Class: Browserctl::SecretResolverRegistry

Inherits:

Object

Object
Browserctl::SecretResolverRegistry

show all

Defined in:: lib/browserctl/secret_resolver_registry.rb

Class Method Summary collapse

.record_resolved_value(value) ⇒ Object
.register(resolver_class) ⇒ Object
.registered?(scheme) ⇒ Boolean
.reset! ⇒ Object
.resolve(secret_ref) ⇒ Object
.resolved_values ⇒ Object

In-memory record of values resolved during this process.

Class Method Details

.record_resolved_value(value) ⇒ `Object`

# File 'lib/browserctl/secret_resolver_registry.rb', line 49

def self.record_resolved_value(value)
  return unless value.is_a?(String) && !value.empty?

  @mutex.synchronize { @resolved_values << value unless @resolved_values.include?(value) }
end

.register(resolver_class) ⇒ `Object`

# File 'lib/browserctl/secret_resolver_registry.rb', line 11

def self.register(resolver_class)
  instance = resolver_class.new
  @mutex.synchronize { @registry[resolver_class.scheme] = instance }
end

.registered?(scheme) ⇒ `Boolean`

Returns:

(Boolean)



38
39
40

# File 'lib/browserctl/secret_resolver_registry.rb', line 38

def self.registered?(scheme)
  @mutex.synchronize { @registry.key?(scheme) }
end

.reset! ⇒ `Object`

# File 'lib/browserctl/secret_resolver_registry.rb', line 55

def self.reset!
  @mutex.synchronize do
    @registry.clear
    @resolved_values.clear
  end
end

.resolve(secret_ref) ⇒ `Object`

# File 'lib/browserctl/secret_resolver_registry.rb', line 16

def self.resolve(secret_ref)
  scheme, reference = secret_ref.split("://", 2)
  resolver = @mutex.synchronize { @registry[scheme] }
  raise SecretResolverError, "unknown secret resolver scheme '#{scheme}'" unless resolver

  unless resolver.available?
    msg = "'#{scheme}://' resolver is not available in this environment"
    if scheme == "keychain"
      msg += "\n  Use env://YOUR_VAR_NAME to source secrets from environment variables instead."
    end
    raise SecretResolverError, msg
  end

  value = resolver.resolve(reference)
  record_resolved_value(value)
  value
rescue SecretResolverError
  raise
rescue StandardError => e
  raise SecretResolverError, "secret resolution failed for #{secret_ref.inspect}: #{e.message}"
end

.resolved_values ⇒ `Object`

In-memory record of values resolved during this process. Used by the Redactor so trace output never leaks values that flowed through the registry. Never persisted.



45
46
47

# File 'lib/browserctl/secret_resolver_registry.rb', line 45

def self.resolved_values
  @mutex.synchronize { @resolved_values.dup }
end

Class: Browserctl::SecretResolverRegistry

Class Method Summary collapse

Class Method Details

.record_resolved_value(value) ⇒ Object

.register(resolver_class) ⇒ Object

.registered?(scheme) ⇒ Boolean

.reset! ⇒ Object

.resolve(secret_ref) ⇒ Object

.resolved_values ⇒ Object

.record_resolved_value(value) ⇒ `Object`

.register(resolver_class) ⇒ `Object`

.registered?(scheme) ⇒ `Boolean`

.reset! ⇒ `Object`

.resolve(secret_ref) ⇒ `Object`

.resolved_values ⇒ `Object`