Make secret files more ergonomic

src/xmpp_api/config/config.py

@@ -1,5 +1,5 @@
 import os
-from typing import Annotated, Self
+from typing import Annotated, Self, cast
 import logging
 
 from pydantic import BaseModel, Field, model_validator
@@ -20,7 +20,7 @@ class _ComponentConfig(BaseModel):
     server: str
 
     # The component's secret.
-    secret: str | None = Field(default=None)
+    secret_plain: str | None = Field(default=None, alias="secret")
 
     # Optional file to read the secret from
     secret_file: str | None = Field(default=None)
@@ -35,6 +35,16 @@ class _ComponentConfig(BaseModel):
             )
         return self
 
+    @property
+    def secret(self) -> str:
+        """
+        The component secret.
+
+        The backing may be None if secret_file is used instead. secret_plain is, however, replaced
+        with that file's contents during configuration loading.
+        """
+        return cast(str, self.secret_plain)
+
 
 class _Config(BaseModel):
     # DB URI for sqlmodel
@@ -61,7 +71,7 @@ def load_config() -> _Config:
     if config.component.secret_file is not None:
         log.info("Reading component secret from %s", config.component.secret_file)
         with open(config.component.secret_file, "r", encoding="utf8") as f:
-            config.component.secret = f.read().strip().replace("\n", "")
+            config.component.secret_plain = f.read().strip().replace("\n", "")
 
     return config