clavitor/clavis/clavis-vault/edition/config.go

//go:build commercial

// Package edition - Commercial replication configuration loading.
// This file is built ONLY when the "commercial" build tag is specified.
//
// Supports both primary-only and primary+replica POPs.
// Primary-only: empty replication.peers list.
// Primary+replica: replication.peers contains peer POPs.
package edition

import (
	"fmt"
	"os"

	"gopkg.in/yaml.v3"
)

// LoadReplicationConfig loads and validates /etc/clavitor/replication.yaml
// Primary-only POPs have empty replication.peers list.
// Returns nil config if file doesn't exist (for primary-only POPs).
func LoadReplicationConfig(path string) (*ReplicationConfig, error) {
	data, err := os.ReadFile(path)
	if err != nil {
		// File missing = primary-only POP (no replication)
		return nil, nil
	}

	var cfg ReplicationConfig
	if err := yaml.Unmarshal(data, &cfg); err != nil {
		return nil, fmt.Errorf("invalid replication config YAML: %w", err)
	}

	// Validation
	if cfg.POPID == "" {
		return nil, fmt.Errorf("pop_id is required")
	}
	if cfg.Region == "" {
		return nil, fmt.Errorf("region is required")
	}

	// Validate peers if configured
	for i, peer := range cfg.Replication.Peers {
		if peer.ID == "" {
			return nil, fmt.Errorf("replication.peers[%d].id is required", i)
		}
		if peer.URL == "" {
			return nil, fmt.Errorf("replication.peers[%d].url is required", i)
		}
		// URL must be HTTPS
		if len(peer.URL) < 8 || peer.URL[:8] != "https://" {
			return nil, fmt.Errorf("replication.peers[%d].url must use HTTPS", i)
		}
	}

	// Set defaults
	if cfg.Replication.BatchSize == 0 {
		cfg.Replication.BatchSize = 100
	}
	if cfg.Replication.MaxRetries == 0 {
		cfg.Replication.MaxRetries = 5
	}
	if cfg.Replication.RequestTimeout == 0 {
		cfg.Replication.RequestTimeout = 30
	}

	return &cfg, nil
}