naru-config 0.7.0

A security-first configuration manager with encryption and audit logging
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

use crate::core::persistence;
use crate::core::security;
use anyhow::{anyhow, Result};

pub struct GetCommand {
    pub key: String,
    pub env: String,
}

impl GetCommand {
    pub fn new(key: String, env: String) -> Self {
        GetCommand { key, env }
    }

    pub fn execute(&self) -> Result<()> {
        security::validate_environment_name(&self.env)
            .map_err(|e| anyhow!("Invalid environment name: {}", e))?;
        security::validate_config_key(&self.key)
            .map_err(|e| anyhow!("Invalid config key: {}", e))?;

        persistence::atomic_read_config(|config| {
            let mut config_clone = config.clone();

            // Recursive lookup for inheritance
            let mut current_env = self.env.clone();
            let mut searched_envs = Vec::new();

            while let Some(env_config) = config_clone.environments.get(&current_env).cloned() {
                searched_envs.push(current_env.clone());

                // Check if key exists in this environment
                if env_config.entries.contains_key(&self.key) {
                    // Found it. Need to use cloned config to decrypt if needed.
                    if let Err(e) =
                        persistence::decrypt_if_needed(&mut config_clone, &current_env, &self.key)
                    {
                        return Err(anyhow!("Failed to decrypt value: {}", e));
                    }

                    // Get the decrypted entry from the cloned config
                    if let Some(env_cfg) = config_clone.environments.get(&current_env) {
                        if let Some(entry) = env_cfg.entries.get(&self.key) {
                            if entry.is_secret {
                                println!("********");
                            } else {
                                println!("{}", entry.value);
                            }
                            return Ok(());
                        }
                    }
                }

                // Not found, try parent if it exists
                if let Some(parent) = &env_config.parent {
                    if searched_envs.contains(parent) {
                        return Err(anyhow!(
                            "Circular inheritance detected: {} -> {}",
                            current_env,
                            parent
                        ));
                    }
                    current_env = parent.clone();
                } else {
                    break;
                }
            }

            Err(anyhow!(
                "Key '{}' not found in environment '{}' (searched: {})",
                self.key,
                self.env,
                searched_envs.join(" -> ")
            ))
        })
        .map_err(|e| anyhow!("Read error: {}", e))?
    }
}