Bridge: switch envsubst for shellexpand
#1105
Conversation
svix-onelson
force-pushed
the
onelson/fix-var-subst
branch
from
4dc5814 to
67a00b2
Compare
svix-onelson
force-pushed
the
onelson/fix-var-subst
branch
from
67a00b2 to
b7cdf1c
Compare
OSS Review:
|
|
Only question I have: |
Correct: there's no command execution. This is all string-play from what I saw in the implementation. Ref: https://gitlab.com/ijackson/rust-shellexpand/-/blob/main/src/funcs.rs?ref_type=heads#L367 |
svix-onelson
force-pushed
the
onelson/fix-var-subst
branch
from
b7cdf1c to
b2e45d7
Compare
|
OSS: approved! |
The implementation used for variable substitution in `envsubst` makes it illegal for env vars to point to values with characters that could make the replacement text look like a new variable to be substituted. This restriction is needed to make replacements deterministic. The crux of the issue for us is this validation prevents us from defining env vars that point to JSON strings, which is necessary for GCP's credential handling scheme and can otherwise show up in the wild as in the case of #1084 where vars injected by vscode contained braces which triggered a validation error. `shellexpand` has no such requirement, allowing JSON to appear in values without failing. Key difference: 1. `shellexpand` reads directly from the env instead of from a supplied `HashMap`. 2. `shellexpand` supports more token styles than `envsubst`. For 1, this was initially thought to be a benefit since it separates isolates us from the full env by default, allowing us to filter vars if we so choose. In `shellexpand` they have a concept of a `context` which is a function that can be used for this purpose. I've leveraged this, allowing us to continue to read from a `HashMap` (which we build from the env). No additional filtering is performed, but it did help to retain the original signature for `Config::from_src`. For 2, I mean, it's fine. The initial aim was just to keep things simple. Having support for more token styles, e.g. `$FOO` in addition to `${FOO}` as well as `${FOO:fallback}`. I think these styles are fine, but won't advertise them in the readme for now. Existing tests for variable substitution continued to pass _except for one_: `test_variable_substitution_requires_braces`. Naturally this test should fail now that we actually support `$FOO` style vars. The test has been updated to match the new reality, effectively putting us on the hook to support this style moving forward, but that's probably fine.
svix-onelson
force-pushed
the
onelson/fix-var-subst
branch
from
b2e45d7 to
feb91b7
Compare
The implementation used for variable substitution in
envsubstmakes it illegal for env vars to point to values with characters that could make the replacement text look like a new variable to be substituted. This restriction is needed to make replacements deterministic.The crux of the issue for us is this validation prevents us from defining env vars that point to JSON strings, which is necessary for GCP's credential handling scheme and can otherwise show up in the wild as in the case of #1084 where vars injected by vscode contained braces which triggered a validation error.
shellexpandhas no such requirement, allowing JSON to appear in values without failing.Key difference:
shellexpandreads directly from the env instead of from a suppliedHashMap.shellexpandsupports more token styles thanenvsubst.For 1, this was initially thought to be a benefit of
envsubstsince it separates isolates us from the full env by default, allowing us to filter vars if we so choose. Inshellexpandthey have a concept of acontextwhich is a function that can be used for this purpose. I've leveraged this, allowing us to continue to read from aHashMap(which we build from the env). No additional filtering is performed, but it did help to retain the original signature forConfig::from_src.For 2, I mean, it's fine. The initial aim was just to keep things simple. Having support for more token styles, e.g.
$FOOin addition to${FOO}as well as${FOO:fallback}. I think these styles are fine, but won't advertise them in the readme for now.Existing tests for variable substitution continued to pass except for one:
test_variable_substitution_requires_braces. Naturally this test should fail now that we actually support$FOOstyle vars. The test has been updated to match the new reality, effectively putting us on the hook to support this style moving forward, but that's probably fine.