Consolidate config; read sensitive values from SSM

This gets rid of config merging, and instead uses a single configuration
file that reads sensitive values from AWS SSM parameters in production.

Author: tobias

README.md

@@ -136,26 +136,23 @@ configuration. This can be done by `lein run`.
 Deployment
 ----------
 
-See the [Deployment instructions](https://github.com/clojars/clojars-server-config#deployment) in the 
-[clojars-server-config repo](https://github.com/clojars/clojars-server-config).
+See the [Deployment instructions](https://github.com/clojars/infrastructure#deployment) in the 
+[infrastructure repo](https://github.com/clojars/infrastructure).
 
 Also see [Configuration](#configuration).
 
 Configuration
 -------------
 
-The default configuration is loaded from
-`resources/default_config.edn`. To override values from the default
-config, place them in map in an edn file, and specify the path to that
-file via the `CLOJARS_EXTRA_CONFIG` environment variable.
+The configuration is loaded from `resources/config.edn`.
 
 When running automated tests at the repl, or with `lein test`, a test environment
 is used to provide isolation. It can be found in `test/clojars/test/test_helper.clj`.
 
 License
 -------
 
-Copyright © 2009-2022 Alex Osborne, Phil Hagelberg, Nelson Morris,
+Copyright © 2009-2023 Alex Osborne, Phil Hagelberg, Nelson Morris,
 Toby Crawley, Daniel Compton and
 [contributors](https://github.com/clojars/clojars-web/graphs/contributors).
 

project.clj

@@ -91,16 +91,17 @@
                                org.apache.xmlgraphics/batik-svggen]]
 
                  ;; logging
-                 [org.clojure/tools.logging "1.2.3"]
+                 [org.clojure/tools.logging "1.2.4"]
                  [ch.qos.logback/logback-classic "1.3.0-alpha5"
                   :exclusions [com.sun.mail/javax.mail]]
                  ;; Upgrading for compatibility with logback 1.3.x
                  [org.slf4j/jcl-over-slf4j "2.0.0-alpha1"]
 
                  ;; AWS
-                 [com.cognitect.aws/api "0.8.539"]
-                 [com.cognitect.aws/endpoints "1.1.12.129"]
-                 [com.cognitect.aws/s3 "814.2.991.0"]]
+                 [com.cognitect.aws/api "0.8.635"]
+                 [com.cognitect.aws/endpoints "1.1.12.373"]
+                 [com.cognitect.aws/s3 "825.2.1250.0"]
+                 [com.cognitect.aws/ssm "825.2.1283.0"]]
   :plugins [[supersport "1"]]
   :main ^:skip-aot clojars.main
   :target-path "target/%s/"

resources/config.edn

@@ -0,0 +1,46 @@
+{:base-url            "https://clojars.org"
+ :bcrypt-work-factor  12
+ :bind                "127.0.0.1"
+ :cdn-token           #profile {:production #ssm-parameter "/clojars/production/cdn_token"
+                                :default    nil}
+ :cdn-url             "https://repo.clojars.org"
+ :db                  {:dbtype   "postgresql"
+                       :dbname   "clojars"
+                       :host     #profile {:production #ssm-parameter "/clojars/production/db_host"
+                                           :default    "localhost"}
+                       :port     #profile {:default    55432
+                                           :test       #or [#env DB_PORT 55433]
+                                           :production 5432}
+                       :user     "clojars"
+                       :password #profile {:production #ssm-parameter "/clojars/production/db_user"
+                                           :default    "clojars"}}
+ :deletion-backup-dir #profile {:production "/home/clojars/repo-deleted"
+                                :default    "data/test/repo-backup"}
+ :github-oauth        {:client-id     #profile {:production #ssm-parameter "/clojars/production/github_oauth_client_id"
+                                                :default    "testing"}
+                       :client-secret #profile {:production #ssm-parameter "/clojars/production/github_oauth_client_secret"
+                                                :default    "testing"}
+                       :callback-uri  "https://clojars.org/oauth/github/callback"}
+ :gitlab-oauth        {:client-id     #profile {:production #ssm-parameter "/clojars/production/gitlab_oauth_client_id"
+                                                :default    "testing"}
+                       :client-secret #profile {:production #ssm-parameter "/clojars/production/gitlab_oauth_client_secret"
+                                                :default    "testing"}
+                       :callback-uri  "https://clojars.org/oauth/gitlab/callback"}
+ :index-path          "data/index"
+ :mail                {:from     "contact@clojars.org"
+                       :hostname "127.0.0.1"
+                       :tls?     false}
+ :nrepl-port          7991
+ :port                #profile {:default    8080
+                                :test       0
+                                :production 8001}
+ :repo                #profile {:production "repo"
+                                :test       "data/test/repo"
+                                :default    "data/dev_repo"}
+ :s3                  {:repo-bucket  #profile {:production "clojars-repo-production"
+                                               :default    "clojars-repo-development"}
+                       :stats-bucket #profile {:production "clojars-stats-production"
+                                               :default    "clojars-stats-development"}}
+ :sentry-dsn          #profile {:production #ssm-parameter "/clojars/production/sentry_dsn"
+                                :default nil}
+ :stats-dir           "data/stats"}

resources/default_config.edn

@@ -2,20 +2,35 @@
   (:require
    [aero.core :as aero]
    [clojure.java.io :as io]
-   [meta-merge.core :refer [meta-merge]]))
+   [cognitect.aws.client.api :as aws]))
 
-(defn get-extra-config-path
+(defn- ssm-client
   []
-  (System/getenv "CLOJARS_EXTRA_CONFIG"))
+  (aws/client {:api :ssm}))
 
-;; We attempt to read a file defined by the CLOJARS_EXTRA_CONFIG env
-;; var at load time. This is used to load production configuration.
-(defn merge-extra-config
-  [default-config]
-  (meta-merge
-   default-config
-   (when-let [extra-config (get-extra-config-path)]
-     (aero/read-config extra-config))))
+(defn- throw-on-error
+  [v]
+  (if (some? (:cognitect.anomalies/category v))
+    (throw (ex-info "SSM request failed" v))
+    v))
+
+(defn- get-parameter-value
+  [param-name]
+  (->> {:op :GetParameter
+        :request {:Name param-name
+                  :WithDecryption true}}
+       (aws/invoke (ssm-client))
+       (throw-on-error)
+       (:Parameter)
+       (:Value)))
+
+(def ^:dynamic *profile* "development")
+
+(defmethod aero/reader 'ssm-parameter
+  [_opts _tag value]
+  (if (= :production *profile*)
+    (get-parameter-value value)
+    ""))
 
 (defn jdbc-url [db-config]
   (if (string? db-config)
@@ -34,13 +49,10 @@
 
 (defn- load-config
   [profile]
-  (-> (io/resource "default_config.edn")
+  (-> (io/resource "config.edn")
       (aero/read-config {:profile profile})
-      (merge-extra-config)
       (translate)))
 
-(def ^:dynamic *profile* "development")
-
 (def config*
   (memoize load-config))
 
@@ -51,6 +63,7 @@
   - CLOJARS_ENVIRONMENT environment variable
   - *profile* dynamic var (defaults to \"development\")"
   []
-  (let [env (keyword (or (System/getenv "CLOJARS_ENVIRONMENT")
-                         *profile*))]
-    (config* env)))
+  (let [profile (keyword (or (System/getenv "CLOJARS_ENVIRONMENT")
+                             *profile*))]
+    (binding [*profile* profile]
+      (config* profile))))

src/clojars/config.clj

@@ -29,7 +29,7 @@
 
 (defn error-reporter [config]
   (let [dsn (:sentry-dsn config)]
-    (if (and dsn (not= "NOTSET" dsn))
+    (if dsn
       (let [raven-reporter (err/raven-error-reporter {:dsn dsn})]
         (info "enabling raven-clj client dsn:project-id:" (:project-id (raven-clj/parse-dsn dsn)))
         (Thread/setDefaultUncaughtExceptionHandler raven-reporter)

src/clojars/main.clj

@@ -92,9 +92,7 @@
 
 (defn- purge
   [cdn-token cdn-url path]
-  (when (and cdn-token
-             cdn-url
-             (not= "NOTSET" cdn-token))
+  (when (and cdn-token cdn-url)
     (let [{:keys [status] :as resp} (cdn/purge cdn-token cdn-url path)]
       (when (not= "ok" status)
         (throw (ex-info (format "Fastly purge failed for %s" path) resp))))))