feat(doppler): connection gateway

[whutchinson98]

No description provided.

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• New Features

  • Connection gateway now integrates with Doppler for centralized secrets management, improving security and configuration consistency.
  • Added support for remote secrets resolution alongside local environment variables.

• Chores

  • Updated workspace configuration to include new macro configuration crates.
  • Refactored internal configuration loading system for improved maintainability.
  • Simplified environment variable handling and removed legacy configuration logic.

Walkthrough

The pull request migrates the connection_gateway service from manually injected AWS Secrets Manager environment variables to Doppler-managed secrets. On the Rust side, config.rs is refactored to derive MacroConfig, replacing the manual EnvVars/env_var! pattern with ConfigLoader and adding macro_db_url: LocalOrRemoteSecret<MacroDbUrl>; main.rs is updated to call Config::from_env()?.resolve_remote_secrets(...) and simplifies the Postgres connection. A new doppler_config.rs binary validates the Doppler-sourced config for develop and production environments. On the infrastructure side, connection-gateway is registered as a Doppler project, DopplerEcsEnvironment is wired into the ECS task definition, and the previously hardcoded secret env-var injections are removed from the stack.

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	No pull request description was provided by the author, making it impossible to assess whether the description relates to the changeset.	Add a pull request description explaining the purpose and scope of the Doppler integration changes for the connection gateway service.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title follows conventional commits format (feat:) and is 33 characters, well under the 72-character limit, and clearly summarizes the main feature addition related to Doppler integration for the connection gateway.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@rust/cloud-storage/connection_gateway/src/main.rs`:
- Line 33: The code performs a separate Environment::new_or_prod() lookup on
line 55 to resolve macro_db_url, but ConfigLoader already loads the environment
from APP_SECRETS_JSON. This creates two divergent sources for environment
configuration. Remove the separate Environment::new_or_prod() call and instead
use the environment that was loaded by ConfigLoader to ensure macro_db_url is
resolved consistently from the same environment source that provided the
configuration.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a23a4273-03b0-46b9-be47-5706cdb6fa9e

📥 Commits

Reviewing files that changed from the base of the PR and between f108ffb and 91c6644.

⛔ Files ignored due to path filters (1)

• rust/cloud-storage/Cargo.lock is excluded by !**/*.lock, !**/Cargo.lock

📒 Files selected for processing (8)

• .github/workspace-dep-closures.json
• infra/stacks/connection-gateway/connection_gateway.ts
• infra/stacks/connection-gateway/index.ts
• infra/stacks/doppler-projects/index.ts
• rust/cloud-storage/connection_gateway/Cargo.toml
• rust/cloud-storage/connection_gateway/src/config.rs
• rust/cloud-storage/connection_gateway/src/doppler_config.rs
• rust/cloud-storage/connection_gateway/src/main.rs

💤 Files with no reviewable changes (1)

• infra/stacks/connection-gateway/index.ts