config

package
v0.22.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 18, 2026 License: MIT Imports: 12 Imported by: 0

Documentation

Overview

Package config provides application configuration loaded from environment variables.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewLogger 

func NewLogger() *slog.Logger

NewLogger creates a new structured logger. uses JSON format in Lambda, text format elsewhere. sets log level to debug when APP_DEBUG_ENABLED is true.

Types

type Config 

type Config struct {
	// General
	DebugEnabled bool
	BasePath     string
	AdminToken   string

	// GitHub App
	GitHubOrg            string
	GitHubAppID          int64
	GitHubAppPrivateKey  []byte
	GitHubInstallationID int64
	GitHubWebhookSecret  string
	GitHubBaseURL        string

	// PR Compliance
	PRComplianceEnabled bool
	PRMonitoredBranches []string

	// Okta
	OktaDomain                    string
	OktaClientID                  string
	OktaPrivateKey                []byte
	OktaPrivateKeyID              string
	OktaScopes                    []string
	OktaBaseURL                   string
	OktaGitHubUserField           string
	OktaSyncRules                 []domain.SyncRule
	OktaSyncSafetyThreshold       float64
	OktaOrphanedUserNotifications bool

	// Security Alerts
	SecurityAlertsEnabled     bool
	SecurityAlertsMinAgeDays  int
	SecurityAlertsMinSeverity string

	// Slack
	SlackEnabled               bool
	SlackToken                 string
	SlackChannel               string
	SlackChannelPRBypass       string
	SlackChannelOktaSync       string
	SlackChannelOrphanedUsers  string
	SlackChannelSecurityAlerts string
	SlackPRBypassFooterNote    string
	SlackAPIURL                string
}

Config holds all application configuration loaded from environment variables.

func NewConfig 

func NewConfig() (*Config, error)

NewConfig loads configuration from environment variables. returns error if required values are missing or invalid. supports SSM parameter references in format: arn:aws:ssm:REGION:ACCOUNT:parameter/path/to/param

func NewConfigWithContext 

func NewConfigWithContext(ctx context.Context) (*Config, error)

NewConfigWithContext loads configuration from environment variables with the given context. supports SSM parameter resolution with automatic decryption.

func (*Config) IsGitHubConfigured 

func (c *Config) IsGitHubConfigured() bool

IsGitHubConfigured returns true if GitHub App credentials are configured.

func (*Config) IsOktaSyncEnabled 

func (c *Config) IsOktaSyncEnabled() bool

IsOktaSyncEnabled returns true if Okta sync is fully configured.

func (*Config) IsPRComplianceEnabled 

func (c *Config) IsPRComplianceEnabled() bool

IsPRComplianceEnabled returns true if PR compliance checking is enabled.

func (*Config) IsSecurityAlertsEnabled added in v0.22.0 

func (c *Config) IsSecurityAlertsEnabled() bool

IsSecurityAlertsEnabled returns true if security alerts monitoring is enabled and GitHub is configured.

func (*Config) Redacted 

func (c *Config) Redacted() RedactedConfig

Redacted returns a copy of the config with secrets redacted.

func (*Config) ShouldMonitorBranch 

func (c *Config) ShouldMonitorBranch(branch string) bool

ShouldMonitorBranch returns true if the given branch should be monitored for PR compliance.

type RedactedConfig 

type RedactedConfig struct {
	// General
	DebugEnabled bool   `json:"debug_enabled"`
	BasePath     string `json:"base_path"`
	AdminToken   string `json:"admin_token"`

	// GitHub App
	GitHubOrg            string `json:"github_org"`
	GitHubAppID          int64  `json:"github_app_id"`
	GitHubAppPrivateKey  string `json:"github_app_private_key"`
	GitHubInstallationID int64  `json:"github_installation_id"`
	GitHubWebhookSecret  string `json:"github_webhook_secret"`
	GitHubBaseURL        string `json:"github_base_url"`

	// PR Compliance
	PRComplianceEnabled bool     `json:"pr_compliance_enabled"`
	PRMonitoredBranches []string `json:"pr_monitored_branches"`

	// Okta
	OktaDomain                    string            `json:"okta_domain"`
	OktaClientID                  string            `json:"okta_client_id"`
	OktaPrivateKey                string            `json:"okta_private_key"`
	OktaPrivateKeyID              string            `json:"okta_private_key_id"`
	OktaScopes                    []string          `json:"okta_scopes"`
	OktaBaseURL                   string            `json:"okta_base_url"`
	OktaGitHubUserField           string            `json:"okta_github_user_field"`
	OktaSyncRules                 []domain.SyncRule `json:"okta_sync_rules"`
	OktaSyncSafetyThreshold       float64           `json:"okta_sync_safety_threshold"`
	OktaOrphanedUserNotifications bool              `json:"okta_orphaned_user_notifications"`

	// Security Alerts
	SecurityAlertsEnabled     bool   `json:"security_alerts_enabled"`
	SecurityAlertsMinAgeDays  int    `json:"security_alerts_min_age_days"`
	SecurityAlertsMinSeverity string `json:"security_alerts_min_severity"`

	// Slack
	SlackEnabled               bool   `json:"slack_enabled"`
	SlackToken                 string `json:"slack_token"`
	SlackChannel               string `json:"slack_channel"`
	SlackChannelPRBypass       string `json:"slack_channel_pr_bypass"`
	SlackChannelOktaSync       string `json:"slack_channel_okta_sync"`
	SlackChannelOrphanedUsers  string `json:"slack_channel_orphaned_users"`
	SlackChannelSecurityAlerts string `json:"slack_channel_security_alerts"`
	SlackPRBypassFooterNote    string `json:"slack_pr_bypass_footer_note"`
	SlackAPIURL                string `json:"slack_api_url"`
}

RedactedConfig contains configuration with sensitive values redacted. safe for logging and API responses.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.