#[ cfg( feature = "secrets" ) ]
fn main() -> Result< (), workspace_tools ::WorkspaceError >
{
if std ::env ::var( "WORKSPACE_PATH" ).is_err()
{
println!( "setting WORKSPACE_PATH to current directory for demo" );
std ::env ::set_var( "WORKSPACE_PATH", std ::env ::current_dir().unwrap() );
}
let ws = workspace_tools ::workspace()?;
println!( "workspace root: {}", ws.root().display() );
let secret_dir = ws.secret_dir();
std ::fs ::create_dir_all( &secret_dir ).map_err( | e | workspace_tools ::WorkspaceError ::IoError( e.to_string() ) )?;
let secret_file = secret_dir.join( "-secrets.sh" );
let secret_content = r"# application secrets (shell format)
API_KEY=your_api_key_here
DATABASE_URL=postgresql: //user: pass@localhost/db
# optional secrets
REDIS_URL=redis: //localhost: 6379
";
std ::fs ::write( &secret_file, secret_content ).map_err( | e | workspace_tools ::WorkspaceError ::IoError( e.to_string() ) )?;
println!( "created example secret file: {}", secret_file.display() );
println!( "\nloading secrets from file: " );
let secrets = ws.load_secrets_from_file( "-secrets.sh" )?;
for ( key, value ) in &secrets
{
let masked_value = if value.len() > 8
{
format!( "{}...", &value[ ..8 ] )
}
else
{
"***".to_string()
};
println!( " {key} : {masked_value}" );
}
println!( "\nloading specific secret keys: " );
match ws.load_secret_key( "API_KEY", "-secrets.sh" )
{
Ok( key ) => println!( " API_KEY loaded (length: {})", key.len() ),
Err( e ) => println!( " failed to load API_KEY: {e}" ),
}
std ::env ::set_var( "ENV_SECRET", "from_environment" );
match ws.load_secret_key( "ENV_SECRET", "-secrets.sh" )
{
Ok( key ) => println!( " ENV_SECRET from environment: {key}" ),
Err( e ) => println!( " failed to load ENV_SECRET: {e}" ),
}
let _ = std ::fs ::remove_file( &secret_file );
let _ = std ::fs ::remove_dir( &secret_dir );
Ok( () )
}
#[ cfg( not( feature = "secrets" ) ) ]
fn main()
{
println!( "this example requires the 'secrets' feature" );
println!( "run with: cargo run --example secret_management --features secrets" );
}