ExCredstash.Config (ExCredstash v0.1.1)

View Source

Configuration handling for ExCredstash.

This module manages configuration options for the credential store, including AWS settings, table names, and encryption contexts.

Configuration Priority

Configuration values are resolved in the following order (highest to lowest priority):

  1. Options passed directly to functions
  2. Application environment (config.exs)
  3. Environment variables
  4. Default values

Application Environment

config :ex_credstash,
  table: "credential-store",
  kms_key: "alias/credstash",
  region: "us-east-1"

Environment Variables

  • CREDSTASH_DEFAULT_TABLE - DynamoDB table name
  • CREDSTASH_KEY_ID - KMS key ID or alias
  • AWS_DEFAULT_REGION or AWS_REGION - AWS region

Summary

Functions

context(opts \\ [])

Gets the encryption context from configuration.

default_digest()

Returns the default digest algorithm constant.

default_kms_key()

Returns the default KMS key constant.

default_table()

Returns the default table name constant.

digest(opts \\ [])

Gets the digest algorithm from configuration.

get(opts, key, default \\ nil)

Get a configuration value, checking options first, then app config, then env vars.

kms_key(opts \\ [])

Gets the KMS key ID from configuration.

region(opts \\ [])

Gets the AWS region from configuration.

table(opts \\ [])

Gets the DynamoDB table name from configuration.

Functions

context(opts \\ [])

@spec context(keyword()) :: map()

Gets the encryption context from configuration.

Parameters

  • opts - Keyword list of options

Returns

The encryption context map (defaults to empty map).

Examples

iex> ExCredstash.Config.context()
%{}

iex> ExCredstash.Config.context(context: %{"env" => "prod"})
%{"env" => "prod"}

default_digest()

@spec default_digest() :: atom()

Returns the default digest algorithm constant.

default_kms_key()

@spec default_kms_key() :: String.t()

Returns the default KMS key constant.

default_table()

@spec default_table() :: String.t()

Returns the default table name constant.

digest(opts \\ [])

@spec digest(keyword()) :: atom()

Gets the digest algorithm from configuration.

Parameters

  • opts - Keyword list of options

Returns

The digest algorithm atom (defaults to :sha256).

Examples

iex> ExCredstash.Config.digest()
:sha256

iex> ExCredstash.Config.digest(digest: :sha512)
:sha512

get(opts, key, default \\ nil)

@spec get(keyword(), atom(), term()) :: term()

Get a configuration value, checking options first, then app config, then env vars.

Priority: opts > app config > env vars > default

Parameters

  • opts - Keyword list of options
  • key - Configuration key to look up
  • default - Default value if not found (default: nil)

Examples

iex> ExCredstash.Config.get([table: "my-table"], :table)
"my-table"

iex> ExCredstash.Config.get([], :table, "credential-store")
"credential-store"

kms_key(opts \\ [])

@spec kms_key(keyword()) :: String.t()

Gets the KMS key ID from configuration.

Parameters

  • opts - Keyword list of options

Returns

The KMS key ID or alias (defaults to "alias/credstash").

Examples

iex> ExCredstash.Config.kms_key()
"alias/credstash"

iex> ExCredstash.Config.kms_key(kms_key: "alias/my-key")
"alias/my-key"

region(opts \\ [])

@spec region(keyword()) :: String.t() | nil

Gets the AWS region from configuration.

Checks in order: opts[:region] > app config > AWS_DEFAULT_REGION > AWS_REGION

Parameters

  • opts - Keyword list of options

Returns

The region string or nil if not configured.

Examples

iex> ExCredstash.Config.region(region: "eu-west-1")
"eu-west-1"

table(opts \\ [])

@spec table(keyword()) :: String.t()

Gets the DynamoDB table name from configuration.

Parameters

  • opts - Keyword list of options

Returns

The table name (defaults to "credential-store").

Examples

iex> ExCredstash.Config.table()
"credential-store"

iex> ExCredstash.Config.table(table: "my-creds")
"my-creds"