f1fdf27012
- Repo scaffolding: .gitignore, .env.example, Makefile, docker-compose.yml, README.md, CHANGELOG.md, pre-commit config. - Three-service stack: api (Flask 3), db (postgres:16-alpine), front (nginx serving the Vite bundle). Named volumes metamorph_db + metamorph_evidence. - Backend skeleton: Flask app factory, JSON structured logging on stdout, GET /api/v1/health, multi-stage Dockerfile, pyproject.toml driven by uv, Pydantic Settings with secret guard rails (refuses to boot in non-dev with placeholders), APP_ENV gating. - Frontend skeleton: Vite + React 18 + TypeScript strict + TailwindCSS, RTOps design tokens from tasks/design.md, self-hosted JetBrains Mono / IBM Plex Sans via @fontsource, base UI primitives (Card/Tag/SectionHeader/FlowNode/ Button), home page wired to /api/v1/health. - Engine-agnostic Makefile: auto-detects docker or podman, picks the matching compose driver. Targets: up/down/build/rebuild/dev/lint/fmt/test/migrate/ seed-mitre/print-install-token/e2e/inspect-health. - Playwright suite: e2e/tests/m0-smoke.spec.ts (8 tests) + HTML + JUnit reports + traces on retry. - Docs: tasks/spec.md (finalized after Q&A), tasks/design.md, tasks/todo.md (14 milestones), tasks/testing-m0.md, tasks/lessons.md. DoD: make up + make health + make e2e all pass on podman 5.x (Fedora) and docker. TLS terminated by external reverse proxy (spec §6 NF-network). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
77 lines
2.6 KiB
Python
77 lines
2.6 KiB
Python
"""Runtime configuration loaded from environment variables."""
|
|
|
|
from __future__ import annotations
|
|
|
|
from typing import Literal
|
|
|
|
from pydantic import Field, model_validator
|
|
from pydantic_settings import BaseSettings, SettingsConfigDict
|
|
|
|
# Sentinel values that .env.example ships with. If the runtime is configured
|
|
# in a non-dev environment with one of these still in place, we refuse to boot.
|
|
_DEV_JWT_SECRET = "change-me-to-a-long-random-string"
|
|
_DEV_DB_PASSWORD = "change-me-strong"
|
|
|
|
|
|
class Settings(BaseSettings):
|
|
model_config = SettingsConfigDict(
|
|
env_file=".env",
|
|
env_file_encoding="utf-8",
|
|
case_sensitive=True,
|
|
extra="ignore",
|
|
)
|
|
|
|
# === Runtime mode ===
|
|
# Set to "dev" to allow the default placeholder secrets. Anything else
|
|
# (e.g. "prod", "staging") forces strong values.
|
|
APP_ENV: Literal["dev", "prod", "staging", "test"] = "prod"
|
|
|
|
# === Postgres ===
|
|
POSTGRES_DB: str = "metamorph"
|
|
POSTGRES_USER: str = "metamorph"
|
|
POSTGRES_PASSWORD: str = ""
|
|
POSTGRES_HOST: str = "db"
|
|
POSTGRES_PORT: int = 5432
|
|
|
|
# === API ===
|
|
JWT_SECRET: str = Field(default="", min_length=0)
|
|
LOG_LEVEL: str = "INFO"
|
|
FRONT_ORIGIN: str = "http://localhost:8080"
|
|
EVIDENCE_DIR: str = "/data/evidence"
|
|
|
|
@property
|
|
def cors_origins(self) -> list[str]:
|
|
return [o.strip() for o in self.FRONT_ORIGIN.split(",") if o.strip()]
|
|
|
|
@property
|
|
def database_url(self) -> str:
|
|
"""SQLAlchemy URL using the psycopg3 driver."""
|
|
return (
|
|
f"postgresql+psycopg://{self.POSTGRES_USER}:{self.POSTGRES_PASSWORD}"
|
|
f"@{self.POSTGRES_HOST}:{self.POSTGRES_PORT}/{self.POSTGRES_DB}"
|
|
)
|
|
|
|
@model_validator(mode="after")
|
|
def _enforce_secret_strength(self) -> "Settings":
|
|
"""Refuse to boot in prod/staging if secrets are missing or default.
|
|
|
|
`dev` and `test` are explicitly exempted so workstations and the
|
|
ephemeral test container don't need real secrets.
|
|
"""
|
|
if self.APP_ENV in ("dev", "test"):
|
|
return self
|
|
if not self.JWT_SECRET or self.JWT_SECRET == _DEV_JWT_SECRET or len(self.JWT_SECRET) < 32:
|
|
raise ValueError(
|
|
"JWT_SECRET is missing, default, or shorter than 32 chars. "
|
|
"Set APP_ENV=dev to bypass for local development."
|
|
)
|
|
if not self.POSTGRES_PASSWORD or self.POSTGRES_PASSWORD == _DEV_DB_PASSWORD:
|
|
raise ValueError(
|
|
"POSTGRES_PASSWORD is missing or default. "
|
|
"Set APP_ENV=dev to bypass for local development."
|
|
)
|
|
return self
|
|
|
|
|
|
settings = Settings()
|