use compliance_core::AgentConfig; use secrecy::SecretString; use crate::error::AgentError; fn env_var(key: &str) -> Result { std::env::var(key).map_err(|_| AgentError::Config(format!("Missing env var: {key}"))) } fn env_var_opt(key: &str) -> Option { std::env::var(key).ok().filter(|v| !v.is_empty()) } fn env_secret_opt(key: &str) -> Option { env_var_opt(key).map(SecretString::from) } pub fn load_config() -> Result { Ok(AgentConfig { mongodb_uri: env_var("MONGODB_URI")?, mongodb_database: env_var_opt("MONGODB_DATABASE") .unwrap_or_else(|| "compliance_scanner".to_string()), litellm_url: env_var_opt("LITELLM_URL") .unwrap_or_else(|| "http://localhost:4000".to_string()), litellm_api_key: SecretString::from(env_var_opt("LITELLM_API_KEY").unwrap_or_default()), litellm_model: env_var_opt("LITELLM_MODEL").unwrap_or_else(|| "gpt-4o".to_string()), litellm_embed_model: env_var_opt("LITELLM_EMBED_MODEL") .unwrap_or_else(|| "text-embedding-3-small".to_string()), github_token: env_secret_opt("GITHUB_TOKEN"), github_webhook_secret: env_secret_opt("GITHUB_WEBHOOK_SECRET"), gitlab_url: env_var_opt("GITLAB_URL"), gitlab_token: env_secret_opt("GITLAB_TOKEN"), gitlab_webhook_secret: env_secret_opt("GITLAB_WEBHOOK_SECRET"), jira_url: env_var_opt("JIRA_URL"), jira_email: env_var_opt("JIRA_EMAIL"), jira_api_token: env_secret_opt("JIRA_API_TOKEN"), jira_project_key: env_var_opt("JIRA_PROJECT_KEY"), searxng_url: env_var_opt("SEARXNG_URL"), nvd_api_key: env_secret_opt("NVD_API_KEY"), agent_port: env_var_opt("AGENT_PORT") .and_then(|p| p.parse().ok()) .unwrap_or(3001), scan_schedule: env_var_opt("SCAN_SCHEDULE").unwrap_or_else(|| "0 0 */6 * * *".to_string()), cve_monitor_schedule: env_var_opt("CVE_MONITOR_SCHEDULE") .unwrap_or_else(|| "0 0 0 * * *".to_string()), git_clone_base_path: env_var_opt("GIT_CLONE_BASE_PATH") .unwrap_or_else(|| "/tmp/compliance-scanner/repos".to_string()), }) }