2025-05-15 02:56:44 +00:00
2 changed files with 51 additions and 1 deletions
--- a/config/config.go
+++ b/config/config.go
@@ -1,6 +1,10 @@
 package config

-import "git.siteworxpro.com/packages/go/utilities/Env"
+import (
+	"fmt"
+	"git.siteworxpro.com/packages/go/utilities/Env"
+	"regexp"
+)

 const (
 	namespace          Env.EnvironmentVariable = "NAMESPACE"
@@ -20,6 +24,46 @@ func NewConfig() *Config {
 	return &Config{}
 }

+func (c Config) Valid() error {
+	// Certificate Required
+	if c.Certificate() == "" {
+		return fmt.Errorf("certificate is required")
+	}
+
+	// Private Key Required
+	if c.PrivateKey() == "" {
+		return fmt.Errorf("private Key is required")
+	}
+
+	// Role ARN Required
+	if c.RoleArn() == "" {
+		return fmt.Errorf("role ARN is required")
+	}
+
+	if !regexp.MustCompile(`^arn:aws:iam::[0-9]{10,13}:role/[\w\D]*$`).MatchString(c.RoleArn()) {
+		return fmt.Errorf("role ARN %s is invalid", c.RoleArn())
+	}
+
+	if c.ProfileArn() == "" {
+		return fmt.Errorf("profile ARN is required")
+	}
+
+	if !regexp.MustCompile(`^arn:aws:rolesanywhere:[\w-]*:\d{10,12}:profile/[\w\D]*$`).MatchString(c.ProfileArn()) {
+		return fmt.Errorf("profile ARN %s is invalid", c.ProfileArn())
+	}
+
+	// Trusted Anchor ARN Required
+	if c.TrustedAnchor() == "" {
+		return fmt.Errorf("trusted anchor ARN is required")
+	}
+
+	if !regexp.MustCompile(`^arn:aws:rolesanywhere:[\w-]*:\d{10,12}:trust-anchor/[\w\D]*$`).MatchString(c.TrustedAnchor()) {
+		return fmt.Errorf("trusted anchor %s ARN is invalid", c.TrustedAnchor())
+	}
+
+	return nil
+}
+
 func (Config) Namespace() string {
 	return namespace.GetEnvString("")
 }
--- a/main.go
+++ b/main.go
@@ -29,6 +29,12 @@ func main() {

 	c := appConfig.NewConfig()

+	err = c.Valid()
+	if err != nil {
+		l.Error("Invalid configuration", "error", err)
+		os.Exit(1)
+	}
+
 	privateKey, err := base64.StdEncoding.DecodeString(c.PrivateKey())
 	if err != nil {
 		l.Error("Failed to decode private key", "error", err)