confex
confex copied to clipboard
Nebo15
Confex AWS Parameter store plugin
Hi all, we are using Confex in a project where we also wanted to pull config from the AWS parameter store, I put together a Parameter Store plugin for Confex[1] so we could keep resolving both :system and our plugin using the same code, also Confex has been very helpful in general so I hoped we might contribute somewhat :)
I'm very interested in any feedback from contributors to Confex regarding the plugin, there is certainly room for improvement. The original version we use internally does include a cacheing mechanism by default as we do have places where params are requested repeatedly, however I did not want to make that a default behaviour as it introduces state into the plugin, cacheing should be explicitly requested by the user imo.
[1] https://github.com/gpedic/confex_parameter_store
Hello @gpedic, I'm excited to see people are building on top of Confex! :) Unfortunately, I never used AWS parameter store in my life and can't give any detailed feedback, but I would be happy to help if you have any specific questions.
I did work on Vault integration though and decided to not introduce value cache either because caching and invalidation are hard and users should opt-in for it explicitly. Plus there are plenty of good caching libraries around :).
@AndrewDryga unrelated to this issue itself but since you mentioned about it in your comment, I thought I would just ask here. Did you ever release the vault adapter for Confex. Based on your note above, it seems like it may have been done but I can not seem to find it. Otherwise, I would be interested to add a vault adapter. Thanks!
@techgaun I did not as I've faced an issue in Ecto which should use it. At that moment it was not possible to rotate credential when Repo is started and there is no point in using Vault if you can't rotate DB secrets. I think it changed now but not sure would it be easy or not.