACE`   | The vault namespace to look for secrets. This is required if `env.config.vault.enabled=true`.                                                             |
-| `env.config.vault.secret.path` | `ENV_CONFIG_VAULT_SECRET_PATH` | The base secret path for the project. This is required if `env.config.vault.enabled=true`.                                                                |
-| `env.config.vault.token`       | `ENV_CONFIG_VAULT_TOKEN`       | The vault token used for authentication. This is required if `env.config.vault.enabled=true`.                                                             |
+| system property                        | environment variable                   | description                                                                                                                                               |
+|----------------------------------------|----------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `env.config.path`                      | `ENV_CONFIG_PATH`                      | The base directory where the configuration files are lived. **default:** `config` directory under the project.                                            |
+| `env.config.environment`               | `ENV_CONFIG_ENVIRONMENT`               | The environment to activate. **default:** `default` directory under the base configuration directory.                                                     |
+| `env.config.profiles.path`             | `ENV_CONFIG_PROFILES_PATH`             | The base directory where the profile based configuration files are lived. **default:** `${env.config.path}/${env.config.environment}/`                    |
+| `env.config.profile`                   | `ENV_CONFIG_PROFILE`                   | The profile to activate from the active environment directory.                                                                                            |
+| `env.config.keepass.enabled`           | `ENV_CONFIG_KEEPASS_ENABLED`           | Whether to load properties from a keepass file. **default:** `false`                                                                                      |
+| `env.config.keepass.filename`          | `ENV_CONFIG_KEEPASS_FILENAME`          | The keepass filename to load from the resources folder (src/main/resources). **default:** the root project directory name. i.e. `project.build.directory` |
+| `env.config.keepass.masterkey`         | `ENV_CONFIG_KEEPASS_MASTERKEY`         | The password to open the keepass file. This is required if `env.config.keepass.enabled=true`.                                                             |
+| `env.config.vault.enabled`             | `ENV_CONFIG_VAULT_ENABLED`             | Whether to load properties from a vault secret. **default:** `false`                                                                                      |
+| `env.config.vault.address`             | `ENV_CONFIG_VAULT_ADDRESS`             | The host address of the vault instance. This is required if `env.config.vault.enabled=true`.                                                              |
+| `env.config.vault.namespace`           | `ENV_CONFIG_VAULT_NAMESPACE`           | The vault namespace to look for secrets. This is required if `env.config.vault.enabled=true`.                                                             |
+| `env.config.vault.default.secret.path` | `ENV_CONFIG_VAULT_DEFAULT_SECRET_PATH` | The base secret path for the project. This is optional when there's a shared secret across multiple projects.                                             |
+| `env.config.vault.secret.path`         | `ENV_CONFIG_VAULT_SECRET_PATH`         | The base secret path for the project. This is required if `env.config.vault.enabled=true`.                                                                |
+| `env.config.vault.token`               | `ENV_CONFIG_VAULT_TOKEN`               | The vault token used for authentication. This is required if `env.config.vault.enabled=true`.                                                             |
 
 ## Configuration precedence
 

diff --git a/pom.xml b/pom.xml
@@ -5,7 +5,7 @@
 	<groupId>com.github.sitture</groupId>
 	<artifactId>env-config</artifactId>
 	<packaging>jar</packaging>
-	<version>1.8.0</version>
+	<version>1.9.0</version>
 
 	<name>env-config</name>
 	<description>A simple utility to manage environment configs in Java-based projects by merging *.properties files with environment variables overrides.</description>

diff --git a/src/main/java/com/github/sitture/envconfig/EnvConfig.java b/src/main/java/com/github/sitture/envconfig/EnvConfig.java
@@ -1,11 +1,10 @@
 package com.github.sitture.envconfig;
 
-import org.apache.commons.configuration2.CompositeConfiguration;
-
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
 import java.util.TreeMap;
+import org.apache.commons.configuration2.CompositeConfiguration;
 
 public final class EnvConfig extends EnvConfigLoader {
 
@@ -86,7 +85,7 @@ private static Optional<String> getProperty(final String property) {
      */
     public static String getOrThrow(final String property) {
         return getProperty(property)
-                .orElseThrow(() -> new EnvConfigException("Missing required key '" + property + "'"));
+            .orElseThrow(() -> new EnvConfigException("Missing required key '" + property + "'"));
     }
 
     /**

diff --git a/src/main/java/com/github/sitture/envconfig/EnvConfigFileList.java b/src/main/java/com/github/sitture/envconfig/EnvConfigFileList.java
@@ -18,7 +18,7 @@ public List<File> listFiles() {
         final File configDir = configPath.toFile();
         if (!configDir.exists() || !configDir.isDirectory()) {
             throw new EnvConfigException(
-                    "'" + configPath + "' does not exist or not a valid config directory!");
+                "'" + configPath + "' does not exist or not a valid config directory!");
         }
         return getConfigProperties(configDir);
     }

diff --git a/src/main/java/com/github/sitture/envconfig/EnvConfigKey.java b/src/main/java/com/github/sitture/envconfig/EnvConfigKey.java
@@ -0,0 +1,34 @@
+package com.github.sitture.envconfig;
+
+enum EnvConfigKey {
+
+    CONFIG_PATH("env.config.path"),
+    CONFIG_ENV("env.config.environment"),
+    CONFIG_PROFILE("env.config.profile"),
+    CONFIG_PROFILES_PATH("env.config.profiles.path"),
+    CONFIG_KEEPASS_ENABLED("env.config.keepass.enabled"),
+    CONFIG_KEEPASS_FILENAME("env.config.keepass.filename"),
+    CONFIG_KEEPASS_MASTERKEY("env.config.keepass.masterkey"),
+    CONFIG_VAULT_ENABLED("env.config.vault.enabled"),
+    CONFIG_VAULT_ADDRESS("env.config.vault.address"),
+    CONFIG_VAULT_NAMESPACE("env.config.vault.namespace"),
+    CONFIG_VAULT_DEFAULT_PATH("env.config.vault.default.secret.path"),
+    CONFIG_VAULT_SECRET_PATH("env.config.vault.secret.path"),
+    CONFIG_VAULT_TOKEN("env.config.vault.token"),
+    CONFIG_VAULT_VALIDATE_MAX_RETRIES("env.config.vault.validate.token.max.retries");
+
+    private final String property;
+
+    EnvConfigKey(final String property) {
+        this.property = property;
+    }
+
+    public String getProperty() {
+        return this.property;
+    }
+
+    public String getEnvProperty() {
+        return EnvConfigUtils.getProcessedEnvKey(this.property);
+    }
+
+}
diff --git a/src/main/java/com/github/sitture/envconfig/EnvConfigLoader.java b/src/main/java/com/github/sitture/envconfig/EnvConfigLoader.java
@@ -1,5 +1,9 @@
 package com.github.sitture.envconfig;
 
+import java.io.File;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 import org.apache.commons.configuration2.CompositeConfiguration;
 import org.apache.commons.configuration2.Configuration;
 import org.apache.commons.configuration2.MapConfiguration;
@@ -8,11 +12,6 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.io.File;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
 class EnvConfigLoader {
 
     private static final Logger LOG = LoggerFactory.getLogger(EnvConfigLoader.class);
@@ -43,7 +42,10 @@ private void loadVaultConfigurations(final List<String> environments) {
             final String namespace = vaultProperties.getNamespace();
             LOG.debug("Loading config from vault {} namespace {}", address, namespace);
             final VaultConfiguration entries = new VaultConfiguration(vaultProperties);
-            environments.forEach(env -> this.configuration.addConfiguration(entries.getConfiguration(env)));
+            environments.forEach(env -> {
+                this.configuration.addConfiguration(entries.getConfiguration(env, vaultProperties.getSecretPath()));
+                vaultProperties.getDefaultPath().ifPresent(path -> this.configuration.addConfiguration(entries.getConfiguration(env, path)));
+            });
         }
     }
 
@@ -65,17 +67,17 @@ private void loadEnvConfigurations(final Map<String, Configuration> configuratio
         final Configuration currentEnvironment = configurationMap.get(this.configProperties.getCurrentEnvironment());
         currentEnvironment.getKeys().forEachRemaining(key -> {
             if (envOverrides.containsKey(key)
-                    && envOverrides.getProperty(key).equals(currentEnvironment.getString(key))) {
+                && envOverrides.getProperty(key).equals(currentEnvironment.getString(key))) {
                 envOverrides.clearProperty(key);
             }
         });
         if (!EnvConfigUtils.CONFIG_ENV_DEFAULT.equals(this.configProperties.getCurrentEnvironment())) {
             final Configuration defaultEnvironment = configurationMap.get(EnvConfigUtils.CONFIG_ENV_DEFAULT);
             defaultEnvironment.getKeys().forEachRemaining(key -> {
                 if (envOverrides.containsKey(key)
-                        && envOverrides.getProperty(key).equals(defaultEnvironment.getString(key))
-                        && (!currentEnvironment.containsKey(key) || configurationMap.size() > ENVIRONMENTS_WITH_PARENT)) {
-                        envOverrides.clearProperty(key);
+                    && envOverrides.getProperty(key).equals(defaultEnvironment.getString(key))
+                    && (!currentEnvironment.containsKey(key) || configurationMap.size() > ENVIRONMENTS_WITH_PARENT)) {
+                    envOverrides.clearProperty(key);
                 }
             });
         }
@@ -86,14 +88,14 @@ private void loadEnvConfigurations(final Map<String, Configuration> configuratio
     private Map<String, Configuration> getEnvironmentProfileConfiguration(final List<String> environments, final String configProfile) {
         final Map<String, Configuration> configurationMap = new HashMap<>();
         environments.forEach(env -> configurationMap.put(
-                env, getConfiguration(new EnvConfigProfileFileList(this.configProperties.getConfigProfilePath(env, configProfile)))));
+            env, getConfiguration(new EnvConfigProfileFileList(this.configProperties.getConfigProfilePath(env, configProfile)))));
         return configurationMap;
     }
 
     private Map<String, Configuration> getEnvironmentConfiguration(final List<String> environments) {
         final Map<String, Configuration> configurationMap = new HashMap<>();
         environments.forEach(env -> configurationMap.put(
-                env, getConfiguration(new EnvConfigFileList(this.configProperties.getConfigPath(env)))));
+            env, getConfiguration(new EnvConfigFileList(this.configProperties.getConfigPath(env)))));
         return configurationMap;
     }
 
@@ -103,7 +105,7 @@ private Configuration getConfiguration(final EnvConfigFileList fileList) {
         }
         final CompositeConfiguration configuration = new CompositeConfiguration();
         fileList.listFiles().forEach(file ->
-                configuration.addConfiguration(getFileConfigurationMap(file)));
+            configuration.addConfiguration(getFileConfigurationMap(file)));
         return configuration;
     }