environment names are constants (ref)

Signed-off-by: Alex Aizman <[email protected]>

ais/daemon.go

@@ -1,6 +1,6 @@
 // Package ais provides core functionality for the AIStore object storage.
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package ais
 
@@ -203,19 +203,19 @@ func initDaemon(version, buildTime string) cos.Runner {
 	xreg.Init()
 
 	// primary 'host[:port]' endpoint or URL from the environment
-	if daemon.EP = os.Getenv(env.AIS.PrimaryEP); daemon.EP != "" {
+	if daemon.EP = os.Getenv(env.AisPrimaryEP); daemon.EP != "" {
 		scheme := "http"
 		if config.Net.HTTP.UseHTTPS {
 			scheme = "https"
 		}
 		if strings.Contains(daemon.EP, "://") {
 			u, err := url.Parse(daemon.EP)
 			if err != nil {
-				cos.ExitLogf("invalid environment %s=%s: %v", env.AIS.PrimaryEP, daemon.EP, err)
+				cos.ExitLogf("invalid environment %s=%s: %v", env.AisPrimaryEP, daemon.EP, err)
 			}
 			if u.Path != "" && u.Path != "/" {
 				cos.ExitLogf("invalid environment %s=%s (not expecting path %q)",
-					env.AIS.PrimaryEP, daemon.EP, u.Path)
+					env.AisPrimaryEP, daemon.EP, u.Path)
 			}
 			// reassemble and compare
 			ustr := scheme + "://" + u.Hostname()

ais/earlystart.go

@@ -1,6 +1,6 @@
 // Package ais provides core functionality for the AIStore object storage.
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package ais
 
@@ -78,7 +78,7 @@ func (p *proxy) bootstrap() {
 		case prim.isSmap:
 			nlog.Infof("%s: assuming primary role _for now_ %+v", p, prim)
 		case prim.isEP && isSelf != "":
-			nlog.Infof("%s: assuming primary role (and note that env %s=%s is redundant)", p, env.AIS.PrimaryEP, daemon.EP)
+			nlog.Infof("%s: assuming primary role (and note that env %s=%s is redundant)", p, env.AisPrimaryEP, daemon.EP)
 		default:
 			nlog.Infof("%s: assuming primary role as per: %+v", p, prim)
 		}

ais/htrun.go

@@ -1,6 +1,6 @@
 // Package ais provides core functionality for the AIStore object storage.
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package ais
 
@@ -1158,7 +1158,7 @@ func (h *htrun) statsAndStatus() (ds *stats.NodeStatus) {
 		DeploymentType: deploymentType(),
 		Version:        daemon.version,
 		BuildTime:      daemon.buildTime,
-		K8sPodName:     os.Getenv(env.AIS.K8sPod),
+		K8sPodName:     os.Getenv(env.AisK8sPod),
 		Status:         h._status(smap),
 	}
 	return ds
@@ -1176,7 +1176,7 @@ func (h *htrun) statsAndStatusV322() (ds *stats.NodeStatusV322) {
 		DeploymentType: deploymentType(),
 		Version:        daemon.version,
 		BuildTime:      daemon.buildTime,
-		K8sPodName:     os.Getenv(env.AIS.K8sPod),
+		K8sPodName:     os.Getenv(env.AisK8sPod),
 		Status:         h._status(smap),
 	}
 	return ds

ais/proxy.go

@@ -1,6 +1,6 @@
 // Package ais provides core functionality for the AIStore object storage.
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package ais
 
@@ -99,7 +99,7 @@ func (p *proxy) init(config *cmn.Config) {
 
 	cos.InitShortID(p.si.Digest())
 
-	if network, err := _parseCIDR(env.AIS.LocalRedirectCIDR, ""); err != nil {
+	if network, err := _parseCIDR(env.AisLocalRedirectCIDR, ""); err != nil {
 		cos.ExitLog(err) // FATAL
 	} else {
 		p.si.LocalNet = network

ais/prxauth.go

@@ -1,6 +1,6 @@
 // Package ais provides core functionality for the AIStore object storage.
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package ais
 
@@ -49,7 +49,7 @@ func newAuthManager(config *cmn.Config) *authManager {
 		tkList:        make(tkList),
 		revokedTokens: make(map[string]bool), // TODO: preallocate
 		version:       1,
-		secret:        cos.Right(config.Auth.Secret, os.Getenv(env.AuthN.SecretKey)), // environment override
+		secret:        cos.Right(config.Auth.Secret, os.Getenv(env.AisAuthSecretKey)), // environment override
 	}
 }
 

ais/test/main_test.go

@@ -52,17 +52,17 @@ func waitForCluster() (primaryURL string, err error) {
 	var (
 		proxyCnt, targetCnt, retry int
 	)
-	pc := os.Getenv(env.AIS.NumProxy)
-	tc := os.Getenv(env.AIS.NumTarget)
+	pc := os.Getenv(env.AisNumProxy)
+	tc := os.Getenv(env.AisNumTarget)
 	if pc != "" || tc != "" {
 		proxyCnt, err = strconv.Atoi(pc)
 		if err != nil {
-			err = fmt.Errorf("error EnvVars: %s. err: %v", env.AIS.NumProxy, err)
+			err = fmt.Errorf("error EnvVars: %s. err: %v", env.AisNumProxy, err)
 			return
 		}
 		targetCnt, err = strconv.Atoi(tc)
 		if err != nil {
-			err = fmt.Errorf("error EnvVars: %s. err: %v", env.AIS.NumTarget, err)
+			err = fmt.Errorf("error EnvVars: %s. err: %v", env.AisNumTarget, err)
 			return
 		}
 	}

ais/test/s3/e2e_s3_test.go

@@ -1,6 +1,6 @@
 // Package s3_integration provides tests of compatibility with AWS S3
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package s3_test
 
@@ -34,7 +34,7 @@ var _ = Describe("E2E AWS Compatibility Tests", func() {
 		params string
 	)
 
-	if value := os.Getenv(env.AIS.UseHTTPS); cos.IsParseBool(value) {
+	if value := os.Getenv(env.AisUseHTTPS); cos.IsParseBool(value) {
 		host = "https://localhost:8080/s3"
 		params = "--no-check-certificate"
 	} else {

ais/utils.go

@@ -1,6 +1,6 @@
 // Package ais provides core functionality for the AIStore object storage.
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package ais
 
@@ -208,11 +208,11 @@ func _localIP(addrList []*localIPv4Info) (ip net.IP, _ error) {
 
 	// NOTE:
 	// - try using environment to eliminate ambiguity
-	// - env.AIS.PubIPv4CIDR ("AIS_PUBLIC_IP_CIDR") takes precedence
+	// - env.AisPubIPv4CIDR ("AIS_PUBLIC_IP_CIDR") takes precedence
 	var (
 		selected     = -1
 		parsed       net.IP
-		network, err = _parseCIDR(env.AIS.LocalRedirectCIDR, env.AIS.PubIPv4CIDR)
+		network, err = _parseCIDR(env.AisLocalRedirectCIDR, env.AisPubIPv4CIDR)
 	)
 	if err != nil {
 		return nil, err

api/authn/loadtoken.go

@@ -1,6 +1,6 @@
 // Package authn provides AuthN API over HTTP(S)
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018=2025, NVIDIA CORPORATION. All rights reserved.
  */
 package authn
 
@@ -20,7 +20,7 @@ import (
 func LoadToken(tokenFile string) (string /*token value*/, error) {
 	// token value directly from environment
 	if tokenFile == "" {
-		if tokenEnv := os.Getenv(env.AuthN.Token); tokenEnv != "" {
+		if tokenEnv := os.Getenv(env.AisAuthToken); tokenEnv != "" {
 			return tokenEnv, nil
 		}
 	}
@@ -29,7 +29,7 @@ func LoadToken(tokenFile string) (string /*token value*/, error) {
 
 	// token filename from environment
 	if tokenFile == "" {
-		tokenFile = os.Getenv(env.AuthN.TokenFile)
+		tokenFile = os.Getenv(env.AisAuthTokenFile)
 	}
 
 	// or, default token filename

api/env/ais.go

@@ -1,95 +1,62 @@
 // Package env contains environment variables
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018-2025, NVIDIA CORPORATION. All rights reserved.
  */
 package env
 
-// NOTE not included:
+// not included:
 // - "AIS_READ_HEADER_TIMEOUT"
 // - "AIS_DAEMON_ID"
 // - "AIS_HOST_IP", "AIS_HOST_PORT" - local playground (target only)
-// - "AIS_TARGET_URL"               - ETL
-//
-// See also:
+// - "AIS_TARGET_URL" - ETL
+// see also:
 // - docs/environment-vars.md
 
-var AIS = struct {
+const (
 	// endpoint: client | primary startup
-	Endpoint  string
-	PrimaryEP string
+
+	AisEndpoint  = "AIS_ENDPOINT" // the way to designate primary when cluster's starting up
+	AisPrimaryEP = "AIS_PRIMARY_EP"
 
 	// networking: two CIDR masks
-	LocalRedirectCIDR string
-	PubIPv4CIDR       string
+	// 1. differentiate local (same CIDR) clients for faster HTTP redirect
+	// 2. at node startup: when present with multiple choices, select one matching local unicast IP
+	//    to use it as node's public interface
+	AisLocalRedirectCIDR = "AIS_CLUSTER_CIDR"
+	AisPubIPv4CIDR       = "AIS_PUBLIC_IP_CIDR"
 
 	//
 	// HTTPS
 	// for details and background, see: https://github.com/NVIDIA/aistore/blob/main/docs/environment-vars.md#https
 	//
-	UseHTTPS string
-	// TLS: client side
-	Certificate   string
-	CertKey       string
-	ClientCA      string
-	SkipVerifyCrt string
-	// TLS: server (aistore, AuthN) side (NOTE comment below)
-
-	// tests, CI
-	NumTarget string
-	NumProxy  string
-
-	// K8s
-	K8sPod                  string
-	K8sNode                 string
-	K8sNamespace            string
-	K8sServiceName          string
-	K8sPublicHostname       string
-	K8sClusterDomain        string
-	K8sHostNetwork          string
-	K8sEnableExternalAccess string
-}{
-	// the way to designate primary when cluster's starting up
-	Endpoint:  "AIS_ENDPOINT",
-	PrimaryEP: "AIS_PRIMARY_EP",
-
-	// two CIDRs, respectively:
-	// 1. differentiate local (same CIDR) clients for faster HTTP redirect
-	// 2. at node startup: when present with multiple choices, select one matching local unicast IP
-	//    to use it as node's public interface
-	LocalRedirectCIDR: "AIS_CLUSTER_CIDR",
-	PubIPv4CIDR:       "AIS_PUBLIC_IP_CIDR",
 
 	// false: HTTP transport, with all the TLS config (below) ignored
 	// true:  HTTPS/TLS
 	// for details and background, see: https://github.com/NVIDIA/aistore/blob/main/docs/environment-vars.md#https
-	UseHTTPS: "AIS_USE_HTTPS", // cluster config: "net.http.use_https"
+	AisUseHTTPS = "AIS_USE_HTTPS"
 
 	// TLS: client side
-	Certificate: "AIS_CRT",
-	CertKey:     "AIS_CRT_KEY",
-	ClientCA:    "AIS_CLIENT_CA",
-
-	// TLS: server (aistore, AuthN) side
-	// "AIS_SERVER_CRT" - TLS certificate (pathname)
-	// "AIS_SERVER_KEY" - private key (ditto)
+	AisClientCert    = "AIS_CRT"
+	AisClientCertKey = "AIS_CRT_KEY"
+	AisClientCA      = "AIS_CLIENT_CA"
 
-	// TLS: common
-	SkipVerifyCrt: "AIS_SKIP_VERIFY_CRT", // cluster config: "net.http.skip_verify"
+	// client and dev deployment; see also cluster config "net.http.skip_verify"
+	AisSkipVerifyCrt = "AIS_SKIP_VERIFY_CRT"
 
-	// variables used in tests and CI
-	NumTarget: "NUM_TARGET",
-	NumProxy:  "NUM_PROXY",
+	// tests and CI
+	AisNumTarget = "NUM_TARGET"
+	AisNumProxy  = "NUM_PROXY"
 
 	// via ais-k8s repo
 	// see also:
 	// * https://github.com/NVIDIA/ais-k8s/blob/main/operator/pkg/resources/cmn/env.go
 	// * docs/environment-vars.md
-	K8sPod:                  "MY_POD",
-	K8sNode:                 "MY_NODE",
-	K8sNamespace:            "K8S_NS",
-	K8sServiceName:          "MY_SERVICE",
-	K8sPublicHostname:       "AIS_PUBLIC_HOSTNAME",
-	K8sClusterDomain:        "AIS_K8S_CLUSTER_DOMAIN",
-	K8sHostNetwork:          "HOST_NETWORK",
-	K8sEnableExternalAccess: "ENABLE_EXTERNAL_ACCESS",
-}
+	AisK8sPod                  = "MY_POD"
+	AisK8sNode                 = "MY_NODE"
+	AisK8sNamespace            = "K8S_NS"
+	AisK8sServiceName          = "MY_SERVICE"
+	AisK8sPublicHostname       = "AIS_PUBLIC_HOSTNAME"
+	AisK8sClusterDomain        = "AIS_K8S_CLUSTER_DOMAIN"
+	AisK8sHostNetwork          = "HOST_NETWORK"
+	AisK8sEnableExternalAccess = "ENABLE_EXTERNAL_ACCESS"
+)

api/env/authn.go

@@ -1,44 +1,27 @@
 // Package env contains environment variables
 /*
- * Copyright (c) 2018-2024, NVIDIA CORPORATION. All rights reserved.
+ * Copyright (c) 2018-2025, NVIDIA CORPORATION. All rights reserved.
  */
 package env
 
-// authn environment variables
+// AuthN environment names
 // see also: docs/environment-vars.md
 
-var (
-	AuthN = struct {
-		Enabled       string
-		URL           string
-		TokenFile     string
-		Token         string
-		ConfDir       string
-		LogDir        string
-		LogLevel      string
-		Port          string
-		TTL           string
-		UseHTTPS      string
-		ServerCrt     string
-		ServerKey     string
-		AdminPassword string
-		AdminUsername string
-		SecretKey     string
-	}{
-		Enabled:       "AIS_AUTHN_ENABLED",
-		URL:           "AIS_AUTHN_URL",
-		TokenFile:     "AIS_AUTHN_TOKEN_FILE", // fully qualified
-		Token:         "AIS_AUTHN_TOKEN",      // Only the JWT token itself (excluding the file and JSON)
-		ConfDir:       "AIS_AUTHN_CONF_DIR",   // contains AuthN config and tokens DB
-		LogDir:        "AIS_AUTHN_LOG_DIR",
-		LogLevel:      "AIS_AUTHN_LOG_LEVEL",
-		Port:          "AIS_AUTHN_PORT",
-		TTL:           "AIS_AUTHN_TTL",
-		UseHTTPS:      "AIS_AUTHN_USE_HTTPS",
-		ServerCrt:     "AIS_SERVER_CRT",
-		ServerKey:     "AIS_SERVER_KEY",
-		SecretKey:     "AIS_AUTHN_SECRET_KEY",
-		AdminUsername: "AIS_AUTHN_SU_NAME",
-		AdminPassword: "AIS_AUTHN_SU_PASS",
-	}
+//nolint:gosec // false positive G101
+const (
+	AisAuthEnabled       = "AIS_AUTHN_ENABLED"
+	AisAuthURL           = "AIS_AUTHN_URL"
+	AisAuthTokenFile     = "AIS_AUTHN_TOKEN_FILE" // fully qualified
+	AisAuthToken         = "AIS_AUTHN_TOKEN"      // Only the JWT token itself (excluding the file and JSON)
+	AisAuthConfDir       = "AIS_AUTHN_CONF_DIR"   // contains AuthN config and tokens DB
+	AisAuthLogDir        = "AIS_AUTHN_LOG_DIR"
+	AisAuthLogLevel      = "AIS_AUTHN_LOG_LEVEL"
+	AisAuthPort          = "AIS_AUTHN_PORT"
+	AisAuthTTL           = "AIS_AUTHN_TTL"
+	AisAuthUseHTTPS      = "AIS_AUTHN_USE_HTTPS"
+	AisAuthServerCrt     = "AIS_SERVER_CRT"
+	AisAuthServerKey     = "AIS_SERVER_KEY"
+	AisAuthSecretKey     = "AIS_AUTHN_SECRET_KEY"
+	AisAuthAdminUsername = "AIS_AUTHN_SU_NAME"
+	AisAuthAdminPassword = "AIS_AUTHN_SU_PASS"
 )

bench/tools/aisloader/run.go

@@ -899,11 +899,11 @@ func _init(p *params) (err error) {
 		aisEndpoint := "http://" + ip + ":" + port
 
 		// see also: tlsArgs
-		envEndpoint = os.Getenv(env.AIS.Endpoint)
+		envEndpoint = os.Getenv(env.AisEndpoint)
 		if envEndpoint != "" {
 			if ip != "" && ip != defaultClusterIP && ip != defaultClusterIPv4 {
 				return fmt.Errorf("'%s=%s' environment and '--ip=%s' command-line are mutually exclusive",
-					env.AIS.Endpoint, envEndpoint, ip)
+					env.AisEndpoint, envEndpoint, ip)
 			}
 			aisEndpoint = envEndpoint
 		}