Expand description
Router configuration loader per ADR-021 §2.
The router maps an ADR-020 path to a (source, reference) pair.
Its configuration is global and lives at
<config_dir>/devboy-tools/secrets/sources.toml (the ADR text
abbreviates this to ~/.devboy/secrets/sources.toml).
This module parses and validates that file. The actual
resolution algorithm — “which source serves this path?” — is
the next phase (P5.3) and lives in crate::router_resolve.
Splitting parse from resolve keeps the loader testable in
isolation and lets the config be inspected by doctor without
committing to a runtime decision.
§File layout
# Source definitions — one per backend instance.
[[source]]
name = "keychain"
type = "keychain"
[[source]]
name = "1p-personal"
type = "1password"
account = "personal.example.1password.com"
[[source]]
name = "vault-team"
type = "vault"
addr = "https://vault.example.internal/"
mount = "secret"
# The default route — used when no [[route]] prefix matches.
[default]
source = "keychain"
fallback = "local-vault" # optional, see ADR-021 §8
# Prefix routes — longest match wins.
[[route]]
prefix = "team/"
source = "vault-team"
mount = "secret/data/team" # source-specific extra
# Per-secret override — explicit (source, reference) for one path.
[secret."client-acme/jira/api-key"]
source = "1p-personal"
reference = "op://Work/Acme Jira/credential"Per-source and per-route extra fields are kept verbatim as
toml::Value; concrete source plugins (P6) parse them into
their own typed config when they’re constructed. The router
itself never inspects them.
§Validation
RouterConfig::parse returns a typed config when:
- source names are non-empty and
^[a-z0-9][a-z0-9_-]*$, - no two
[[source]]blocks share a name, default.sourceanddefault.fallback(when set) reference defined sources,- every
[[route]].sourcereferences a defined source, - every
[[route]].prefixends with/, - no two
[[route]]blocks share a prefix, - every
[secret."<path>"]key parses as aSecretPath, - every
[secret."<path>"].sourcereferences a defined source.
Anything else is left to P5.3 / P5.5 (e.g. the source-credential recursion check).
Structs§
- Default
Route [default]block.- Route
Rule - One
[[route]]block. - Router
Config - Parsed + validated router configuration.
- Secret
Override [secret."<path>"]block — explicit override for one path.- Source
Definition - One
[[source]]block.
Enums§
- Router
Config Error - Failure modes when loading or validating a
RouterConfig. - Source
Access - Access mode for one
[[source]]— a capability mask layered over whatever the source plugin declares.
Constants§
- SOURCES_
FILENAME - Filename of the router config inside
SECRETS_SUBDIR.