docbox-management 0.12.0

Management core library for managing docbox used by the cli and other tools
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

use aws_config::SdkConfig;
use docbox_core::{
    search::SearchIndexFactoryConfig,
    secrets::{
        SecretManager, SecretManagerError, SecretsManagerConfig,
        aws::{AwsSecretManagerConfig, AwsSecretsManagerConfigError},
    },
    storage::StorageLayerFactoryConfig,
};
use serde::{Deserialize, Serialize};
use thiserror::Error;

/// Administrative database credentials configuration used for managing the database
#[derive(Clone, Deserialize, Serialize)]
pub struct AdminDatabaseConfiguration {
    /// Host of the database
    pub host: String,
    /// Port of the database
    pub port: u16,
    /// Setup user configuration if using an inline one
    pub setup_user: Option<AdminDatabaseSetupUserConfig>,
    /// Name of the setup user secret if using one
    pub setup_user_secret_name: Option<String>,

    /// Name of the secrets manager secret to use when connecting to
    /// the root "docbox" database if using secret based authentication
    pub root_secret_name: Option<String>,

    /// Whether to use IAM authentication instead of secret based
    /// authentication for connecting to the root database
    #[serde(default)]
    pub root_iam: bool,
}

/// Setup user configuration
#[derive(Clone, Deserialize, Serialize)]
pub struct AdminDatabaseSetupUserConfig {
    /// Username for the database account
    #[serde(alias = "user")]
    pub username: String,
    /// Password for the database account
    pub password: String,
}

/// Configuration for accessing the docbox API
#[derive(Clone, Deserialize, Serialize)]
pub struct ApiConfig {
    /// URL of the docbox server
    pub url: String,
    /// API key to access the server with
    pub api_key: Option<String>,
}

/// Configuration for operating on a docbox server
#[derive(Clone, Deserialize, Serialize)]
pub struct ServerConfigData {
    /// Config for accessing the docbox API
    pub api: ApiConfig,
    /// Database configuration
    pub database: AdminDatabaseConfiguration,
    /// Secret manager configuration
    pub secrets: SecretsManagerConfig,
    /// Search index configuration
    pub search: SearchIndexFactoryConfig,
    /// Storage backend configuration
    pub storage: StorageLayerFactoryConfig,
}

#[derive(Debug, Error)]
pub enum ServerConfigDataSecretError {
    #[error("failed to load secret manager from env: {0}")]
    SecretManager(AwsSecretsManagerConfigError),

    #[error("failed to load secret: {0}")]
    Secret(SecretManagerError),

    #[error("secret not found")]
    SecretNotFound,
}

/// Load a [ServerConfigData] from the AWS secret manager
pub async fn load_server_config_data_secret(
    aws_config: &SdkConfig,
    secret_name: &str,
) -> Result<ServerConfigData, ServerConfigDataSecretError> {
    let secrets = SecretManager::from_config(
        aws_config,
        SecretsManagerConfig::Aws(
            AwsSecretManagerConfig::from_env()
                .map_err(ServerConfigDataSecretError::SecretManager)?,
        ),
    );

    secrets
        .parsed_secret(secret_name)
        .await
        .map_err(ServerConfigDataSecretError::Secret)?
        .ok_or(ServerConfigDataSecretError::SecretNotFound)
}