jesus/TypeDialog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
TypeDialog/examples/08-encryption/multi-backend-sops.ncl
Jesús Pérez a963adbf5b
Some checks failed
CI / Lint (bash) (push) Has been cancelled
Details
CI / Lint (markdown) (push) Has been cancelled
Details
CI / Lint (nickel) (push) Has been cancelled
Details
CI / Lint (nushell) (push) Has been cancelled
Details
CI / Lint (rust) (push) Has been cancelled
Details
CI / Benchmark (push) Has been cancelled
Details
CI / Security Audit (push) Has been cancelled
Details
CI / License Compliance (push) Has been cancelled
Details
CI / Code Coverage (push) Has been cancelled
Details
CI / Test (macos-latest) (push) Has been cancelled
Details
CI / Test (ubuntu-latest) (push) Has been cancelled
Details
CI / Test (windows-latest) (push) Has been cancelled
Details
CI / Build (macos-latest) (push) Has been cancelled
Details
CI / Build (ubuntu-latest) (push) Has been cancelled
Details
CI / Build (windows-latest) (push) Has been cancelled
Details
feat(forms): migrate all form definitions and configs to Nickel (.ncl) 
Replace all TOML form definitions in examples/ and config/ with
  type-checked Nickel equivalents. Update cli_loader to prefer .ncl
  (via nickel export) over .toml in config search order.
  TOML support retained as fallback — no breaking change.

  - El loader usa nickel export --format json + serde_json como puente — evita reimplementar un parser Nickel en Rust y aprovecha el binario ya existente.
  - El orden de búsqueda .ncl > .toml permite migración incremental: cualquier config vieja sigue funcionando sin tocarla.
  - Los contratos Nickel (| default, | String) en los configs sustituyen la validación que antes era implícita en el parsing TOML — el error llega antes (en nickel export) con mensajes más descriptivos.
2026-03-08 23:20:50 +00:00

41 lines
2.8 KiB
Plaintext
Raw Permalink Blame History

{
name = "multi_backend_config",
description = "Configuration with multiple encryption backends for different environments",
display_mode = "complete",
elements = [
# Application Configuration (Non-sensitive)
{ type = "text", name = "app_name", prompt = "Application name", required = true, sensitive = false },
{ type = "select", name = "environment", prompt = "Environment", required = true, sensitive = false, options = [
{ value = "development", label = "development" },
{ value = "staging", label = "staging" },
{ value = "production", label = "production" },
]
},
{ type = "select", name = "log_level", prompt = "Log level", required = false, sensitive = false, options = [
{ value = "debug", label = "debug" },
{ value = "info", label = "info" },
{ value = "warn", label = "warn" },
{ value = "error", label = "error" },
]
},
# Database Configuration
{ type = "text", name = "db_host", prompt = "Database hostname", required = true, sensitive = false },
{ type = "text", name = "db_port", prompt = "Database port", required = false, default = "5432", sensitive = false },
{ type = "text", name = "db_username", prompt = "Database username", required = true, sensitive = false },
{ type = "password", name = "db_password", prompt = "Database password (encrypted with SOPS)", required = true, sensitive = true, encryption_backend = "sops" },
# API Keys and Tokens
{ type = "text", name = "api_key", prompt = "API Key (encrypted with Age)", required = false, sensitive = true, encryption_backend = "age" },
{ type = "password", name = "api_secret", prompt = "API Secret (encrypted with Age)", required = false, sensitive = true, encryption_backend = "age" },
# Enterprise/Production Secrets
{ type = "password", name = "master_key", prompt = "Master encryption key (AWS KMS protected)", required = false, sensitive = true, encryption_backend = "awskms", encryption_config = { key_id = "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012", region = "us-east-1" } },
{ type = "password", name = "root_token", prompt = "Root access token (AWS KMS protected)", required = false, sensitive = true, encryption_backend = "awskms", encryption_config = { key_id = "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012", region = "us-east-1" } },
# Certificate and Key Material
{ type = "editor", name = "tls_cert", prompt = "TLS Certificate (SecretumVault with PQC)", required = false, sensitive = true, encryption_backend = "secretumvault" },
{ type = "editor", name = "tls_key", prompt = "TLS Private Key (SecretumVault with PQC)", required = false, sensitive = true, encryption_backend = "secretumvault" },
],
}
Reference in New Issue View Git Blame Copy Permalink