Simplify environment templating #45
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
At the moment using templates inside environment variables is verbose as every existing environment variable needs to be named before they can be used:
An easier approach would allow users to reference any environment variable of cinit during templating, without passing the entire environment to the forked child:
Child
echo
is not givenENVVAR
.Compatibility
This is a breaking change as the second example will render to a different string than currently suggested by the documentation. To keep the change backward compatible a new CLI flag could be added to make the desired behaviour optional.
Security Considerations
This feature makes it easier to leak environment variable's data into a child which should not have access to it. A careless user might hand more data to the child than desirable. Thus care must be taken when referencing any variable from cinit's environment.
Implementation
Inside
cinit::analyse::process_builder::copy_from_config
maintain a separate dictionarycontext
next toresult
. Initialise it with the environment from cinit and sanitise it withcinit::analyse::process_builder::sanitise_env
. Then pass it as context to every templating operation and add the final text to thecontext
as well.