trait ConfigApp extends LowPriorityArgs4cImplicits
A convenience mix-in utility for a main entry point.
It parsed the user arguments using the default config (which is ConfigFactory.load() but w/ system environment variables overlaid)
If the config has a 'show=<path>' in it, then that path will be printed out and the program with return.
e.g. MyAppWhichExtendsConfigApp show=myapp.database.url
will display the value of myapp.database.url
It also interprets a single '--setup' to enable the configuration of sensitive configuration entries into a locally encrypted file.
Subsequent runs of your application would then use '--secure=path/to/encrypted.conf' to load that encrypted configuration and either take the password from an environment variable or standard input.
For example, running 'MyApp --setup' would then prompt like this:
Save secure config to (/opt/etc/myapp/.config/secure.conf):config/secure.conf
Config Permissions (defaults to rwx------): rwxrw----
Add config path in the form <key>=<value> (leave blank when finished):myapp.secure.password=hi
Add config path in the form <key>=<value> (leave blank when finished):myapp.another.config.entry=123
Add config path in the form <key>=<value> (leave blank when finished):
Config Password:password
Then, running 'MyApp --secure=config/secure.conf -myapp.whocares=visible -show=myapp'
would prompt for the password from standard input, then produce the following, hiding the values which were present in the secure config:
myapp.another.config.entry : **** obscured **** # secure.conf: 1 myapp.secure.password : **** obscured **** # secure.conf: 1 myapp.whocares : visible # command-line
NOTE: even though the summary obscures the values, they ARE present as PLAIN TEXT STRINGS in the configuration, so take care in limiting the scope of where the configuration is used, either by filtering back out those values, otherwise separating the secure config from the remaining config, or just ensuring to limit the scope of the config itself.
- Alphabetic
- By Inheritance
- ConfigApp
- LowPriorityArgs4cImplicits
- AnyRef
- Any
- Hide All
- Show All
- Public
- All
Type Members
- abstract type Result
The result of running this application
- case class SecureConfigDoesntExist(path: Path) extends SecureConfigState with Product with Serializable
- Attributes
- protected
- case class SecureConfigParsed(path: Path, config: Config) extends SecureConfigState with Product with Serializable
- Attributes
- protected
- sealed abstract class SecureConfigState extends AnyRef
Represents the state of the '--secure' config
Represents the state of the '--secure' config
- Attributes
- protected
- implicit class RichArgs extends AnyRef
- Definition Classes
- LowPriorityArgs4cImplicits
- implicit class RichString extends AnyRef
- Definition Classes
- LowPriorityArgs4cImplicits
Abstract Value Members
Concrete Value Members
- final def !=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def ##(): Int
- Definition Classes
- AnyRef → Any
- final def ==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def asInstanceOf[T0]: T0
- Definition Classes
- Any
- def clone(): AnyRef
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.CloneNotSupportedException]) @native()
- implicit def configAsRichConfig(c: Config): RichConfig
- Definition Classes
- LowPriorityArgs4cImplicits
- val configKeyForRequiredEntries: String
- Attributes
- protected
- def defaultConfig(): Config
- returns
the default config to overlay the user args over.
- def defaultIgnoreDefaultSecureConfigArg: String
- returns
he command-line argument flag which tells the application NOT to load the default secure config file if it exists. e.g., try running the app without the secure config.
- Attributes
- protected
- def defaultSecureConfigArgFlag: String
- returns
the command-line argument to specify the path to an encrypted secure config file (e.g. MyApp --secure=.passwords.conf)
- Attributes
- protected
- def defaultSetupUserArgFlag: String
- returns
the flag which should indicate that we should prompt to setup secure configurations
- Attributes
- protected
- final def eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- def equals(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef → Any
- def finalize(): Unit
- Attributes
- protected[java.lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.Throwable])
- final def getClass(): Class[_ <: AnyRef]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
- def hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
- final def isInstanceOf[T0]: Boolean
- Definition Classes
- Any
- def isSetupSpecified(userArgs: Array[String], setupArg: String): Boolean
- Attributes
- protected
- def main(args: Array[String]): Unit
exposes a main entry point which will then:
exposes a main entry point which will then:
1) parse the user args as a configuration 2) check the user args if we should just 'show' a particular configuration setting (obscuring sensitive entries) 3) check the user args if we should run 'setup' to configure an encrypted configuration
- args
the user arguments
- def missingRequiredConfigEntriesForConfig(resolvedConfig: Config): Seq[String]
- resolvedConfig
the configuration we are to run with
- returns
any paths for invalid/missing configurations (e.g. a 'password' field is left empty, or a hostPort field)
- final def ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- final def notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- final def notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- def obscure(securePathsOpt: Option[Seq[String]])(configPath: String, value: String): String
- Attributes
- protected
- def onUnrecognizedUserArg(allowedArgs: Set[String])(arg: String): Config
- Attributes
- protected
- def pathToSecureConfigFromArgs(userArgs: Array[String], pathToSecureConfigArg: String): Option[String]
- Attributes
- protected
- def runMain(userArgs: Array[String], setupUserArgFlag: String = defaultSetupUserArgFlag, ignoreDefaultSecureConfigArg: String = defaultIgnoreDefaultSecureConfigArg, pathToSecureConfigArgFlag: String = defaultSecureConfigArgFlag): Option[Result]
launch the application, which will create a typesafe config instance from the user arguments by :
launch the application, which will create a typesafe config instance from the user arguments by :
$ try to parse the user arguments into a config entry, interpreting them as key=value pairs or locations of config files $ try to load an encrypted 'secure' config if one has been setup to overlay over the other config $ try to map system environment variables as lowercase dot-separated paths so e.g. (FOO_BAR=x) can be used to override foo.bar
In addition to providing a configuration from the user arguments and environment variables, the user arguments are also checked for one of three special arguments:
$ The argument 'show=<key substring>' flag, in which case the configuration matching <key substring> is shown. This can be especially convenient to verify the right config values are picked up if there are multiple arguments, such as alternative property files, key=value pairs, etc.
$ The argument '--setup' in order to populate a password-encrypted secure config file from standard input. For example, running "MyMainEntryPoint --setup" will proceed to prompt the user for config entries which will be saved in a password-encrypted file with restricted permissions. Subsequent runs of the application will check for this file, either in the default location or from -secure=<path/to/encrypted/config>
If either the default or specified encrypted files are found, then the password is taken either from the CONFIG_SECRET if set, or else it prompted for from standard input
- userArgs
the user arguments
- setupUserArgFlag
the argument to check for in order to run the secure config setup
- ignoreDefaultSecureConfigArg
the argument which, if 'userArgs' contains this string, then we will NOT try
- pathToSecureConfigArgFlag
the value for the key in the form <key>=<path to secure password config> (e.g. defaults to "--secure", as in --secure=/etc/passwords.conf)
- def runWithConfig(userArgs: Array[String], pathToSecureConfig: Path, secureConfigState: SecureConfigState, parsedConfig: Config): Option[Result]
Exposes a run function which checks the parsedConfig for a 'show' user setting to display the config, otherwise invokes 'run' with the parsed config.
Exposes a run function which checks the parsedConfig for a 'show' user setting to display the config, otherwise invokes 'run' with the parsed config.
This method exposes access to the secure config parse result should the application need to do something with it
- userArgs
the original user args
- pathToSecureConfig
the path where the secure config should be stored
- secureConfigState
the result of the secure config user arguments
- parsedConfig
the total configuration, potentially including the secure config
- Attributes
- protected
- def secureConfig: SecureConfig
- returns
a means to read/write a secure (encrypted) config
- Attributes
- protected
- def secureConfigForArgs(userArgs: Array[String], ignoreDefaultSecureConfigArg: String, pathToSecureConfigArg: String): SecureConfigState
- Attributes
- protected
- def showValue(value: String, config: Config): Unit
displays the value for the given config for when the 'show' command-line arg was specified
displays the value for the given config for when the 'show' command-line arg was specified
- value
the value to show
- config
the config value at a particular path
- Attributes
- protected
- final def synchronized[T0](arg0: => T0): T0
- Definition Classes
- AnyRef
- def toString(): String
- Definition Classes
- AnyRef → Any
- final def wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException]) @native()
- object SecureConfigNotSpecified extends SecureConfigState with Product with Serializable
- Attributes
- protected