95 lines
2.7 KiB
Bash
Executable file
95 lines
2.7 KiB
Bash
Executable file
#!/bin/bash
|
|
# =============================================================================
|
|
# Environment Variables Validation Script (TASK-QA-009)
|
|
# =============================================================================
|
|
# Validates required environment variables for Veza development.
|
|
# See docs/ENV_VARIABLES.md for full reference.
|
|
#
|
|
# Usage:
|
|
# ./scripts/validate-env.sh [environment]
|
|
# environment: development (default), production, test
|
|
#
|
|
# Can be run before make dev or integrated in make doctor.
|
|
# =============================================================================
|
|
|
|
set -e
|
|
|
|
ENVIRONMENT=${1:-development}
|
|
ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
|
cd "$ROOT"
|
|
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m'
|
|
|
|
check_var() {
|
|
local var_name=$1
|
|
local required=$2
|
|
local value="${!var_name}"
|
|
|
|
if [ -z "$value" ]; then
|
|
if [ "$required" = "required" ]; then
|
|
echo -e " ${RED}✗ ${var_name} (required, not set)${NC}"
|
|
return 1
|
|
else
|
|
echo -e " ${YELLOW}○ ${var_name} (optional, not set)${NC}"
|
|
return 0
|
|
fi
|
|
else
|
|
echo -e " ${GREEN}✓ ${var_name}${NC}"
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
echo ""
|
|
echo "🔍 Environment validation (${ENVIRONMENT})"
|
|
echo " Ref: docs/ENV_VARIABLES.md"
|
|
echo ""
|
|
|
|
ERRORS=0
|
|
|
|
# Load .env if present (optional)
|
|
if [ -f .env ]; then
|
|
set -a
|
|
source .env
|
|
set +a
|
|
fi
|
|
|
|
echo "Required variables:"
|
|
check_var "DATABASE_URL" "required" || ERRORS=$((ERRORS + 1))
|
|
check_var "REDIS_URL" "required" || ERRORS=$((ERRORS + 1))
|
|
|
|
# JWT: either RS256 keys OR JWT_SECRET (dev fallback)
|
|
JWT_PRIVATE=$(printenv JWT_PRIVATE_KEY_PATH 2>/dev/null || true)
|
|
JWT_PUBLIC=$(printenv JWT_PUBLIC_KEY_PATH 2>/dev/null || true)
|
|
JWT_SECRET=$(printenv JWT_SECRET 2>/dev/null || true)
|
|
if [ -n "$JWT_PRIVATE" ] && [ -n "$JWT_PUBLIC" ]; then
|
|
echo -e " ${GREEN}✓ JWT (RS256: keys configured)${NC}"
|
|
elif [ -n "$JWT_SECRET" ] && [ ${#JWT_SECRET} -ge 32 ]; then
|
|
echo -e " ${GREEN}✓ JWT (HS256 fallback, min 32 chars)${NC}"
|
|
else
|
|
echo -e " ${RED}✗ JWT_PRIVATE_KEY_PATH + JWT_PUBLIC_KEY_PATH, or JWT_SECRET (min 32 chars)${NC}"
|
|
ERRORS=$((ERRORS + 1))
|
|
fi
|
|
|
|
echo ""
|
|
echo "Optional (development):"
|
|
check_var "CORS_ALLOWED_ORIGINS" "optional"
|
|
check_var "FRONTEND_URL" "optional"
|
|
|
|
if [ "$ENVIRONMENT" = "production" ]; then
|
|
echo ""
|
|
echo "Production-specific:"
|
|
check_var "CORS_ALLOWED_ORIGINS" "required" || ERRORS=$((ERRORS + 1))
|
|
fi
|
|
|
|
echo ""
|
|
if [ $ERRORS -eq 0 ]; then
|
|
echo -e "${GREEN}✓ Validation passed.${NC}"
|
|
exit 0
|
|
else
|
|
echo -e "${RED}✗ Validation failed ($ERRORS error(s)).${NC}"
|
|
echo " See docs/ENV_VARIABLES.md and .env.example"
|
|
exit 1
|
|
fi
|