moar ENV

This adds environment variable names for all config parameters. It also adds 'envc' to help make using them easier in dev and replaces the default json files. This is a baby step in configuring the process purely with the env which should make containerizing easier.
2015-05-12 17:48:26 -07:00 · 2015-05-12 17:48:26 -07:00 · 7df36f4ff0
--- a/.env.dev
+++ b/.env.dev
@ -0,0 +1,10 @@
+CONTENT_SERVER_URL=http://127.0.0.1:3030
+SMTP_HOST=127.0.0.1
+SMTP_PORT=9999
+SMTP_SECURE=false
+LOG_LEVEL=info
+VERIFIER_VERSION=0
+CUSTOMS_SERVER_URL=none
+LOCKOUT_ENABLED=true
+SNS_TOPIC_ARN=disabled
+TRUSTED_JKUS=http://127.0.0.1:8080/.well-known/public-keys
--- a/config/awsbox.json
+++ b/config/awsbox.json
@ -1,24 +0,0 @@
-{
-  "env": "dev",
-  "db": {
-    "backend": "mysql"
-  },
-  "mysql": {
-    "user": "fxa"
-  },
-  "smtp": {
-    "host": "localhost",
-    "port": 25,
-    "secure": false,
-    "sender": "no-reply@lcip.org"
-  },
-  "secretKeyFile": "/home/app/var/secret-key.json",
-  "publicKeyFile": "/home/app/var/public-key.json",
-  "contentServer": {
-    "url": "https://accounts.dev.lcip.org"
-  },
-  "customsUrl": "none",
-  "toobusy": {
-    "maxLag": 0
-  }
-}
--- a/config/dev.json
+++ b/config/dev.json
@ -1,29 +0,0 @@
-{
-  "contentServer": {
-    "url": "http://127.0.0.1:3030"
-  },
-  "smtp": {
-    "host": "127.0.0.1",
-    "port": 9999,
-    "secure": false,
-    "sender": "no-reply@example.com",
-    "resendBlackoutPeriod": 0
-  },
-  "toobusy": {
-    "maxLag": 0
-  },
-  "log": {
-    "level": "info"
-  },
-  "verifierVersion": 0,
-  "bounces": {
-    "region": "us-east-1"
-  },
-  "customsUrl": "none",
-  "trustedJKUs": [
-    "http://127.0.0.1:8080/.well-known/public-keys",
-    "http://127.0.0.1:10139/.well-known/public-keys"
-  ],
-  "lockoutEnabled": true,
-  "snsTopicArn": "disabled"
-}
--- a/config/index.js
+++ b/config/index.js
@ -2,6 +2,8 @@
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

+require('envc')()
+
 var fs = require('fs')
 var path = require('path')
 var url = require('url')
@ -28,13 +30,19 @@ var conf = convict({
    env: "PUBLIC_URL"
  },
  secretKeyFile: {
-    default: path.resolve(__dirname, '../config/secret-key.json')
+    format: String,
+    default: path.resolve(__dirname, '../config/secret-key.json'),
+    env: 'SECRET_KEY_FILE'
  },
  publicKeyFile: {
-    default: path.resolve(__dirname, '../config/public-key.json')
+    format: String,
+    default: path.resolve(__dirname, '../config/public-key.json'),
+    env: 'PUBLIC_KEY_FILE'
  },
  trustedJKUs: {
-    default: []
+    format: Array,
+    default: [],
+    env: 'TRUSTED_JKUS'
  },
  db: {
    backend: {
@ -45,7 +53,8 @@ var conf = convict({
  httpdb: {
    url: {
      doc: 'database api url',
-      default: 'http://127.0.0.1:8000'
+      default: 'http://127.0.0.1:8000',
+      env: 'HTTPDB_URL'
    }
  },
  listen: {
@ -136,10 +145,13 @@ var conf = convict({
    redirectDomain: {
      doc: 'Domain that mail urls are allowed to redirect to',
      format: String,
-      default: 'firefox.com'
+      default: 'firefox.com',
+      env: 'REDIRECT_DOMAIN'
    },
    resendBlackoutPeriod: {
      doc: 'Blackout period for resending verification emails',
+      format: 'int',
+      env: 'RESEND_BLACKOUT_PERIOD',
      default: 1000 * 60 * 10
    }
  },
@ -160,46 +172,61 @@ var conf = convict({
  i18n: {
    defaultLanguage: {
      format: String,
-      default: "en"
+      default: 'en',
+      env: 'DEFAULT_LANG'
    },
    supportedLanguages: {
-      default: DEFAULT_SUPPORTED_LANGUAGES
+      format: Array,
+      default: DEFAULT_SUPPORTED_LANGUAGES,
+      env: 'SUPPORTED_LANGS'
    }
  },
  tokenLifetimes: {
    accountResetToken: {
+      format: 'int',
+      env: 'ACCOUNT_RESET_TOKEN_TTL',
      default: 1000 * 60 * 15
    },
    passwordForgotToken: {
+      format: 'int',
+      env: 'PASSWORD_FORGOT_TOKEN_TTL',
      default: 1000 * 60 * 60
    },
    passwordChangeToken: {
+      format: 'int',
+      env: 'PASSWORD_CHANGE_TOKEN_TTL',
      default: 1000 * 60 * 15
    }
  },
  verifierVersion: {
    doc: 'verifer version for new and changed passwords',
+    format: 'int',
+    env: 'VERIFIER_VERSION',
    default: 1
  },
  snsTopicArn: {
    doc: 'Amazon SNS topic on which to send account event notifications. Set to "disabled" to turn off the notifier',
    format: String,
+    env: 'SNS_TOPIC_ARN',
    default: ''
  },
  bounces: {
    region: {
      doc: 'The region where the queues live, most likely the same region we are sending email e.g. us-east-1, us-west-2',
      format: String,
+      env: 'BOUNCE_REGION',
      default: ''
    },
    bounceQueueUrl: {
      doc: 'The bounce queue URL to use (should include https://sqs.<region>.amazonaws.com/<account-id>/<queue-name>)',
      format: String,
+      env: 'BOUNCE_QUEUE_URL',
      default: ''
    },
    complaintQueueUrl: {
      doc: 'The complaint queue URL to use (should include https://sqs.<region>.amazonaws.com/<account-id>/<queue-name>)',
      format: String,
+      env: 'COMPLAINT_QUEUE_URL',
      default: ''
    }
  },
@ -207,50 +234,56 @@ var conf = convict({
    region: {
      doc: 'The region where the queues live, most likely the same region we are sending email e.g. us-east-1, us-west-2',
      format: String,
+      env: 'BASKET_REGION',
      default: ''
    },
    apiUrl: {
      doc: 'Url for the Basket API server',
      format: String,
+      env: 'BASKET_API_URL',
      default: ''
    },
    apiKey: {
      doc: 'Basket API key',
      format: String,
+      env: 'BASKET_API_KEY',
      default: ''
    },
    queueUrl: {
      doc: 'The bounce queue URL',
      format: String,
+      env: 'BASKET_QUEUE_URL',
      default: ''
    }
  },
  useHttps: {
    doc: "set to true to serve directly over https",
+    env: 'USE_TLS',
    default: false
  },
  keyPath: {
    doc: "path to SSL key in PEM format if serving over https",
+    env: 'TLS_KEY_PATH',
    default: path.resolve(__dirname, '../key.pem')
  },
  certPath: {
    doc: "path to SSL certificate in PEM format if serving over https",
+    env: 'TLS_CERT_PATH',
    default: path.resolve(__dirname, '../cert.pem')
  },
  lockoutEnabled: {
    doc: 'Is account lockout enabled',
    format: Boolean,
+    env: 'LOCKOUT_ENABLED',
    default: false
  }
 })

 // handle configuration files.  you can specify a CSV list of configuration
 // files to process, which will be overlayed in order, in the CONFIG_FILES
-// environment variable. By default, the ./config/<env>.json file is loaded.
+// environment variable.

-var envConfig = path.join(__dirname, conf.get('env') + '.json')
-var files = (envConfig + ',' + process.env.CONFIG_FILES)
-              .split(',').filter(fs.existsSync)
+var files = (process.env.CONFIG_FILES || '').split(',').filter(fs.existsSync)
 conf.loadFile(files)

 // set the public url as the issuer domain for assertions
--- a/npm-shrinkwrap.json
+++ b/npm-shrinkwrap.json
@ -312,9 +312,28 @@
        }
      }
    },
+    "envc": {
+      "version": "2.2.0",
+      "from": "envc@2.2.0",
+      "resolved": "https://registry.npmjs.org/envc/-/envc-2.2.0.tgz",
+      "dependencies": {
+        "params": {
+          "version": "0.1.1",
+          "from": "params@>=0.1.1 <0.2.0",
+          "resolved": "https://registry.npmjs.org/params/-/params-0.1.1.tgz",
+          "dependencies": {
+            "type-detect": {
+              "version": "0.1.2",
+              "from": "type-detect@>=0.1.2 <0.2.0",
+              "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-0.1.2.tgz"
+            }
+          }
+        }
+      }
+    },
    "fxa-auth-db-mem": {
      "version": "0.33.0",
-      "from": "../../../../var/folders/rv/6mf4_t5x169fdxtrnd14y7500000gn/T/npm-32036-f4483a58/git-cache-6c2f2ff0d4d7/219faab1345a7ae45c1c83e9a3d97a4424df8dcc",
+      "from": "git://github.com/mozilla/fxa-auth-db-mem.git#219faab1345a7ae45c1c83e9a3d97a4424df8dcc",
      "resolved": "git://github.com/mozilla/fxa-auth-db-mem.git#219faab1345a7ae45c1c83e9a3d97a4424df8dcc",
      "dependencies": {
        "bluebird": {
@ -324,7 +343,7 @@
        },
        "fxa-auth-db-server": {
          "version": "0.36.0",
-          "from": "../../../../var/folders/rv/6mf4_t5x169fdxtrnd14y7500000gn/T/npm-32036-f4483a58/git-cache-cd63ed4f185d/38ff26c867e40caf1f10cd2c42b287148be149bc",
+          "from": "git://github.com/mozilla/fxa-auth-db-server.git#38ff26c867e40caf1f10cd2c42b287148be149bc",
          "resolved": "git://github.com/mozilla/fxa-auth-db-server.git#38ff26c867e40caf1f10cd2c42b287148be149bc",
          "dependencies": {
            "restify": {
@ -512,11 +531,6 @@
                      "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.2.0.tgz"
                    }
                  }
-                },
-                "dtrace-provider": {
-                  "version": "0.2.8",
-                  "from": "https://registry.npmjs.org/dtrace-provider/-/dtrace-provider-0.2.8.tgz",
-                  "resolved": "https://registry.npmjs.org/dtrace-provider/-/dtrace-provider-0.2.8.tgz"
                }
              }
            }
@ -616,7 +630,7 @@
    },
    "fxa-auth-mailer": {
      "version": "1.0.7",
-      "from": "../../../../var/folders/rv/6mf4_t5x169fdxtrnd14y7500000gn/T/npm-32036-f4483a58/git-cache-696d0b98d870/d2eb3b298464455c8fe18fd964141ba89a0d1a0e",
+      "from": "git://github.com/mozilla/fxa-auth-mailer.git#d2eb3b298464455c8fe18fd964141ba89a0d1a0e",
      "resolved": "git://github.com/mozilla/fxa-auth-mailer.git#d2eb3b298464455c8fe18fd964141ba89a0d1a0e",
      "dependencies": {
        "bluebird": {
@ -662,7 +676,7 @@
        },
        "fxa-content-server-l10n": {
          "version": "0.0.0",
-          "from": "../../../../var/folders/rv/6mf4_t5x169fdxtrnd14y7500000gn/T/npm-32036-f4483a58/git-cache-4c950ec35c81/d6d263acccbf27df194e2b53f0bc7bbdb811ea22",
+          "from": "git://github.com/mozilla/fxa-content-server-l10n.git#d6d263acccbf27df194e2b53f0bc7bbdb811ea22",
          "resolved": "git://github.com/mozilla/fxa-content-server-l10n.git#d6d263acccbf27df194e2b53f0bc7bbdb811ea22"
        },
        "handlebars": {
@ -1339,11 +1353,6 @@
                  "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.2.0.tgz"
                }
              }
-            },
-            "dtrace-provider": {
-              "version": "0.2.8",
-              "from": "https://registry.npmjs.org/dtrace-provider/-/dtrace-provider-0.2.8.tgz",
-              "resolved": "https://registry.npmjs.org/dtrace-provider/-/dtrace-provider-0.2.8.tgz"
            }
          }
        }
--- a/package.json
+++ b/package.json
@ -28,6 +28,7 @@
    "aws-sdk": "2.1.26",
    "binary-split": "0.1.2",
    "convict": "0.6.1",
+    "envc": "2.2.0",
    "fxa-auth-mailer": "git+https://github.com/mozilla/fxa-auth-mailer.git#master",
    "fxa-jwtool": "0.7.1",
    "hapi": "8.4.0",
--- a/test/.env.dev
+++ b/test/.env.dev
@ -0,0 +1,8 @@
+CONTENT_SERVER_URL=http://127.0.0.1:3030
+SMTP_HOST=127.0.0.1
+SMTP_PORT=9999
+SMTP_SECURE=false
+LOG_LEVEL=info
+CUSTOMS_SERVER_URL=none
+LOCKOUT_ENABLED=true
+SNS_TOPIC_ARN=disabled
--- a/test/config/base_path.json
+++ b/test/config/base_path.json
@ -1,3 +0,0 @@
-{
-  "publicUrl": "http://127.0.0.1:9000/auth"
-}
--- a/test/config/preverify_secret.json
+++ b/test/config/preverify_secret.json
@ -1,3 +0,0 @@
-{
-  "trustedJKUs": ["http://127.0.0.1:9000/.well-known/public-keys"]
-}
--- a/test/config/resend_blackout.json
+++ b/test/config/resend_blackout.json
@ -1,5 +0,0 @@
-{
-  "smtp": {
-    "resendBlackoutPeriod": 500
-  }
-}
--- a/test/config/scrypt.json
+++ b/test/config/scrypt.json
@ -1,3 +0,0 @@
-{
-	"verifierVersion": 1
-}
--- a/test/config/token_expiry.json
+++ b/test/config/token_expiry.json
@ -1,5 +0,0 @@
-{
-  "tokenLifetimes": {
-    "passwordChangeToken": -1
-  }
-}
--- a/test/config/verifier_version_0.json
+++ b/test/config/verifier_version_0.json
@ -1,3 +0,0 @@
-{
-  "verifierVersion": 0
-}
--- a/test/config/verifier_version_1.json
+++ b/test/config/verifier_version_1.json
@ -1,3 +0,0 @@
-{
-  "verifierVersion": 1
-}
--- a/test/local/account_preverified_token_tests.js
+++ b/test/local/account_preverified_token_tests.js
@ -2,13 +2,12 @@
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

-var path = require('path')
 var test = require('../ptaptest')
 var TestServer = require('../test_server')
 var Client = require('../client')
 var JWTool = require('fxa-jwtool')

-process.env.CONFIG_FILES = path.join(__dirname, '../config/preverify_secret.json')
+process.env.TRUSTED_JKUS = 'http://127.0.0.1:9000/.well-known/public-keys'
 var config = require('../../config').root()
 var secretKey = JWTool.JWK.fromFile(
  config.secretKeyFile,
--- a/test/local/base_path_tests.js
+++ b/test/local/base_path_tests.js
@ -4,12 +4,11 @@

 var test = require('../ptaptest')
 var TestServer = require('../test_server')
-var path = require('path')
 var Client = require('../client')
 var P = require('../../lib/promise')
 var request = require('request')

-process.env.CONFIG_FILES = path.join(__dirname, '../config/base_path.json')
+process.env.PUBLIC_URL = 'http://127.0.0.1:9000/auth'
 var config = require('../../config').root()

 TestServer.start(config)
--- a/test/local/concurrent_tests.js
+++ b/test/local/concurrent_tests.js
@ -4,12 +4,11 @@

 var test = require('../ptaptest')
 var TestServer = require('../test_server')
-var path = require('path')
 var Client = require('../client')
 var P = require('../../lib/promise')


-process.env.CONFIG_FILES = path.join(__dirname, '../config/scrypt.json')
+process.env.VERIFIER_VERSION = '1'
 var config = require('../../config').root()

 TestServer.start(config)
--- a/test/local/email_validity_tests.js
+++ b/test/local/email_validity_tests.js
@ -4,12 +4,9 @@

 var test = require('../ptaptest')
 var TestServer = require('../test_server')
-var path = require('path')
 var Client = require('../client')
 var P = require('../../lib/promise')

-
-process.env.CONFIG_FILES = path.join(__dirname, '../config/scrypt.json')
 var config = require('../../config').root()

 TestServer.start(config)
--- a/test/local/resend_blackout_tests.js
+++ b/test/local/resend_blackout_tests.js
@ -4,11 +4,10 @@

 var test = require('../ptaptest')
 var TestServer = require('../test_server')
-var path = require('path')
 var Client = require('../client')
 var P = require('../../lib/promise')

-process.env.CONFIG_FILES = path.join(__dirname, '../config/resend_blackout.json')
+process.env.RESEND_BLACKOUT_PERIOD = '500'
 var config = require('../../config').root()

 TestServer.start(config)
--- a/test/local/token_expiry_tests.js
+++ b/test/local/token_expiry_tests.js
@ -4,10 +4,9 @@

 var test = require('../ptaptest')
 var TestServer = require('../test_server')
-var path = require('path')
 var Client = require('../client')

-process.env.CONFIG_FILES = path.join(__dirname, '../config/token_expiry.json')
+process.env.PASSWORD_CHANGE_TOKEN_TTL = '-1'
 var config = require('../../config').root()

 function fail() { throw new Error() }
--- a/test/local/verifier_upgrade_tests.js
+++ b/test/local/verifier_upgrade_tests.js
@ -4,12 +4,11 @@

 var test = require('../ptaptest')
 var TestServer = require('../test_server')
-var path = require('path')
 var Client = require('../client')
 var createDBServer = require('fxa-auth-db-mem')
 var log = { trace: console.log }

-process.env.CONFIG_FILES = path.join(__dirname, '../config/verifier_version_0.json')
+process.env.VERIFIER_VERSION = '0'
 var config = require('../../config').root()
 var Token = require('../../lib/tokens')(log)
 var DB = require('../../lib/db')(
@ -67,7 +66,7 @@ function (t) {
  )
  .then(
    function () {
-      process.env.CONFIG_FILES = path.join(__dirname, '../config/verifier_version_1.json')
+      process.env.VERIFIER_VERSION = '1'
      return TestServer.start(config)
    }
  )