Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secrets: update guidance and parsing for local multiline env vars #1890

Merged
merged 1 commit into from Feb 14, 2024
Merged

Secrets: update guidance and parsing for local multiline env vars #1890

merged 1 commit into from Feb 14, 2024

Conversation

thekaveman
Copy link
Member

@thekaveman thekaveman commented Feb 13, 2024
edited

Docker, bash, etc. support multiline environment variables, by simply wrapping the value in single quotes with newlines, e.g. in an .env file:

multi_line_value='first line
second line
third line'

Resulting in the expected:

$ echo "$multi_line_value"
first line
second line
third line

Due to a quirk in VS Code's Python extension, multiline values are not parsed, see https://code.visualstudio.com/docs/python/environments#_environment-variables

... Multiline values aren't supported ...

And more ongoing discussion at microsoft/vscode-python#18307

When running locally in e.g. Debug mode, and secrets are read dynamically from the environment, Python loses the multiline value and we end up with:

>> value = os.environ.get("multi_line_value")
>> print(value)

first line

This changes the samples and docs so literal newlines are added to the value of the environment variable in an .env file:

multi_line_value='first line\nsecond line\nthird line'

But the initial value read by Python contains escaped newline characters:

first line\\nsecond line\\nthird line

Hence unescaping in the secrets helper, so that local secrets contain the actual newline character:

first line\nsecond line\nthird line

@github-actions github-actions bot added the documentation [auto] Improvements or additions to documentation label Feb 13, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 13, 2024
edited

Coverage report

Click to see where and how coverage changed

FileStatementsMissingCoverageCoverage
(new stmts)		Lines missing
  benefits
  secrets.py
Project Total  

This report was generated by python-coverage-comment-action

@github-actions GitHub Actions
Copy link

Preview url: https://benefits-1890--cal-itp-previews.netlify.app

@github-actions GitHub Actions
Copy link

Preview url: https://benefits-1890--cal-itp-previews.netlify.app

@github-actions GitHub Actions
Copy link

Preview url: https://benefits-1890--cal-itp-previews.netlify.app

@thekaveman
Copy link
Member Author

thekaveman commented Feb 13, 2024
edited

🤔 Cypress tests are passing locally for me using the exact same steps as the workflow... ??

EDIT: I had an outdated Docker image, hence the addition in the secrets helper of the unescaping of newlines.

@thekaveman
fix(secrets): use literal newlines in multiline env vars
a7084bb 
Docker, bash, etc. support multiline environment variables, by simply wrapping
the value in single quotes with newlines, e.g. in an .env file:

  multi_line_value='first line
  second line
  third line'

Resulting in the expected:

  $ echo "$multi_line_value"
  first line
  second line
  third line

Due to a quirk in VS Code's Python extension, multiline values are not parsed,
see https://code.visualstudio.com/docs/python/environments#_environment-variables

> ... Multiline values aren't supported ...

And more ongoing discussion at microsoft/vscode-python#18307

When running locally in e.g. Debug mode, and secrets are read dynamically from the environment, Python loses
the multiline value and we end up with:

  >> value = os.environ.get("multi_line_value")
  >> print(value)

  first line

This changes the samples and docs so literal newlines are added to the value of the environment variable in an .env file:

  multi_line_value='first line\nsecond line\nthird line'

But the initial value read by Python contains _escaped_ newline characters:

  first line\\nsecond line\\nthird line

Hence unescaping so that local secrets contain the actual newline character:

  first line\nsecond line\nthird line
@thekaveman thekaveman changed the title Docs: update guidance on configuration for local multiline env vars Config: update guidance and parsing for local multiline env vars Feb 13, 2024
@github-actions GitHub Actions
Copy link

Preview url: https://benefits-1890--cal-itp-previews.netlify.app

@thekaveman thekaveman marked this pull request as ready for review February 13, 2024 23:21
@thekaveman thekaveman requested a review from a team as a code owner February 13, 2024 23:21
@thekaveman thekaveman changed the title Config: update guidance and parsing for local multiline env vars Secrets: update guidance and parsing for local multiline env vars Feb 13, 2024
angela-tran
angela-tran approved these changes Feb 13, 2024
View reviewed changes
Copy link
Member

@angela-tran angela-tran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me 👍

@thekaveman thekaveman merged commit 071a63b into dev Feb 14, 2024
15 checks passed
@thekaveman thekaveman deleted the docs/local-secrets-newlines branch February 14, 2024 00:10
@thekaveman thekaveman added this to the Admin tool: foundation milestone Feb 14, 2024
@thekaveman thekaveman self-assigned this Feb 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@angela-tran angela-tran angela-tran approved these changes

Assignees

@thekaveman thekaveman

Labels
documentation [auto] Improvements or additions to documentation
Projects
Digital Services
Status: Done
Milestone
Admin tool: foundation
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@thekaveman @angela-tran