Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docker: escape key-value pair as -e KEY and VALUE being environment var #2091

Merged
merged 2 commits into from
Aug 31, 2022

Conversation

nikola-jokic
Copy link
Contributor

No description provided.

@nikola-jokic nikola-jokic requested a review from a team as a code owner August 31, 2022 10:25
Copy link
Collaborator

@thboop thboop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@thboop thboop merged commit 95459de into actions:main Aug 31, 2022
@shankarRaman
Copy link

shankarRaman commented Aug 31, 2022

I am trying to understand the repro steps for this bug. Is it when passing environment variables to the build or service container that has special characters?

thboop added a commit that referenced this pull request Sep 6, 2022
fhammerl added a commit that referenced this pull request Oct 5, 2022
* Escaping key and quoting it to avoid key based command injection (#2062)

* escaping key and quoting it to avoid key based command injection

* extracted creation of flags to DockerUtil, with testing included

* Release notes for 2.296.0 (#2078)

* Update releaseNote.md

* Update runnerversion

* Validate lines and columns for Annotations (#2082)

* docker: escape key-value pair as -e KEY and VALUE being environment var (#2091)

* docker: escape key-value pair as -e KEY and VALUE being environment var

* removed code duplication, removed unused method and test

* 2.296.1 Release (#2092) (#2099)

* docker: escape key-value pair as -e KEY and VALUE being environment var

* removed code duplication, removed unused method and test

* add release notes

Co-authored-by: Nikola Jokic <nikola-jokic@github.com>

Co-authored-by: Thomas Boop <52323235+thboop@users.noreply.github.com>
Co-authored-by: Nikola Jokic <nikola-jokic@github.com>

* fix ACTIONS_RUNNER_CONTAINER_HOOKS name in ADR (#2098)

* Port hotfix to main branch (#2108)

* fix issue with env's overwriting environment

* add release notes

* handle value escaping

* compile regex for runtime perf improvements

* fix for issue #2009 - composite summary file (#2077)

* Bump @actions/core from 1.2.6 to 1.9.1 in /src/Misc/expressionFunc/hashFiles (#2123)

* Remove unused imports (#2124)

* Remove unused imports (#2126)

* Add Release branches to pull request spec (#2134)

* Add file commands for save-state and set-output (#2118)

* POC: Windows arm64 runner build (#2022)

Prerelease for windows-arm64 runner build

* Add link to blog post to node 12 warn (#2156)

* 2.297.0 release notes (#2155)

* 2.297.0 release notes

* Adding a new vars context for non-secret variables (#2096)

* Adding a new vars context for non-secret variables

* Fix test case

* Trigger checks

* Remove variables from env context and environment varibale

* remove extra references

* Add prefix handling to configuration variables

* Fix test cases

* Consume variables using vars in context data

* removed action_yaml changes

* Avastancu/joannaakl/service container error log (#2110)

* adding support for a service container docker logs

* Adding Unit test to ContainerOperationProvider

* Adding another test to ContainerOperationProvider

* placed the docker logs output in dedicated ##group section

* Removed the exception thrown if the service container was not healthy

* Removed duplicated logging to the executionContext

* Updated the container logs sub-section message

* Print service containers only if they were healthy
Unhealthy service logs are printed in ContainerHealthCheckLogs called prior to this step.

* Removed recently added method to inspect docker logs
The method was doing the same thing as the existing DockerLogs method.

* Added execution context error
This will make a failed health check more visible in the UI without disrupting the execution of the program.

* Removing the section 'Waiting for all services to be ready'

Since nested subsections are not being displayed properly and we already need one subsection per service error.

* Update src/Runner.Worker/Container/DockerCommandManager.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Update src/Test/L0/TestHostContext.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Change the logic for printing Service Containers logs

Service container logs will be printed in the 'Start containers' section only if there is an error.
Healthy services will have their logs printed in the 'Stop Containers' section.

* Removed unused import

* Added back section group.

* Moved service containers error logs to separate group sections

* Removed the test testing the old logic flow.

* Remove unnecessary 'IsAnyUnhealthy' flag

* Remove printHello() function

* Add newline to TestHostContext

* Remove unnecessary field 'UnhealthyContainers'

* Rename boolean flag indicating service container failure

* Refactor healthcheck logic to separate method to enable unit testing.

* Remove the default value for bool variable

* Update src/Runner.Worker/ContainerOperationProvider.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Update src/Runner.Worker/ContainerOperationProvider.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Rename Healthcheck back to ContainerHealthcheck

* Make test sequential

* Unextract the container error logs method

* remove test asserting thrown exception

* Add configure await

* Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Add back test asserting exception

* Check service exit code if there is no healtcheck configured

* Remove unnecessary healthcheck for healthy service container

* Revert "Check service exit code if there is no healtcheck configured"

This reverts commit fec24e8.

Co-authored-by: Ava S <avastancu@github.com>
Co-authored-by: Tingluo Huang <tingluohuang@github.com>

* Add warning for users using deprecated commands (#2164)

* Prepare release notes for v2.298.0 (#2169)

* Fix incorrect template vars to show SHA for WIN-ARM64 (#2171)

* Backport 2.298.1 (#2175)

* Update releaseNote.md

* Update runnerversion

Co-authored-by: Nikola Jokic <97525037+nikola-jokic@users.noreply.github.com>
Co-authored-by: Ava Stancu <avastancu@github.com>
Co-authored-by: Konrad Pabjan <konradpabjan@github.com>
Co-authored-by: Thomas Boop <52323235+thboop@users.noreply.github.com>
Co-authored-by: Nikola Jokic <nikola-jokic@github.com>
Co-authored-by: Stefan Ruvceski <96768603+ruvceskistefan@users.noreply.github.com>
Co-authored-by: Francesco Renzi <rentziass@github.com>
Co-authored-by: JoannaaKL <joannaakl@github.com>
Co-authored-by: Tatyana Kostromskaya <32135588+takost@users.noreply.github.com>
Co-authored-by: Tauhid Anjum <tauhidanjum@gmail.com>
Co-authored-by: Tingluo Huang <tingluohuang@github.com>
fhammerl added a commit that referenced this pull request Oct 7, 2022
commit f8b95ee
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Wed Oct 5 12:16:30 2022 +0200

    Pull upstream (#2178)

    * Escaping key and quoting it to avoid key based command injection (#2062)

    * escaping key and quoting it to avoid key based command injection

    * extracted creation of flags to DockerUtil, with testing included

    * Release notes for 2.296.0 (#2078)

    * Update releaseNote.md

    * Update runnerversion

    * Validate lines and columns for Annotations (#2082)

    * docker: escape key-value pair as -e KEY and VALUE being environment var (#2091)

    * docker: escape key-value pair as -e KEY and VALUE being environment var

    * removed code duplication, removed unused method and test

    * 2.296.1 Release (#2092) (#2099)

    * docker: escape key-value pair as -e KEY and VALUE being environment var

    * removed code duplication, removed unused method and test

    * add release notes

    Co-authored-by: Nikola Jokic <nikola-jokic@github.com>

    Co-authored-by: Thomas Boop <52323235+thboop@users.noreply.github.com>
    Co-authored-by: Nikola Jokic <nikola-jokic@github.com>

    * fix ACTIONS_RUNNER_CONTAINER_HOOKS name in ADR (#2098)

    * Port hotfix to main branch (#2108)

    * fix issue with env's overwriting environment

    * add release notes

    * handle value escaping

    * compile regex for runtime perf improvements

    * fix for issue #2009 - composite summary file (#2077)

    * Bump @actions/core from 1.2.6 to 1.9.1 in /src/Misc/expressionFunc/hashFiles (#2123)

    * Remove unused imports (#2124)

    * Remove unused imports (#2126)

    * Add Release branches to pull request spec (#2134)

    * Add file commands for save-state and set-output (#2118)

    * POC: Windows arm64 runner build (#2022)

    Prerelease for windows-arm64 runner build

    * Add link to blog post to node 12 warn (#2156)

    * 2.297.0 release notes (#2155)

    * 2.297.0 release notes

    * Adding a new vars context for non-secret variables (#2096)

    * Adding a new vars context for non-secret variables

    * Fix test case

    * Trigger checks

    * Remove variables from env context and environment varibale

    * remove extra references

    * Add prefix handling to configuration variables

    * Fix test cases

    * Consume variables using vars in context data

    * removed action_yaml changes

    * Avastancu/joannaakl/service container error log (#2110)

    * adding support for a service container docker logs

    * Adding Unit test to ContainerOperationProvider

    * Adding another test to ContainerOperationProvider

    * placed the docker logs output in dedicated ##group section

    * Removed the exception thrown if the service container was not healthy

    * Removed duplicated logging to the executionContext

    * Updated the container logs sub-section message

    * Print service containers only if they were healthy
    Unhealthy service logs are printed in ContainerHealthCheckLogs called prior to this step.

    * Removed recently added method to inspect docker logs
    The method was doing the same thing as the existing DockerLogs method.

    * Added execution context error
    This will make a failed health check more visible in the UI without disrupting the execution of the program.

    * Removing the section 'Waiting for all services to be ready'

    Since nested subsections are not being displayed properly and we already need one subsection per service error.

    * Update src/Runner.Worker/Container/DockerCommandManager.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Update src/Test/L0/TestHostContext.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Change the logic for printing Service Containers logs

    Service container logs will be printed in the 'Start containers' section only if there is an error.
    Healthy services will have their logs printed in the 'Stop Containers' section.

    * Removed unused import

    * Added back section group.

    * Moved service containers error logs to separate group sections

    * Removed the test testing the old logic flow.

    * Remove unnecessary 'IsAnyUnhealthy' flag

    * Remove printHello() function

    * Add newline to TestHostContext

    * Remove unnecessary field 'UnhealthyContainers'

    * Rename boolean flag indicating service container failure

    * Refactor healthcheck logic to separate method to enable unit testing.

    * Remove the default value for bool variable

    * Update src/Runner.Worker/ContainerOperationProvider.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Update src/Runner.Worker/ContainerOperationProvider.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Rename Healthcheck back to ContainerHealthcheck

    * Make test sequential

    * Unextract the container error logs method

    * remove test asserting thrown exception

    * Add configure await

    * Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Update src/Test/L0/Worker/ContainerOperationProviderL0.cs

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Add back test asserting exception

    * Check service exit code if there is no healtcheck configured

    * Remove unnecessary healthcheck for healthy service container

    * Revert "Check service exit code if there is no healtcheck configured"

    This reverts commit fec24e8.

    Co-authored-by: Ava S <avastancu@github.com>
    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

    * Add warning for users using deprecated commands (#2164)

    * Prepare release notes for v2.298.0 (#2169)

    * Fix incorrect template vars to show SHA for WIN-ARM64 (#2171)

    * Backport 2.298.1 (#2175)

    * Update releaseNote.md

    * Update runnerversion

    Co-authored-by: Nikola Jokic <97525037+nikola-jokic@users.noreply.github.com>
    Co-authored-by: Ava Stancu <avastancu@github.com>
    Co-authored-by: Konrad Pabjan <konradpabjan@github.com>
    Co-authored-by: Thomas Boop <52323235+thboop@users.noreply.github.com>
    Co-authored-by: Nikola Jokic <nikola-jokic@github.com>
    Co-authored-by: Stefan Ruvceski <96768603+ruvceskistefan@users.noreply.github.com>
    Co-authored-by: Francesco Renzi <rentziass@github.com>
    Co-authored-by: JoannaaKL <joannaakl@github.com>
    Co-authored-by: Tatyana Kostromskaya <32135588+takost@users.noreply.github.com>
    Co-authored-by: Tauhid Anjum <tauhidanjum@gmail.com>
    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

commit 416548c
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 09:50:33 2022 +0000

    No quotes or double lines in frn

commit 3cc465d
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 09:45:10 2022 +0000

    Echo in init.sh

commit f675120
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 09:35:58 2022 +0000

    Init as sudo

commit b4ebe66
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 09:12:12 2022 +0000

    Use vscode user

commit 489071e
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 09:02:54 2022 +0000

    Comment waitFor to explain it

commit 27686b5
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 08:53:50 2022 +0000

    Better first run, wait for init

commit 40d1650
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 08:41:29 2022 +0000

    Better init message

commit 1875c95
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Sep 15 10:21:17 2022 +0200

    Add frn

commit f33a3ce
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Wed Sep 14 14:08:07 2022 +0000

    Use locally built dockerfile

commit 4f99399
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Wed Sep 14 14:23:07 2022 +0200

    Bring first run cpy up

commit cda6c68
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Wed Sep 14 14:08:50 2022 +0200

    Use base.dockerfile for now

commit 262ade6
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Wed Sep 14 14:05:12 2022 +0200

    Update init.sh

commit bb1d080
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Mon Sep 12 16:38:56 2022 +0200

    Don't open dev.sh

commit a04569f
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Mon Sep 12 12:47:03 2022 +0000

    Copy firstrun elsewhere

commit 40ab9cd
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Mon Sep 12 12:26:08 2022 +0000

    Try first run notce

commit d773599
Merge: 1575074 2f9271a
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Mon Sep 12 12:18:06 2022 +0000

    Merge branch 'fhammerl/try-ghcs' of https://github.com/actions/runner into fhammerl/try-ghcs

commit 1575074
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Mon Sep 12 12:17:55 2022 +0000

    Forgot 'init.sh' lives in source, meaning postCreateCommand has no access to it

commit 2f9271a
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Mon Sep 12 12:12:09 2022 +0000

    Run init.sh from source instead of docker img

commit 410e303
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Mon Sep 12 12:05:25 2022 +0000

    Better init (no restore + rerunnable)

commit 1ff0cdc
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Mon Sep 12 11:41:03 2022 +0000

    Use prebuilt image

commit 1cfd869
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Mon Sep 12 13:29:55 2022 +0200

    Add gitlens and default container makefile

commit 7b1f2f0
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Tue Sep 6 16:10:30 2022 +0000

    Better init

commit d337798
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Tue Sep 6 16:13:00 2022 +0200

    Use dind devcontainer with correct dotnet sdk

commit 24b087d
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Mon Sep 5 16:16:20 2022 +0200

    Try codespaces

commit 49e808a
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Tue Aug 23 15:39:43 2022 +0200

    Update init.sh

commit 90b99d3
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Tue Aug 23 12:59:20 2022 +0000

    Update to 300

commit 2284a75
Merge: d28fe56 1cb1779
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Tue Aug 23 12:58:21 2022 +0000

    giMerge branch 'main' of https://github.com/actions/runner into fhammerl/devcontainers

commit d28fe56
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Mar 17 21:26:23 2022 +0000

    Restore symlink

commit d6a244f
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Mar 17 21:23:19 2022 +0000

    No need for service restore

commit 0668503
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Mar 17 21:19:01 2022 +0000

    More setup

commit 4ddedf5
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Mar 17 22:08:27 2022 +0100

    Update devcontainer.json

commit bcc667a
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Mar 17 22:03:10 2022 +0100

    Delete Dockerfile

commit 994ff04
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Thu Mar 17 21:45:24 2022 +0100

    Define dockerfile

commit 58de023
Merge: fd09b83 00e5825
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Thu Mar 17 21:43:10 2022 +0100

    Merge branch 'fhammerl/devcontainers' of https://github.com/actions/runner into fhammerl/devcontainers

commit fd09b83
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Thu Mar 17 21:42:01 2022 +0100

    Use slimmer image

commit 00e5825
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Mar 17 10:30:06 2022 +0000

    Symlink more .net stuff

commit c21469c
Author: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
Date:   Thu Mar 17 10:13:18 2022 +0000

    Create symlink

commit 206d50d
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Thu Mar 17 09:58:52 2022 +0000

    Remove Dockerfile

commit 6a43245
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Thu Mar 17 09:58:29 2022 +0000

    Add extension and exclude path

commit e3e3c81
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Thu Mar 17 09:56:01 2022 +0000

    Add default

commit 4d76eb4
Merge: 4c5730f ddc700e
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Thu Mar 17 10:12:43 2022 +0100

    Merge branch 'main' of https://github.com/actions/runner into fhammerl/devcontainers

commit 4c5730f
Author: Ferenc Hammerl <fhammerl@github.com>
Date:   Fri Mar 11 14:19:30 2022 +0100

    Add default codespace settings
nikola-jokic added a commit to nikola-jokic/runner that referenced this pull request May 12, 2023
…ar (actions#2091)

* docker: escape key-value pair as -e KEY and VALUE being environment var

* removed code duplication, removed unused method and test
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants