Check sourced file exports expected variables

[Globegitter]

Issue description

We are testing direnv for some of our projects and what we ended up doing so far is have one .envrc checked in that has static env vars like the port of the app etc. but then we also have the following section:

if [[ -f .envrc.secret ]]; then
    source_env .envrc.secret
fi 

which, as the name suggests, is a file which exports secret env vars and that is on gitignore. To now make sure that everyone exports the secrets in the right way we add a secondary file .envrc.secret.template which just lists stuff like export MY_SECRET1=XXX. It would be nice that rather than having to specify this secondary file we could just add some validation to the main .envrc that the .envrc.secret exports the env vars we expect.

Steps to reproduce

Create an .envrc file with:

if [[ -f .envrc.secret ]]; then
    source_env .envrc.secret
fi 

add a .envrc.secret file and after adding some env vars you have no idea to know if you added the expected ones unless the application needing these env vars will in some ways error or not work as expected.

Technical details

I imagine this could somehow already bee done in bash but having something like a source_env_validate <filename> EXPECTED_ENV_VAR1 EXPECTED_ENV_VAR2 ... would be great, or if there is already an other easy way to do this that would probably also suffice.

• direnv version: 2.17.0
• OS release: elementary OS 5.0 (Ubuntu 18.04)

[zimbatm]

Hi @Globegitter,

Sounds like a useful thing to have. I don't think that direnv necessarily needs to be extended though as you could add your own checking function in the .envrc.

Eg:

check_vars() {
  for key in "$@"; do
    if [[ -z "${!key}" ]]; then echo "Missing $key var"; return 1; fi
  done
}

if [[ -f .envrc.secret ]]; then
  source_env .envrc.secret
  check_vars EXPECTED_ENV_VAR1 EXPECTED_ENV_VAR2
fi

[Globegitter]

@zimbatm it is quite straight-forward indeed - is it also possible to extend the stdlib for all subdirectories rather than just via a ~/.direnvrc? The idea being here that I could put a .direnvrc at the root of our monorepo that defines this function and then all projects that make use of the .envrc have access to the method without having to redefine or source it.

[zimbatm]

The best option is to source the lib. It would add a single line per .envrc.

[Globegitter]

Makes sense and this is not something you would accept in the default stdlib? (if not feel free to close as the problem has been resolved otherwise)

[zimbatm]

My default it to try and keep direnv simple. If I hear that many people need a feature then I would be inclined to revisit this.

Thanks for the thorough bug report, it's interesting to see how other people are using my tool :)

[Globegitter]

Thanks for the response.

[tanguyantoine]

I would love to have a mechanism that based on a template could check env variable presence

[zimbatm]

It's not that hard to do.
Add this to your ~/.config/direnv/direnvrc file:

check_env() { local ret=0; for var in "$@"; do [[ -v $var ]] || { echo "$var is missing"; ret=1; }; done; return $ret; }

Example usage:

$ check_env HOME FOO BAR
FOO is missing
BAR is missing
$ echo $?
1