secretsmanager/config/config.go

package config

import (
	"log"
	"os"

	"github.com/creasty/defaults"
)

type Config struct {
	VaultAddr             string `default:"https://prod.sm.eu01.stackit.cloud" env:"VAULT_ADDR"`
	VaultUsername         string `env:"VAULT_USERNAME"`
	VaultPassword         string `env:"VAULT_PASSWORD"`
	VaultSecretsManagerID string `env:"VAULT_ID"`
	VaultPath             string `env:"VAULT_PATH"`
	Debug                 bool   `default:"false" env:"DEBUG"`
}

// DebugLog prints debug messages only if DEBUG is enabled
func DebugLog(format string, args ...interface{}) {
	if os.Getenv("DEBUG") == "true" {
		log.Printf("DEBUG: "+format, args...)
	}
}

// InfoLog prints info messages only if DEBUG is enabled
func InfoLog(format string, args ...interface{}) {
	if os.Getenv("DEBUG") == "true" {
		log.Printf("INFO: "+format, args...)
	}
}

// ErrorLog prints error messages only if DEBUG is enabled
func ErrorLog(format string, args ...interface{}) {
	if os.Getenv("DEBUG") == "true" {
		log.Printf("ERROR: "+format, args...)
	}
}

// FatalLog always prints fatal messages and exits
func FatalLog(format string, args ...interface{}) {
	log.Fatalf("FATAL: "+format, args...)
}

func ValidateConfig(
	cfg Config,
) Config {
	defaults.Set(&cfg)

	if cfg.VaultAddr == "" {
		FatalLog("VAULT_ADDR cannot be empty")
	}

	if cfg.VaultUsername == "" {
		FatalLog("VAULT_USERNAME cannot be empty")
	}

	if cfg.VaultPassword == "" {
		FatalLog("VAULT_PASSWORD cannot be empty")
	}

	if cfg.VaultSecretsManagerID == "" {
		FatalLog("VAULT_ID cannot be empty, in the Secrets Manager UI this is called 'Secrets Manager-ID'")
	}

	if cfg.VaultPath == "" {
		FatalLog("VAULT_SECRET cannot be empty, this is the key of your secret")
	}

	InfoLog("Using Vault address: %s", cfg.VaultAddr)
	InfoLog("Vault path: %s", cfg.VaultPath)
	InfoLog("Mount: %s", cfg.VaultSecretsManagerID)

	return cfg
}