args4c

A convenience mix-in utility for a main entry point.

It parsed the user arguments using the default config (which is ConfigFactory.load() but w/ system environment variables overlaid)

If the config has a 'show=' in it, then that path will be printed out and the program with return.

e.g. MyAppWhichExtendsConfigApp show=myapp.database.url

will display the value of myapp.database.url

It also interprets a single '--setup' to enable the configuration of sensitive configuration entries into a locally encrypted file.

Subsequent runs of your application would then use '--secure=path/to/encrypted.conf' to load that encrypted configuration and either take the password from an environment variable or standard input.

For example, running 'MyApp --setup' would then prompt like this:

Save secure config to (/opt/etc/myapp/.config/secure.conf):config/secure.conf
Config Permissions (defaults to rwx------): rwxrw----
Add config path in the form <key>=<value> (leave blank when finished):myapp.secure.password=hi
Add config path in the form <key>=<value> (leave blank when finished):myapp.another.config.entry=123
Add config path in the form <key>=<value> (leave blank when finished):
Config Password:password

Then, running 'MyApp --secure=config/secure.conf -myapp.whocares=visible -show=myapp'

would prompt for the password from standard input, then produce the following, hiding the values which were present in the secure config:

myapp.another.config.entry : **** obscured **** # secure.conf: 1
myapp.secure.password : **** obscured **** # secure.conf: 1
myapp.whocares : visible # command-line

NOTE: even though the summary obscures the values, they ARE present as PLAIN TEXT STRINGS in the configuration, so take care in limiting the scope of where the configuration is used, either by filtering back out those values, otherwise separating the secure config from the remaining config, or just ensuring to limit the scope of the config itself.

Represents a request for user input when configuring the 'sensitive configurations'

Adds some scala utility around a typesafe config

Exposes new operations on a 'config'

Makes available a means to initialize a sensitive, encrypted config file via SecureConfig.setupSecureConfig and ConfigApp.secureConfigForArgs

The idea is that a (service) user-only readable, password-protected AES encrypted config file can be set up via reading entries from standard input, and an application an use those configuration entries thereafter by taking the password from standard input.

An object returned from a dynamic select

Exposes the entry point for using a RichConfig,

mostly for converting user-args into a config

A means to get a values from user prompts in order to set up a secure configuration

Given the user arguments, produce a loaded configuration which interprets the user-args from left to right as:

$ a configuration file on the classpath or file system $ a key=value pair

Left-most values take precedence over right

trims and unquotes a string (the single quotes is mine - added to demonstrate the full text):

'"quoted"'     becomes: 'quoted'
'  "quoted"  ' becomes: 'quoted'
'quoted"  '    is unchanged: 'quoted"  '
'"quoted '     is unchanged: 'quoted"  '