Configuration

The guiding spirit for development is that there are no hardcoded values anywhere in the codebase. Instead, there is a central place, the Config, holding all hardcoded values, which can then be used in the actual code. “Hardcoded values” means hereby literally anything, from passwords over the name of the database to the default time zone or the log directory.

The config is build hierarchically: First, there are default values for each config variable in the file cdedb.config. They can be overwritten by specifying the path to a custom config file via the environment variable CDEDB_CONFIGPATH. [1]

To provide a second layer of protection, there is a separate Config class holding all critical (mostly password) config options: the SecretsConfig. To overwrite this subset of config values (which is highly recommended!), let the SECRETS_CONFIGPATH config option point to your custom secrets config file. This file can then be further protected, for example by shrinking its access permissions on the file system to a specific user which is running the application (conventionally named www-cde).

Note that both Config and SecretsConfig are recompiled with the new config values if the CDEDB_CONFIGPATH environment variable changed. This happens before the next access to the respective config object is performed.

Both Config and SecretsConfig take config options from a custom file without a default value in cdedb.config not into account. However, there are cases where it would be desirable to add values to the config objects which are not used in the actual codebase, f.e. if they are needed inside the test-suite. To honor such usecases, there is the class TestConfig inheriting from Config, allowing to set arbitrary values inside the overwrite files.

All config objects can in principle be instantiated anywhere in the codebase. If they are available otherwise (f.e. as instance attribute), using them is preferred over instantiation. As a direct consequence of this design principle, the config is read-only and can not be changed at runtime.