Add common crate to access env variables

In the future, we should use a proper secret store (not just env variables). This lets us update one block of code and not n in the future.
2024-12-22 19:49:22 +00:00 · 2023-07-17 00:50:46 -04:00 · 2023-07-17 00:50:46 -04:00 · 0a367bfbda
commit 0a367bfbda
parent 845c2842b5
11 changed files with 54 additions and 4 deletions
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -23,7 +23,8 @@ jobs:
          GITHUB_CI=true cargo test --all-features \
            -p std-shims \
            -p zalloc \
-            -p serai-db
+            -p serai-db \
+            -p serai-env

  test-crypto:
    runs-on: ubuntu-latest
--- a/Cargo.lock
+++ b/Cargo.lock
@ -8653,6 +8653,10 @@ dependencies = [
 "rocksdb",
 ]

+[[package]]
+name = "serai-env"
+version = "0.1.0"
+
 [[package]]
 name = "serai-in-instructions-pallet"
 version = "0.1.0"
@ -8699,6 +8703,7 @@ dependencies = [
 "rocksdb",
 "schnorr-signatures",
 "serai-db",
+ "serai-env",
 "serai-primitives",
 "serde",
 "serde_json",
@ -8800,6 +8805,7 @@ dependencies = [
 "secp256k1",
 "serai-client",
 "serai-db",
+ "serai-env",
 "serai-message-queue",
 "serai-processor-messages",
 "serde",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -3,6 +3,7 @@ members = [
  "common/std-shims",
  "common/zalloc",
  "common/db",
+  "common/env",

  "crypto/transcript",

--- a/common/env/Cargo.toml
+++ b/common/env/Cargo.toml
@ -0,0 +1,13 @@
+[package]
+name = "serai-env"
+version = "0.1.0"
+description = "A common library for Serai apps to access environment variables"
+license = "AGPL-3.0-only"
+repository = "https://github.com/serai-dex/serai/tree/develop/common/env"
+authors = ["Luke Parker <lukeparker5132@gmail.com>"]
+keywords = []
+edition = "2021"
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
--- a/common/env/LICENSE
+++ b/common/env/LICENSE
@ -0,0 +1,15 @@
+AGPL-3.0-only license
+
+Copyright (c) 2023 Luke Parker
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License Version 3 as
+published by the Free Software Foundation.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
--- a/common/env/src/lib.rs
+++ b/common/env/src/lib.rs
@ -0,0 +1,8 @@
+#![cfg_attr(docsrs, feature(doc_cfg))]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
+// Obtain a variable from the Serai environment/secret store.
+pub fn var(variable: &str) -> Option<String> {
+  // TODO: Move this to Kubernetes
+  std::env::var(variable).ok()
+}
--- a/deny.toml
+++ b/deny.toml
@ -43,6 +43,8 @@ allow-osi-fsf-free = "neither"
 default = "deny"

 exceptions = [
+  { allow = ["AGPL-3.0"], name = "serai-env" },
+
  { allow = ["AGPL-3.0"], name = "ethereum-serai" },

  { allow = ["AGPL-3.0"], name = "serai-message-queue" },
--- a/message-queue/Cargo.toml
+++ b/message-queue/Cargo.toml
@ -35,6 +35,8 @@ tokio = { version = "1", features = ["full"] }
 serai-db = { path = "../common/db", features = ["rocksdb"] }
 rocksdb = "0.21"

+serai-env = { path = "../common/env" }
+
 serai-primitives = { path = "../substrate/primitives" }

 jsonrpsee = { version = "0.16", features = ["server"] }
--- a/message-queue/src/main.rs
+++ b/message-queue/src/main.rs
@ -100,10 +100,10 @@ fn ack_message(service: Service, id: u64, _signature: SchnorrSignature<Ristretto
 async fn main() {
  // Open the DB
  let db =
-    Arc::new(rocksdb::TransactionDB::open_default(std::env::var("DB_PATH").unwrap()).unwrap());
+    Arc::new(rocksdb::TransactionDB::open_default(serai_env::var("DB_PATH").unwrap()).unwrap());

  let read_key = |str| {
-    let Ok(key) = std::env::var(str) else { None? };
+    let Ok(key) = serai_env::var(str) else { None? };

    let mut repr = <<Ristretto as Ciphersuite>::G as GroupEncoding>::Repr::default();
    repr.as_mut().copy_from_slice(&hex::decode(key).unwrap());
--- a/processor/Cargo.toml
+++ b/processor/Cargo.toml
@ -55,6 +55,7 @@ log = "0.4"
 tokio = { version = "1", features = ["full"] }

 serai-db = { path = "../common/db", default-features = false }
+serai-env = { path = "../common/env" }
 serai-client = { path = "../substrate/client", default-features = false }

 messages = { package = "serai-processor-messages", path = "./messages" }
--- a/processor/src/main.rs
+++ b/processor/src/main.rs
@ -1,5 +1,4 @@
 use std::{
-  env,
  time::Duration,
  collections::{VecDeque, HashMap},
 };
@ -25,6 +24,8 @@ use serai_client::{

 use messages::{SubstrateContext, CoordinatorMessage, ProcessorMessage};

+use serai_env as env;
+
 mod plan;
 pub use plan::*;