WIP: claude refactor

Signed-off-by: Nick Gerace <nick@systeminit.com>

Author: nickgerace

Cargo.lock

@@ -11,6 +11,8 @@ rust_library(
         "//lib/si-std:si-std",
         "//lib/si-tls:si-tls",
         "//lib/telemetry-rs:telemetry",
+        "//third-party/rust:async-trait",
+        "//third-party/rust:aws-sdk-ssm",
         "//third-party/rust:axum",
         "//third-party/rust:dashmap",
         "//third-party/rust:derive_builder",

lib/innit-server/BUCK

@@ -9,6 +9,8 @@ rust-version.workspace = true
 publish.workspace = true
 
 [dependencies]
+async-trait = { workspace = true }
+aws-sdk-ssm = { workspace = true }
 axum = { workspace = true }
 buck2-resources = { path = "../../lib/buck2-resources" }
 dashmap = { workspace = true }

lib/innit-server/Cargo.toml

@@ -1,8 +1,10 @@
 use axum::extract::FromRef;
-use si_data_ssm::ParameterStorageBackend;
 use tokio_util::sync::CancellationToken;
 
-use crate::parameter_cache::ParameterCache;
+use crate::{
+    parameter_cache::ParameterCache,
+    parameter_storage::ParameterStorageBackend,
+};
 
 #[remain::sorted]
 #[derive(Debug, Eq, PartialEq)]

lib/innit-server/src/app_state.rs

@@ -3,6 +3,7 @@ mod app_state;
 mod config;
 mod middleware;
 mod parameter_cache;
+mod parameter_storage;
 mod routes;
 mod server;
 
@@ -15,5 +16,11 @@ pub use self::{
         StandardConfigFile,
         detect_and_configure_development,
     },
+    parameter_storage::{
+        EnvParameterStorage,
+        ParameterStorage,
+        ParameterStorageBackend,
+        ParameterStorageError,
+    },
     server::Server,
 };

lib/innit-server/src/lib.rs

@@ -0,0 +1,186 @@
+use aws_sdk_ssm::types::{Parameter, ParameterType};
+use si_data_ssm::{ParameterStoreClient, ParameterStoreClientError};
+use telemetry::prelude::*;
+use thiserror::Error;
+
+#[remain::sorted]
+#[derive(Debug, Error)]
+pub enum ParameterStorageError {
+    #[error("Parameter path invalid, must start with /: {0}")]
+    InvalidPath(String),
+    #[error("Parameter not found: {0}")]
+    ParameterNotFound(String),
+    #[error("Parameter store client error: {0}")]
+    ParameterStoreClient(#[from] ParameterStoreClientError),
+    #[error("Parameter path not found: {0}")]
+    PathNotFound(String),
+    #[error("Write operations not supported in environment variable mode")]
+    WriteNotSupported,
+}
+
+pub type ParameterStorageResult<T> = Result<T, ParameterStorageError>;
+
+/// Trait for abstracting parameter storage backends
+#[async_trait::async_trait]
+pub trait ParameterStorage: std::fmt::Debug + Send + Sync {
+    /// Gets a specific parameter by name
+    async fn get_parameter(&self, name: String) -> ParameterStorageResult<Parameter>;
+
+    /// Gets all parameters under a path
+    async fn parameters_by_path(&self, path: String) -> ParameterStorageResult<Vec<Parameter>>;
+
+    /// Creates or updates a string parameter
+    async fn create_string_parameter(
+        &self,
+        name: String,
+        value: String,
+    ) -> ParameterStorageResult<()>;
+}
+
+/// Environment variable-based parameter storage
+#[derive(Debug, Clone)]
+pub struct EnvParameterStorage;
+
+impl EnvParameterStorage {
+    /// Creates a new environment parameter storage
+    pub fn new() -> Self {
+        Self
+    }
+
+    /// Converts a parameter path to an environment variable name
+    /// Example: `/si/prod/database/password` -> `SI_PROD_DATABASE_PASSWORD`
+    fn path_to_env_var(path: &str) -> String {
+        path.trim_start_matches('/')
+            .replace('/', "_")
+            .to_uppercase()
+    }
+
+    /// Checks if an environment variable key matches a path prefix
+    fn env_var_matches_path(env_key: &str, path: &str) -> bool {
+        let normalized = Self::path_to_env_var(path);
+        // Match exact or with underscore separator to avoid false matches
+        // e.g., SI_PROD matches SI_PROD_DB but not SI_PRODUCTION
+        env_key == normalized || env_key.starts_with(&format!("{}_", normalized))
+    }
+
+    /// Converts an environment variable name back to a parameter path
+    /// Example: `SI_PROD_DATABASE_PASSWORD` -> `/si/prod/database/password`
+    fn env_var_to_path(env_var: &str) -> String {
+        format!("/{}", env_var.replace('_', "/").to_lowercase())
+    }
+}
+
+/// Implementation of ParameterStorage for EnvParameterStorage (environment variable backend)
+#[async_trait::async_trait]
+impl ParameterStorage for EnvParameterStorage {
+    async fn get_parameter(&self, name: String) -> ParameterStorageResult<Parameter> {
+        let env_var = Self::path_to_env_var(&name);
+
+        #[allow(clippy::disallowed_methods)]
+        let value = std::env::var(&env_var)
+            .map_err(|_| ParameterStorageError::ParameterNotFound(name.clone()))?;
+
+        Ok(Parameter::builder()
+            .name(name)
+            .value(value)
+            .r#type(ParameterType::String)
+            .build())
+    }
+
+    async fn parameters_by_path(&self, path: String) -> ParameterStorageResult<Vec<Parameter>> {
+        if !path.starts_with("/") {
+            return Err(ParameterStorageError::InvalidPath(path));
+        }
+
+        let mut parameters = Vec::new();
+
+        #[allow(clippy::disallowed_methods)]
+        for (key, value) in std::env::vars() {
+            if Self::env_var_matches_path(&key, &path) {
+                let param_name = Self::env_var_to_path(&key);
+                parameters.push(
+                    Parameter::builder()
+                        .name(param_name)
+                        .value(value)
+                        .r#type(ParameterType::String)
+                        .build(),
+                );
+            }
+        }
+
+        if parameters.is_empty() {
+            return Err(ParameterStorageError::PathNotFound(path));
+        }
+
+        Ok(parameters)
+    }
+
+    async fn create_string_parameter(
+        &self,
+        _name: String,
+        _value: String,
+    ) -> ParameterStorageResult<()> {
+        Err(ParameterStorageError::WriteNotSupported)
+    }
+}
+
+/// Implementation of ParameterStorage for ParameterStoreClient (AWS SSM backend)
+#[async_trait::async_trait]
+impl ParameterStorage for ParameterStoreClient {
+    async fn get_parameter(&self, name: String) -> ParameterStorageResult<Parameter> {
+        self.get_parameter(name).await.map_err(Into::into)
+    }
+
+    async fn parameters_by_path(&self, path: String) -> ParameterStorageResult<Vec<Parameter>> {
+        self.parameters_by_path(path).await.map_err(Into::into)
+    }
+
+    async fn create_string_parameter(
+        &self,
+        name: String,
+        value: String,
+    ) -> ParameterStorageResult<()> {
+        self.create_string_parameter(name, value)
+            .await
+            .map_err(Into::into)
+    }
+}
+
+/// Enum wrapper for different parameter storage backends
+#[remain::sorted]
+#[derive(Debug, Clone)]
+pub enum ParameterStorageBackend {
+    /// Environment variable backend
+    Env(EnvParameterStorage),
+    /// AWS SSM Parameter Store backend
+    Ssm(ParameterStoreClient),
+}
+
+/// Implementation of ParameterStorage for ParameterStorageBackend (delegates to inner backend)
+#[async_trait::async_trait]
+impl ParameterStorage for ParameterStorageBackend {
+    async fn get_parameter(&self, name: String) -> ParameterStorageResult<Parameter> {
+        match self {
+            Self::Env(storage) => storage.get_parameter(name).await,
+            Self::Ssm(client) => <ParameterStoreClient as ParameterStorage>::get_parameter(client, name).await,
+        }
+    }
+
+    async fn parameters_by_path(&self, path: String) -> ParameterStorageResult<Vec<Parameter>> {
+        match self {
+            Self::Env(storage) => storage.parameters_by_path(path).await,
+            Self::Ssm(client) => <ParameterStoreClient as ParameterStorage>::parameters_by_path(client, path).await,
+        }
+    }
+
+    async fn create_string_parameter(
+        &self,
+        name: String,
+        value: String,
+    ) -> ParameterStorageResult<()> {
+        match self {
+            Self::Env(storage) => storage.create_string_parameter(name, value).await,
+            Self::Ssm(client) => <ParameterStoreClient as ParameterStorage>::create_string_parameter(client, name, value).await,
+        }
+    }
+}

lib/innit-server/src/parameter_storage.rs

@@ -16,7 +16,6 @@ use serde_json::{
     Value,
     json,
 };
-use si_data_ssm::ParameterStoreClientError;
 use thiserror::Error;
 
 mod clear_cache;
@@ -28,7 +27,10 @@ use super::{
     app_state::AppState,
     server::ServerError,
 };
-use crate::api_error::ApiError;
+use crate::{
+    api_error::ApiError,
+    parameter_storage::ParameterStorageError,
+};
 
 pub fn public_routes(state: AppState) -> Router {
     Router::new()
@@ -59,8 +61,8 @@ async fn system_status_route() -> Json<Value> {
 #[remain::sorted]
 #[derive(Debug, Error)]
 pub enum AppError {
-    #[error("parameter store client error: {0}")]
-    ParameterStoreClient(#[from] ParameterStoreClientError),
+    #[error("parameter storage error: {0}")]
+    ParameterStorage(#[from] ParameterStorageError),
     #[error("server error: {0}")]
     Server(#[from] ServerError),
 }

lib/innit-server/src/routes.rs

@@ -10,11 +10,13 @@ use innit_core::{
     CreateParameterResponse,
     Parameter,
 };
-use si_data_ssm::ParameterStorage;
 use telemetry::tracing::info;
 
 use super::AppError;
-use crate::app_state::AppState;
+use crate::{
+    app_state::AppState,
+    parameter_storage::ParameterStorage,
+};
 
 pub async fn create_parameter_route(
     Path(name): Path<String>,

lib/innit-server/src/routes/create_parameter.rs

@@ -6,12 +6,12 @@ use innit_core::{
     GetParameterResponse,
     Parameter,
 };
-use si_data_ssm::ParameterStorage;
 use telemetry::tracing::info;
 
 use super::AppError;
 use crate::{
     app_state::AppState,
+    parameter_storage::ParameterStorage,
     routes::Json,
 };
 

lib/innit-server/src/routes/get_parameter.rs

@@ -6,12 +6,12 @@ use innit_core::{
     ListParametersResponse,
     Parameter,
 };
-use si_data_ssm::ParameterStorage;
 use telemetry::tracing::info;
 
 use super::AppError;
 use crate::{
     app_state::AppState,
+    parameter_storage::ParameterStorage,
     routes::Json,
 };