The latest articles on DEV Community by Glawk (@alexanderglawk). https://dev.to/alexanderglawk https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3936762%2F990db8de-9102-40f9-9191-2d0d45d8861a.png https://dev.to/alexanderglawk en Glawk Sun, 17 May 2026 19:38:10 +0000 https://dev.to/alexanderglawk/configuration-in-go-should-be-typed-introducing-confkit-36eo https://dev.to/alexanderglawk/configuration-in-go-should-be-typed-introducing-confkit-36eo <p>Every Go application eventually needs configuration.</p> <p>At the beginning, it is usually innocent:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">port</span> <span class="o">:=</span> <span class="n">os</span><span class="o">.</span><span class="n">Getenv</span><span class="p">(</span><span class="s">"PORT"</span><span class="p">)</span> </code></pre> </div> <p>Then the application grows.</p> <p>You add a database URL. Then a Redis address. Then timeouts. Then feature flags. Then a YAML file for local development. Then environment variables for production. Then CLI flags for internal tools. Then Kubernetes secrets. Then maybe Vault, AWS Secrets Manager, or another infrastructure-specific source.</p> <p>At some point, configuration stops being a few environment variables.</p> <p>It becomes part of your application architecture.</p> <p>And if you are not careful, it becomes a pile of string parsing, default values, manual validation, unclear precedence rules, and startup errors that only make sense to the person who originally wrote the code.</p> <p>That is the problem I wanted to solve with <strong>confkit</strong>.</p> <p>confkit is a typed configuration loading library for Go. It lets you define application configuration as a regular Go struct, load it from multiple sources, apply defaults, validate fields, and safely redact secrets from logs and error messages.</p> <p>The short version:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Port</span> <span class="kt">int</span> <span class="s">`env:"PORT" default:"8080" validate:"min=1,max=65535"`</span> <span class="n">Database</span> <span class="kt">string</span> <span class="s">`env:"DATABASE_URL" validate:"required" secret:"true"`</span> <span class="p">}</span> <span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">Load</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromEnv</span><span class="p">(),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromYAML</span><span class="p">(</span><span class="s">"config.yaml"</span><span class="p">),</span> <span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">Explain</span><span class="p">(</span><span class="n">err</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p>No maps.<br><br> No manual parsing.<br><br> No hidden stringly-typed configuration layer.<br><br> No accidental secret leaks in startup logs.</p> <h2> Why configuration deserves more attention </h2> <p>Configuration code is rarely the most exciting part of a project.</p> <p>Nobody starts a new backend service thinking:</p> <blockquote> <p>I can't wait to write a robust configuration layer today.</p> </blockquote> <p>Usually, we just want to get to the actual application logic.</p> <p>But configuration is one of the first things your application touches when it starts. If it is wrong, everything else becomes unreliable.</p> <p>Bad configuration handling can lead to:</p> <ul> <li>services starting with empty required values</li> <li>invalid ports, timeouts, or limits</li> <li>production secrets accidentally printed to logs</li> <li>unclear source priority between files, env vars, and flags</li> <li>duplicated parsing logic across services</li> <li>late runtime failures instead of fast startup failures</li> <li>CI pipelines that cannot validate config before deployment</li> </ul> <p>In Go, this often ends up as a mix of <code>os.Getenv</code>, helper functions, YAML unmarshalling, manual validation, and a few comments explaining which value overrides which.</p> <p>That works for small projects. It gets painful when the project grows.</p> <p>I wanted configuration to feel more like a contract:</p> <blockquote> <p>This is the shape of the config.<br><br> These fields are required.<br><br> These defaults are safe.<br><br> These values are secrets.<br><br> These validation rules must pass before the application starts.</p> </blockquote> <p>In confkit, that contract is a Go struct.</p> <h2> The struct is the contract </h2> <p>Here is a slightly more complete example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"log"</span> <span class="s">"time"</span> <span class="s">"github.com/MimoJanra/confkit"</span> <span class="p">)</span> <span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="s">`env:"HOST" default:"localhost"`</span> <span class="n">Port</span> <span class="kt">int</span> <span class="s">`env:"PORT" default:"8080" validate:"min=1,max=65535"`</span> <span class="n">Timeout</span> <span class="n">time</span><span class="o">.</span><span class="n">Duration</span> <span class="s">`env:"TIMEOUT" default:"30s"`</span> <span class="n">DB</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">DSN</span> <span class="kt">string</span> <span class="s">`env:"DSN" validate:"required" secret:"true"`</span> <span class="n">MaxConns</span> <span class="kt">int</span> <span class="s">`env:"MAX_CONNS" default:"10" validate:"min=1,max=100"`</span> <span class="p">}</span> <span class="s">`prefix:"DB_"`</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">Load</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromFlags</span><span class="p">(</span><span class="no">nil</span><span class="p">),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromEnv</span><span class="p">(),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromYAML</span><span class="p">(</span><span class="s">"config.yaml"</span><span class="p">),</span> <span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">Explain</span><span class="p">(</span><span class="n">err</span><span class="p">))</span> <span class="p">}</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"listening on %s:%d"</span><span class="p">,</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Host</span><span class="p">,</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Port</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>This struct describes quite a lot:</p> <ul> <li> <code>HOST</code> has a default value</li> <li> <code>PORT</code> has a default value and must be between 1 and 65535</li> <li> <code>TIMEOUT</code> is parsed as <code>time.Duration</code> </li> <li> <code>DB_DSN</code> is required</li> <li> <code>DB_DSN</code> is also marked as secret</li> <li> <code>DB_MAX_CONNS</code> has a default and a validation range</li> <li>nested config fields can use a prefix</li> </ul> <p>The application code receives a typed <code>Config</code>.</p> <p>That means the rest of the app does not need to know where configuration came from. It does not care if a value came from YAML, an environment variable, a CLI flag, or a secret manager.</p> <p>It just receives a normal Go value.</p> <h2> Explicit source priority </h2> <p>One thing I wanted to avoid is magical source precedence.</p> <p>Configuration priority should be visible in code.</p> <p>With confkit, sources are checked in the order you pass them:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">Load</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromFlags</span><span class="p">(</span><span class="no">nil</span><span class="p">),</span> <span class="c">// highest priority</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromEnv</span><span class="p">(),</span> <span class="c">// overrides files</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromYAML</span><span class="p">(</span><span class="s">"config.yaml"</span><span class="p">),</span> <span class="c">// fallback</span> <span class="p">)</span> </code></pre> </div> <p>This makes the priority easy to reason about:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>flags -&gt; environment variables -&gt; config.yaml -&gt; defaults </code></pre> </div> <p>This is useful for common deployment patterns:</p> <ul> <li>local development uses <code>config.yaml</code> </li> <li>production overrides values through environment variables</li> <li>CLI tools override specific values through flags</li> <li>defaults keep non-critical fields simple</li> </ul> <p>There is no need to hide this behavior in documentation or in a custom helper function. The order is visible where the config is loaded.</p> <h2> Clear validation errors </h2> <p>A configuration library should fail early.</p> <p>If a required value is missing, the application should not start and then fail later when some database client, HTTP server, or queue consumer receives an empty string.</p> <p>For example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">DatabaseURL</span> <span class="kt">string</span> <span class="s">`env:"DATABASE_URL" validate:"required" secret:"true"`</span> <span class="p">}</span> </code></pre> </div> <p>If <code>DATABASE_URL</code> is missing, confkit gives a readable error:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Invalid configuration: DatabaseURL error: field is required source: env (DATABASE_URL) </code></pre> </div> <p>That is the kind of error I want during startup.</p> <p>It tells me:</p> <ul> <li>which field failed</li> <li>what went wrong</li> <li>where the value was expected to come from</li> </ul> <p>The goal is not just to return an error. The goal is to return an error that is useful when the service fails to start and someone needs to fix the deployment quickly.</p> <h2> Defaults without extra files </h2> <p>Defaults live next to the fields:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="s">`env:"HOST" default:"localhost"`</span> <span class="n">Port</span> <span class="kt">int</span> <span class="s">`env:"PORT" default:"8080" validate:"min=1,max=65535"`</span> <span class="n">LogLevel</span> <span class="kt">string</span> <span class="s">`env:"LOG_LEVEL" default:"info" validate:"oneof=debug info warn error"`</span> <span class="n">Timeout</span> <span class="n">time</span><span class="o">.</span><span class="n">Duration</span> <span class="s">`env:"TIMEOUT" default:"30s"`</span> <span class="p">}</span> </code></pre> </div> <p>For me, this is much easier to maintain than scattering defaults across startup code.</p> <p>The struct tells the full story:</p> <ul> <li>field name</li> <li>environment variable name</li> <li>default value</li> <li>validation rule</li> <li>secret status, if needed</li> </ul> <p>This makes configuration review easier too. You can look at the struct and understand what the application expects.</p> <h2> Secret redaction by default </h2> <p>Configuration often contains sensitive values:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">APIKey</span> <span class="kt">string</span> <span class="s">`env:"API_KEY" validate:"required" secret:"true"`</span> <span class="n">Password</span> <span class="kt">string</span> <span class="s">`env:"DB_PASSWORD" secret:"true"`</span> <span class="p">}</span> </code></pre> </div> <p>If a field is marked with <code>secret:"true"</code>, confkit redacts it in formatted errors and config dumps.</p> <p>This matters because startup errors are often logged everywhere:</p> <ul> <li>local terminal output</li> <li>Docker logs</li> <li>Kubernetes logs</li> <li>CI/CD output</li> <li>Slack alerts</li> <li>monitoring systems</li> <li>screenshots in support threads</li> </ul> <p>A configuration library should make the safe behavior the easy behavior.</p> <p>The developer should not have to remember to manually hide every token before logging an error.</p> <h2> Loading from files </h2> <p>confkit supports common file-based configuration formats:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">Load</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromYAML</span><span class="p">(</span><span class="s">"config.yaml"</span><span class="p">),</span> <span class="p">)</span> </code></pre> </div> <p>There are also JSON and TOML sources:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">Load</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromJSON</span><span class="p">(</span><span class="s">"config.json"</span><span class="p">),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromTOML</span><span class="p">(</span><span class="s">"config.toml"</span><span class="p">),</span> <span class="p">)</span> </code></pre> </div> <p>A typical local <code>config.yaml</code> might look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">host</span><span class="pi">:</span> <span class="s">localhost</span> <span class="na">port</span><span class="pi">:</span> <span class="m">8080</span> <span class="na">timeout</span><span class="pi">:</span> <span class="s">30s</span> <span class="na">db</span><span class="pi">:</span> <span class="na">dsn</span><span class="pi">:</span> <span class="s">postgres://user:password@localhost:5432/app</span> <span class="na">max_conns</span><span class="pi">:</span> <span class="m">10</span> </code></pre> </div> <p>And the Go struct can still be the main contract:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="s">`yaml:"host" env:"HOST" default:"localhost"`</span> <span class="n">Port</span> <span class="kt">int</span> <span class="s">`yaml:"port" env:"PORT" default:"8080" validate:"min=1,max=65535"`</span> <span class="n">Timeout</span> <span class="n">time</span><span class="o">.</span><span class="n">Duration</span> <span class="s">`yaml:"timeout" env:"TIMEOUT" default:"30s"`</span> <span class="n">DB</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">DSN</span> <span class="kt">string</span> <span class="s">`yaml:"dsn" env:"DSN" validate:"required" secret:"true"`</span> <span class="n">MaxConns</span> <span class="kt">int</span> <span class="s">`yaml:"max_conns" env:"MAX_CONNS" default:"10"`</span> <span class="p">}</span> <span class="s">`yaml:"db" prefix:"DB_"`</span> <span class="p">}</span> </code></pre> </div> <p>This gives you a nice local workflow without giving up production-friendly environment variable overrides.</p> <h2> Environment variables for production </h2> <p>Environment variables are still one of the most common ways to configure services in production.</p> <p>confkit keeps this simple:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="s">`env:"HOST" default:"localhost"`</span> <span class="n">Port</span> <span class="kt">int</span> <span class="s">`env:"PORT" default:"8080"`</span> <span class="p">}</span> </code></pre> </div> <p>Then:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">HOST</span><span class="o">=</span>0.0.0.0 <span class="nv">PORT</span><span class="o">=</span>3000 ./app </code></pre> </div> <p>For nested structs, prefixes help avoid awkward names:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Database</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="s">`env:"HOST" default:"localhost"`</span> <span class="n">Port</span> <span class="kt">int</span> <span class="s">`env:"PORT" default:"5432"`</span> <span class="p">}</span> <span class="s">`prefix:"DB_"`</span> <span class="p">}</span> </code></pre> </div> <p>This maps to:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>DB_HOST DB_PORT </code></pre> </div> <p>I like this pattern because nested structs are natural in Go, while environment variables are naturally flat. Prefixes connect the two without making the code weird.</p> <h2> CLI flags for tools </h2> <p>Configuration is not only for web services.</p> <p>CLI tools often need a mix of files, environment variables, and flags.</p> <p>Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Input</span> <span class="kt">string</span> <span class="s">`flag:"input" validate:"required"`</span> <span class="n">Output</span> <span class="kt">string</span> <span class="s">`flag:"output" default:"out.json"`</span> <span class="n">Verbose</span> <span class="kt">bool</span> <span class="s">`flag:"verbose" default:"false"`</span> <span class="p">}</span> <span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">Load</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromFlags</span><span class="p">(</span><span class="no">nil</span><span class="p">),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromEnv</span><span class="p">(),</span> <span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">Explain</span><span class="p">(</span><span class="n">err</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p>Now the CLI can be configured through flags, while still allowing environment variable fallback if you want it.</p> <p>That gives you one config model instead of separate parsing logic for each source.</p> <h2> Safe config dumps </h2> <p>Sometimes you need to see the final configuration after all sources, defaults, and overrides were applied.</p> <p>This is useful for debugging:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">log</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">DumpString</span><span class="p">(</span><span class="n">cfg</span><span class="p">))</span> </code></pre> </div> <p>If the config contains secret fields, they are redacted by default.</p> <p>Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="s">`env:"HOST" default:"localhost"`</span> <span class="n">Password</span> <span class="kt">string</span> <span class="s">`env:"PASSWORD" secret:"true"`</span> <span class="p">}</span> </code></pre> </div> <p>A safe dump should not print the real password.</p> <p>That sounds obvious, but it is very easy to get wrong when every service has its own custom config logging code.</p> <p>confkit gives you dump helpers for JSON and YAML output, with secret redaction enabled by default.</p> <h2> Validate configuration in CI </h2> <p>One feature I find especially useful is <code>ValidateOnly</code>.</p> <p>The idea is simple: run the full loading and validation pipeline without triggering side effects such as hooks, audit logging, or reload-related behavior.</p> <p>That makes it useful for CI checks.</p> <p>For example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">_</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">ValidateOnly</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">context</span><span class="o">.</span><span class="n">Background</span><span class="p">(),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">WithSource</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">FromYAML</span><span class="p">(</span><span class="s">"config.prod.yaml"</span><span class="p">)),</span> <span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">Explain</span><span class="p">(</span><span class="n">err</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p>This lets you validate configuration before deployment.</p> <p>A broken YAML file, missing required value, or invalid timeout should be caught before the application reaches production.</p> <h2> Optional infrastructure integrations </h2> <p>Not every application needs Vault.</p> <p>Not every CLI tool needs AWS.</p> <p>Not every small service should pull Kubernetes dependencies into the binary.</p> <p>That is why confkit keeps the core package focused and provides optional integrations separately.</p> <p>The core package covers common local/runtime sources such as:</p> <ul> <li>environment variables</li> <li>CLI flags</li> <li>YAML</li> <li>JSON</li> <li>TOML</li> </ul> <p>Optional integrations can be used when needed, including:</p> <ul> <li>Kubernetes</li> <li>Vault</li> <li>Consul</li> <li>etcd</li> <li>AWS SSM / Secrets Manager</li> </ul> <p>This keeps the basic library lightweight while still allowing production systems to load configuration from real infrastructure.</p> <p>Install the core package:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>go get github.com/MimoJanra/confkit@latest </code></pre> </div> <p>Install optional integrations only when you need them:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>go get github.com/MimoJanra/confkit/vault@latest go get github.com/MimoJanra/confkit/consul@latest go get github.com/MimoJanra/confkit/etcd@latest go get github.com/MimoJanra/confkit/aws@latest </code></pre> </div> <h2> Hot reload </h2> <p>Some applications need to react to configuration changes without restarting.</p> <p>confkit supports file watching:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">cfg</span><span class="p">,</span> <span class="n">watcher</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">LoadWithWatcher</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="s">"config.yaml"</span><span class="p">,</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromYAML</span><span class="p">(</span><span class="s">"config.yaml"</span><span class="p">),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromEnv</span><span class="p">(),</span> <span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">Explain</span><span class="p">(</span><span class="n">err</span><span class="p">))</span> <span class="p">}</span> <span class="n">watcher</span><span class="o">.</span><span class="n">AddListener</span><span class="p">(</span><span class="k">func</span><span class="p">(</span><span class="n">oldCfg</span><span class="p">,</span> <span class="n">newCfg</span> <span class="n">any</span><span class="p">,</span> <span class="n">err</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"config reload failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">log</span><span class="o">.</span><span class="n">Println</span><span class="p">(</span><span class="s">"config reloaded"</span><span class="p">)</span> <span class="p">})</span> <span class="n">watcher</span><span class="o">.</span><span class="n">Start</span><span class="p">()</span> <span class="k">defer</span> <span class="n">watcher</span><span class="o">.</span><span class="n">Stop</span><span class="p">()</span> <span class="n">_</span> <span class="o">=</span> <span class="n">cfg</span> </code></pre> </div> <p>This is useful for long-running services where some operational values can safely change at runtime.</p> <p>Of course, not every config value should be hot-reloadable. Database credentials, server ports, and deeply structural settings often still require a restart.</p> <p>But when you do need reload behavior, it is useful to have it integrated with the same configuration model.</p> <h2> Custom sources </h2> <p>Configuration backends are often company-specific.</p> <p>Maybe your team has an internal configuration service. Maybe you load values from a platform API. Maybe secrets come from a custom encrypted file format.</p> <p>confkit supports custom sources through a small interface:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">Source</span> <span class="k">interface</span> <span class="p">{</span> <span class="n">Name</span><span class="p">()</span> <span class="kt">string</span> <span class="n">Lookup</span><span class="p">(</span><span class="n">ctx</span> <span class="n">context</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">field</span> <span class="o">*</span><span class="n">FieldInfo</span><span class="p">)</span> <span class="p">(</span><span class="n">any</span><span class="p">,</span> <span class="kt">bool</span><span class="p">,</span> <span class="kt">error</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>That means the built-in sources are not a closed world.</p> <p>You can keep the same typed struct, validation rules, defaults, and redaction behavior while adding your own configuration backend.</p> <h2> Schema and documentation generation </h2> <p>One useful side effect of treating configuration as a struct contract is that the same struct can be used to generate documentation.</p> <p>confkit includes schema-related functionality for generating references from config structs.</p> <p>That can be useful when you want to document:</p> <ul> <li>supported environment variables</li> <li>default values</li> <li>required fields</li> <li>validation constraints</li> <li>CLI options</li> <li>config file structure</li> </ul> <p>In other words, the config struct can become the source of truth not only for the application, but also for the documentation around that application.</p> <h2> Why not just use another config library? </h2> <p>There are already good Go configuration libraries.</p> <p>You might use:</p> <ul> <li> <code>envconfig</code> for environment variables</li> <li> <code>koanf</code> for modular configuration composition</li> <li> <code>Viper</code> for a broad and established configuration system</li> </ul> <p>confkit is not trying to pretend those projects do not exist.</p> <p>The design is focused on a specific style:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Go struct + tags + typed loading + defaults + validation + safe diagnostics </code></pre> </div> <p>A rough rule of thumb:</p> <p>Use <code>envconfig</code> if you only need environment variables.</p> <p>Use <code>koanf</code> if you want a flexible toolkit and prefer composing behavior yourself.</p> <p>Use <code>Viper</code> if you need a large, established configuration system with many built-in behaviors.</p> <p>Use <code>confkit</code> if you want your configuration contract to be a Go struct, with validation and safe errors built in from the beginning.</p> <h2> API stability </h2> <p>Configuration loading sits very close to application startup.</p> <p>If it breaks, the application may not start at all.</p> <p>That is why API stability matters.</p> <p>confkit has a v1 stability contract for the core public API. The intention is that v1.x releases can add functionality without breaking existing users, while breaking API changes require a future v2 release.</p> <p>For a configuration library, this is important. The API should be boring in the best possible way: stable, predictable, and safe to update.</p> <h2> Complete minimal example </h2> <p>Here is a small working example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"log"</span> <span class="s">"github.com/MimoJanra/confkit"</span> <span class="p">)</span> <span class="k">type</span> <span class="n">Config</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Host</span> <span class="kt">string</span> <span class="s">`env:"HOST" default:"localhost"`</span> <span class="n">Port</span> <span class="kt">int</span> <span class="s">`env:"PORT" default:"8080" validate:"min=1,max=65535"`</span> <span class="n">DatabaseURL</span> <span class="kt">string</span> <span class="s">`env:"DATABASE_URL" validate:"required" secret:"true"`</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">cfg</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">confkit</span><span class="o">.</span><span class="n">Load</span><span class="p">[</span><span class="n">Config</span><span class="p">](</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromEnv</span><span class="p">(),</span> <span class="n">confkit</span><span class="o">.</span><span class="n">FromYAML</span><span class="p">(</span><span class="s">"config.yaml"</span><span class="p">),</span> <span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">log</span><span class="o">.</span><span class="n">Fatal</span><span class="p">(</span><span class="n">confkit</span><span class="o">.</span><span class="n">Explain</span><span class="p">(</span><span class="n">err</span><span class="p">))</span> <span class="p">}</span> <span class="n">log</span><span class="o">.</span><span class="n">Printf</span><span class="p">(</span><span class="s">"starting server on %s:%d"</span><span class="p">,</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Host</span><span class="p">,</span> <span class="n">cfg</span><span class="o">.</span><span class="n">Port</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>Example <code>config.yaml</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">host</span><span class="pi">:</span> <span class="s">localhost</span> <span class="na">port</span><span class="pi">:</span> <span class="m">8080</span> </code></pre> </div> <p>Run with:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">DATABASE_URL</span><span class="o">=</span>postgres://user:pass@localhost:5432/app go run <span class="nb">.</span> </code></pre> </div> <p>The application gets a typed config struct, while secrets remain protected in logs and errors.</p> <h2> Final thoughts </h2> <p>Configuration is not glamorous.</p> <p>But it is one of the most important startup paths in any service.</p> <p>It decides whether your application starts safely, fails clearly, validates its assumptions, and protects sensitive values.</p> <p>confkit is my attempt to make that layer simple and explicit:</p> <ul> <li>define config as a Go struct</li> <li>load it from multiple sources</li> <li>apply defaults</li> <li>validate before startup</li> <li>redact secrets automatically</li> <li>explain errors clearly</li> <li>support real production sources when needed</li> </ul> <p>One struct.</p> <p>Multiple sources.</p> <p>Typed values.</p> <p>Readable errors.</p> <p>Safe logs.</p> <p>That is the whole idea.</p> <p>You can find the project here:</p> <p><a href="https://github.com/MimoJanra/confkit" rel="noopener noreferrer">github.com/MimoJanra/confkit</a></p> go opensource programming productivity