Skip to main content

mz_deploy/secret_resolver/
env_var.rs

1// Copyright Materialize, Inc. and contributors. All rights reserved.
2//
3// Use of this software is governed by the Business Source License
4// included in the LICENSE file.
5//
6// As of the Change Date specified in that file, in accordance with
7// the Business Source License, use of this software will be governed
8// by the Apache License, Version 2.0.
9
10//! Environment variable secret provider.
11//!
12//! Resolves secret values by reading from process environment variables.
13
14use super::{SecretProvider, SecretResolveError};
15use async_trait::async_trait;
16use std::ops::RangeInclusive;
17
18/// Resolves secrets from environment variables.
19///
20/// Usage in SQL: `CREATE SECRET x AS env_var('MY_ENV_VAR')`
21pub(super) struct EnvVarProvider;
22
23#[async_trait]
24impl SecretProvider for EnvVarProvider {
25    fn name(&self) -> &str {
26        "env_var"
27    }
28
29    fn accepted_args(&self) -> RangeInclusive<usize> {
30        1..=1
31    }
32
33    async fn resolve(&self, args: &[String]) -> Result<String, SecretResolveError> {
34        std::env::var(&args[0]).map_err(|_| SecretResolveError::ResolutionFailed {
35            name: self.name().to_string(),
36            reason: format!("environment variable '{}' is not set", args[0]),
37        })
38    }
39}