From 7228695ee288012103355589caa1ab5dd666b164 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Mon, 15 Jan 2024 17:18:46 +0100
Subject: config: refactor secret sourcing

---
 src/garage/main.rs | 58 ++----------------------------------------------------
 1 file changed, 2 insertions(+), 56 deletions(-)

(limited to 'src/garage/main.rs')

diff --git a/src/garage/main.rs b/src/garage/main.rs
index a9f1ad29..d89762e4 100644
--- a/src/garage/main.rs
+++ b/src/garage/main.rs
@@ -7,6 +7,7 @@ extern crate tracing;
 mod admin;
 mod cli;
 mod repair;
+mod secrets;
 mod server;
 #[cfg(feature = "telemetry-otlp")]
 mod tracing_setup;
@@ -25,7 +26,6 @@ use structopt::StructOpt;
 use netapp::util::parse_and_resolve_peer_addr;
 use netapp::NetworkKey;
 
-use garage_util::config::{read_secret_file, Config};
 use garage_util::error::*;
 
 use garage_rpc::system::*;
@@ -35,6 +35,7 @@ use garage_model::helper::error::Error as HelperError;
 
 use admin::*;
 use cli::*;
+use secrets::Secrets;
 
 #[derive(StructOpt, Debug)]
 #[structopt(
@@ -63,39 +64,6 @@ struct Opt {
 	cmd: Command,
 }
 
-#[derive(StructOpt, Debug)]
-pub struct Secrets {
-	/// RPC secret network key, used to replace rpc_secret in config.toml when running the
-	/// daemon or doing admin operations
-	#[structopt(short = "s", long = "rpc-secret", env = "GARAGE_RPC_SECRET")]
-	pub rpc_secret: Option<String>,
-
-	/// RPC secret network key, used to replace rpc_secret in config.toml and rpc-secret
-	/// when running the daemon or doing admin operations
-	#[structopt(long = "rpc-secret-file", env = "GARAGE_RPC_SECRET_FILE")]
-	pub rpc_secret_file: Option<String>,
-
-	/// Admin API authentication token, replaces admin.admin_token in config.toml when
-	/// running the Garage daemon
-	#[structopt(long = "admin-token", env = "GARAGE_ADMIN_TOKEN")]
-	pub admin_token: Option<String>,
-
-	/// Admin API authentication token file path, replaces admin.admin_token in config.toml
-	/// and admin-token when running the Garage daemon
-	#[structopt(long = "admin-token-file", env = "GARAGE_ADMIN_TOKEN_FILE")]
-	pub admin_token_file: Option<String>,
-
-	/// Metrics API authentication token, replaces admin.metrics_token in config.toml when
-	/// running the Garage daemon
-	#[structopt(long = "metrics-token", env = "GARAGE_METRICS_TOKEN")]
-	pub metrics_token: Option<String>,
-
-	/// Metrics API authentication token file path, replaces admin.metrics_token in config.toml
-	/// and metrics-token when running the Garage daemon
-	#[structopt(long = "metrics-token-file", env = "GARAGE_METRICS_TOKEN_FILE")]
-	pub metrics_token_file: Option<String>,
-}
-
 #[tokio::main]
 async fn main() {
 	// Initialize version and features info
@@ -273,25 +241,3 @@ async fn cli_command(opt: Opt) -> Result<(), Error> {
 		Ok(x) => Ok(x),
 	}
 }
-
-fn fill_secrets(mut config: Config, secrets: Secrets) -> Result<Config, Error> {
-	if secrets.rpc_secret.is_some() {
-		config.rpc_secret = secrets.rpc_secret;
-	} else if secrets.rpc_secret_file.is_some() {
-		config.rpc_secret = Some(read_secret_file(&secrets.rpc_secret_file.unwrap())?);
-	}
-
-	if secrets.admin_token.is_some() {
-		config.admin.admin_token = secrets.admin_token;
-	} else if secrets.admin_token_file.is_some() {
-		config.admin.admin_token = Some(read_secret_file(&secrets.admin_token_file.unwrap())?);
-	}
-
-	if secrets.metrics_token.is_some() {
-		config.admin.metrics_token = secrets.metrics_token;
-	} else if secrets.metrics_token_file.is_some() {
-		config.admin.metrics_token = Some(read_secret_file(&secrets.metrics_token_file.unwrap())?);
-	}
-
-	Ok(config)
-}
-- 
cgit v1.2.3