From 37721ed215c684383771ddf51bf2f93b4599ce92 Mon Sep 17 00:00:00 2001
From: Jon Michael Aanes <jonjmaa@gmail.com>
Date: Mon, 8 Jul 2024 00:00:50 +0200
Subject: [PATCH] There is little reason to differentiate between hardcoded
 values and configuration

---
 secret_loader/__init__.py | 24 +++++++++++++++---------
 test/test_init.py         |  5 +++--
 2 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/secret_loader/__init__.py b/secret_loader/__init__.py
index 6ace620..bc96c98 100644
--- a/secret_loader/__init__.py
+++ b/secret_loader/__init__.py
@@ -14,7 +14,8 @@ db_password = secrets.load_or_fail('DATABASE_PASSWORD')
 
 Secret loading order:
 
-0. Hardcoded values. **This is purely for debugging and prototyping.**
+0. Hardcoded values. **This is purely for debugging, prototyping, and for
+   configuring below options.**
 1. Files pointed to by environment variables. Docker friendly.
 2. Secrets folder. Also Docker friendly.
 3. [Pass: the standard unix password
@@ -38,6 +39,8 @@ try:
 except ImportError:
     hvac = None
 
+ENV_KEY_PREFIX = 'ENV_KEY_PREFIX'
+
 ENV_KEY_VAULT_URL = 'VAULT_URL'
 ENV_KEY_VAULT_TOKEN = 'VAULT_TOKEN'
 ENV_KEY_VAULT_MOUNT_POINT = 'VAULT_MOUNT_POINT'
@@ -51,17 +54,20 @@ class SecretLoader:
     See module documentation for usage.
     """
 
-    def __init__(self, env_key_prefix: str, hardcoded: dict[str, str] | None = None):
-        assert not env_key_prefix.endswith('_'), 'Prefix must not end with _ (this will be added automatically)'
-        self.env_key_prefix = env_key_prefix
-        self.hardcoded: dict[str, str] = hardcoded if hardcoded is not None else {}
+    def __init__(self, **hardcoded: str):
+        # Basic setup, containing only hardcoded.
+        self.hardcoded: dict[str, str] = hardcoded
         self.pass_folder = None
         self.vault_client = None
+        self.env_key_prefix = None
+
+        # Setup environment
+        self.env_key_prefix = self._load_or_none(ENV_KEY_PREFIX)
+        if self.env_key_prefix is not None:
+            assert not self.env_key_prefix.endswith('_'), 'Prefix must not end with _ (this will be added automatically)'
 
         # Setup pass
-        if pass_folder := self._load_or_none(ENV_KEY_PASS_FOLDER):
-            self.pass_folder = pass_folder
-        del pass_folder
+        self.pass_folder = self._load_or_none(ENV_KEY_PASS_FOLDER)
 
         # Setup vault
         if hvac:
@@ -103,7 +109,7 @@ class SecretLoader:
         try:
             with open(filepath) as f:
                 return f.read().strip()
-        except Exception:
+        except FileNotFoundError:
             return None
 
     def _load_or_none_local_password_store(self, env_key: str) -> str | None:
diff --git a/test/test_init.py b/test/test_init.py
index e207ff2..39240d1 100644
--- a/test/test_init.py
+++ b/test/test_init.py
@@ -2,9 +2,10 @@ import secret_loader
 
 
 def test_init():
-    loader = secret_loader.SecretLoader('TEST', hardcoded={'KEY': 'VALUE'})
+    loader = secret_loader.SecretLoader(ENV_KEY_PREFIX = 'TEST', KEY = 'VALUE')
+    assert loader.load('ENV_KEY_PREFIX') == 'TEST'
     assert loader.load('KEY') == 'VALUE'
 
 def test_lookup_unknown():
-    loader = secret_loader.SecretLoader('TEST', hardcoded={})
+    loader = secret_loader.SecretLoader()
     assert loader.load('UNKNOWN') is None