locket 0.17.3

Helper tool for secret injection as a process dependency
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

use crate::provider::{
    AuthToken, ConcurrencyLimit, ProviderError, Signature,
    references::{
        HasReference, InfisicalPath, InfisicalProjectId, InfisicalReference, InfisicalSecretType,
        InfisicalSlug,
    },
};
use async_trait::async_trait;
use clap::Args;
use locket_derive::LayeredConfig;
use serde::{Deserialize, Serialize};
use uuid::Uuid;

#[derive(Debug, Clone, PartialEq, Eq, Hash)]
pub struct InfisicalConfig {
    pub infisical_url: url::Url,
    pub infisical_client_secret: AuthToken,
    pub infisical_client_id: Uuid,
    pub infisical_default_path: InfisicalPath,
    pub infisical_default_secret_type: InfisicalSecretType,
    pub infisical_default_environment: Option<InfisicalSlug>,
    pub infisical_default_project_id: Option<InfisicalProjectId>,
    pub infisical_max_concurrent: ConcurrencyLimit,
}

impl HasReference for InfisicalConfig {
    type Reference = InfisicalReference;
}

#[async_trait]
impl Signature for InfisicalConfig {
    async fn signature(&self) -> Result<u64, ProviderError> {
        self.infisical_client_secret.signature().await
    }
}

#[derive(
    Args, Debug, Clone, Default, LayeredConfig, Deserialize, Serialize, PartialEq, Eq, Hash,
)]
#[serde(rename_all = "kebab-case")]
#[locket(try_into = "InfisicalConfig")]
pub struct InfisicalArgs {
    /// The URL of the Infisical instance to connect to.
    #[arg(long, env = "INFISICAL_URL")]
    #[locket(default = "https://us.infisical.com")]
    pub infisical_url: Option<url::Url>,

    /// The client secret for Universal Auth to authenticate with Infisical.
    ///
    /// Either provide the token directly or via a file with `file:` prefix
    #[arg(long, env = "INFISICAL_CLIENT_SECRET", hide_env_values = true)]
    pub infisical_client_secret: Option<AuthToken>,

    /// The client ID for Universal Auth to authenticate with Infisical.
    #[arg(long, env = "INFISICAL_CLIENT_ID")]
    pub infisical_client_id: Option<Uuid>,

    /// The default environment slug to use when one is not specified.
    #[arg(long, env = "INFISICAL_DEFAULT_ENVIRONMENT")]
    pub infisical_default_environment: Option<InfisicalSlug>,

    /// The default project ID to use when one is not specified.
    #[arg(long, env = "INFISICAL_DEFAULT_PROJECT_ID")]
    pub infisical_default_project_id: Option<InfisicalProjectId>,

    /// The default path to use when one is not specified.
    #[arg(long, env = "INFISICAL_DEFAULT_PATH")]
    #[locket(default = "/")]
    pub infisical_default_path: Option<InfisicalPath>,

    /// The default secret type to use when one is not specified.
    #[arg(long, env = "INFISICAL_DEFAULT_SECRET_TYPE")]
    #[locket(default = InfisicalSecretType::Shared)]
    pub infisical_default_secret_type: Option<InfisicalSecretType>,

    /// Maximum allowed concurrent requests to Infisical API.
    #[arg(long, env = "INFISICAL_MAX_CONCURRENT")]
    #[locket(default = ConcurrencyLimit::new(20))]
    pub infisical_max_concurrent: Option<ConcurrencyLimit>,
}