fix(core): resolve environment loading issues #2827
Conversation
Viper only loads environment values that have been identified (via BindEnv or loaded config file). Instead of using Viper we manually inspect the env and load the keys we care about.
Summary of ChangesHello @ntrevino-virtru, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses a critical configuration loading issue by overhauling how environment variables are processed. It moves away from Viper's limited environment variable handling to a direct, manual inspection of system environment variables. This change ensures that all relevant environment variables, filtered by a prefix and an optional allow list, are correctly identified and loaded into the application's configuration. The refactoring improves the reliability and predictability of environment-based configuration, backed by new, thorough precedence tests. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Env vars flow free,No more Viper's binding chains,Config finds its way. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
The pull request addresses an issue where Viper was not correctly loading environment variables. The solution involves manually inspecting the environment and loading the necessary keys. The changes include modifications to the config_test.go and environment_value_loader.go files. The tests have been expanded to include precedence tests.
This is a defined key with snake-casing.
ntrevino-virtru
dismissed stale reviews from jakedoublev and strantalis
via
d534d84
Benchmark results, click to expandBenchmark authorization.GetDecisions Results:
Benchmark authorization.v2.GetMultiResourceDecision Results:
Standard Benchmark Metrics Skipped or FailedBulk Benchmark Results
TDF3 Benchmark Results:
NANOTDF Benchmark Results:
|
X-Test Failure Resultsopentdf |
Benchmark results, click to expandBenchmark authorization.GetDecisions Results:
Benchmark authorization.v2.GetMultiResourceDecision Results:
Standard Benchmark Metrics Skipped or FailedBulk Benchmark Results
TDF3 Benchmark Results:
NANOTDF Benchmark Results:
|
X-Test Failure Resultsopentdf |
Benchmark results, click to expandBenchmark authorization.GetDecisions Results:
Benchmark authorization.v2.GetMultiResourceDecision Results:
Standard Benchmark Metrics Skipped or FailedBulk Benchmark Results
TDF3 Benchmark Results:
NANOTDF Benchmark Results:
|
X-Test Failure Resultsopentdf |
Benchmark results, click to expandBenchmark authorization.GetDecisions Results:
Benchmark authorization.v2.GetMultiResourceDecision Results:
Standard Benchmark Metrics Skipped or FailedBulk Benchmark Results
TDF3 Benchmark Results:
NANOTDF Benchmark Results:
|
🤖 I have created a release *beep* *boop* --- ## [0.11.0](service/v0.10.0...service/v0.11.0) (2025-10-22) ### Features * **authz:** add obligation fulfillment logic to obligation PDP ([#2740](#2740)) ([2f8d30d](2f8d30d)) * **authz:** audit logs should properly handle obligations ([#2824](#2824)) ([874ec7b](874ec7b)) * **authz:** defer to request auth as decision/entitlements entity ([#2789](#2789)) ([feb34d8](feb34d8)) * **authz:** obligations protos within auth service ([#2745](#2745)) ([41ee5a8](41ee5a8)) * **authz:** protovalidate tests for new authz obligations fields ([#2747](#2747)) ([73e6319](73e6319)) * **authz:** service logic to use request auth as entity identifier in PDP decisions/entitlements ([#2790](#2790)) ([6784e88](6784e88)) * **authz:** wire up obligations enforcement in auth service ([#2756](#2756)) ([11b3ea9](11b3ea9)) * **core:** propagate token clientID on configured claim via interceptor into shared context metadata ([#2760](#2760)) ([0f77246](0f77246)) * **kas:** Add required obligations to kao metadata.: ([#2806](#2806)) ([16fb26c](16fb26c)) * **policy:** add FQNs to obligation defs + vals ([#2749](#2749)) ([fa2585c](fa2585c)) * **policy:** Add obligation support to KAS ([#2786](#2786)) ([bb1bca0](bb1bca0)) * **policy:** List obligation triggers rpc ([#2823](#2823)) ([206abe3](206abe3)) * **policy:** namespace root certificates ([#2771](#2771)) ([beaff21](beaff21)) * **policy:** Proto - root certificates by namespace ([#2800](#2800)) ([0edb359](0edb359)) * **policy:** Protos List obligation triggers ([#2803](#2803)) ([b32df81](b32df81)) * **policy:** Return built obligations fqns with triggers. ([#2830](#2830)) ([e843018](e843018)) * **policy:** Return obligations from GetAttributeValue calls ([#2742](#2742)) ([aa9b393](aa9b393)) ### Bug Fixes * **core:** CORS ([#2787](#2787)) ([a030ac6](a030ac6)) * **core:** deprecate policy WithValue selector not utilized by RPC ([#2794](#2794)) ([c573595](c573595)) * **core:** deprecated stale protos and add better upgrade comments ([#2793](#2793)) ([f2678cc](f2678cc)) * **core:** Don't require known manager names ([#2792](#2792)) ([8a56a96](8a56a96)) * **core:** Fix mode negation and core mode ([#2779](#2779)) ([de9807d](de9807d)) * **core:** resolve environment loading issues ([#2827](#2827)) ([9af3184](9af3184)) * **deps:** bump github.com/opentdf/platform/lib/ocrypto from 0.6.0 to 0.7.0 in /service ([#2812](#2812)) ([a6d180d](a6d180d)) * **deps:** bump github.com/opentdf/platform/protocol/go from 0.12.0 to 0.13.0 in /service ([#2814](#2814)) ([5e9c695](5e9c695)) * **deps:** bump github.com/opentdf/platform/sdk from 0.7.0 to 0.9.0 in /service ([#2798](#2798)) ([d6bc9a8](d6bc9a8)) * **deps:** bump github.com/opentdf/platform/sdk from 0.9.0 to 0.10.0 in /service ([#2831](#2831)) ([412dfd1](412dfd1)) * ECC key loading (deprecated) ([#2757](#2757)) ([49990eb](49990eb)) * **policy:** Change to nil ([#2746](#2746)) ([a449434](a449434)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>
Viper only loads environment values that have been identified (via BindEnv or loaded config file). Instead of using Viper we manually inspect the env and load the keys we care about.
Proposed Changes
Checklist
Testing Instructions