fix: finalize semantic repair and test updates
This commit is contained in:
@@ -1,10 +1,14 @@
|
||||
# [DEF:backend.src.core.encryption_key:Module]
|
||||
# [DEF:EncryptionKeyModule:Module]
|
||||
# @COMPLEXITY: 5
|
||||
# @SEMANTICS: encryption, key, bootstrap, environment, startup
|
||||
# @PURPOSE: Resolve and persist the Fernet encryption key required by runtime services.
|
||||
# @LAYER: Infra
|
||||
# @RELATION: DEPENDS_ON -> backend.src.core.logger
|
||||
# @RELATION: DEPENDS_ON -> [LoggerModule]
|
||||
# @INVARIANT: Runtime key resolution never falls back to an ephemeral secret.
|
||||
# @PRE: Runtime environment can read process variables and target .env path is writable when key generation is required.
|
||||
# @POST: A valid Fernet key is available to runtime services via ENCRYPTION_KEY.
|
||||
# @SIDE_EFFECT: May append ENCRYPTION_KEY entry into backend .env file and set process environment variable.
|
||||
# @DATA_CONTRACT: Input[env_file_path] -> Output[encryption_key]
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
@@ -51,6 +55,8 @@ def ensure_encryption_key(env_file_path: Path = DEFAULT_ENV_FILE_PATH) -> str:
|
||||
logger.reason(f"Generated ENCRYPTION_KEY and persisted it to {env_file_path}.")
|
||||
logger.reflect("Encryption key is available for runtime services.")
|
||||
return generated_key
|
||||
|
||||
|
||||
# [/DEF:ensure_encryption_key:Function]
|
||||
|
||||
# [/DEF:backend.src.core.encryption_key:Module]
|
||||
# [/DEF:EncryptionKeyModule:Module]
|
||||
|
||||
Reference in New Issue
Block a user