prevent empty exports from polluting vars and secrets

umputun · May 12, 2023 · ee1c8ad · ee1c8ad
1 parent 203a29e
commit ee1c8ad
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 4 deletions.
diff --git a/cmd/spot/main_test.go b/cmd/spot/main_test.go
@@ -43,6 +43,11 @@ func Test_runCompleted(t *testing.T) {
 			TaskName:     "task1",
 			Targets:      []string{hostAndPort},
 			Only:         []string{"wait"},
+			SecretsProvider: SecretsProvider{
+				Provider: "spot",
+				Conn:     "testdata/test-secrets.db",
+				Key:      "1234567890",
+			},
 		}
 		setupLog(true)
 		st := time.Now()
@@ -85,6 +90,11 @@ func Test_runCompleted(t *testing.T) {
 			Targets:      []string{hostAndPort},
 			Only:         []string{"wait"},
 			Dry:          true,
+			SecretsProvider: SecretsProvider{
+				Provider: "spot",
+				Conn:     "testdata/test-secrets.db",
+				Key:      "1234567890",
+			},
 		}
 		setupLog(true)
 		st := time.Now()
@@ -167,6 +177,11 @@ func Test_runCanceled(t *testing.T) {
 		TaskName:     "task1",
 		Targets:      []string{hostAndPort},
 		Only:         []string{"wait"},
+		SecretsProvider: SecretsProvider{
+			Provider: "spot",
+			Conn:     "testdata/test-secrets.db",
+			Key:      "1234567890",
+		},
 	}
 	setupLog(true)
 	go func() {
@@ -220,6 +235,11 @@ func Test_connectFailed(t *testing.T) {
 		PlaybookFile: "testdata/conf.yml",
 		TaskName:     "task1",
 		Targets:      []string{hostAndPort},
+		SecretsProvider: SecretsProvider{
+			Provider: "spot",
+			Conn:     "testdata/test-secrets.db",
+			Key:      "1234567890",
+		},
 	}
 	setupLog(true)
 	err := run(opts)

diff --git a/pkg/config/command.go b/pkg/config/command.go
@@ -172,8 +172,14 @@ func (cmd *Cmd) scriptFile(inp string) (r io.Reader) {
 		// those variables can be used by the caller to set environment variables for the next commands
 		if strings.HasPrefix(c, "export") {
 			expKey := strings.TrimPrefix(c, "export")
-			expKey = strings.Split(expKey, "=")[0]
-			expKey = strings.TrimSpace(expKey)
+			expElems := strings.Split(expKey, "=")
+			if len(expElems) != 2 {
+				continue
+			}
+			expKey = strings.TrimSpace(expElems[0])
+			if expKey == "" {
+				continue // skip empty exports
+			}
 			exports = append(exports, expKey)
 		}
 	}

diff --git a/pkg/config/command_test.go b/pkg/config/command_test.go
@@ -61,6 +61,28 @@ export BAR='foo'
 				"echo setvar BAR=${BAR}",
 			},
 		},
+		{
+			name: "multiline command with empty exports",
+			cmd: &Cmd{
+				Script: `echo 'Hello, World!'
+export
+echo 'Goodbye, World!'
+export BAR
+export FOO='bar'
+`,
+			},
+			expectedScript: "",
+			expectedContents: []string{
+				"#!/bin/sh",
+				"set -e",
+				"echo 'Hello, World!'",
+				"export",
+				"echo 'Goodbye, World!'",
+				"export BAR",
+				"export FOO='bar'",
+				"echo setvar FOO=${FOO}",
+			},
+		},
 		{
 			name: "single line command with environment variables",
 			cmd: &Cmd{

diff --git a/pkg/config/playbook.go b/pkg/config/playbook.go
@@ -142,8 +142,8 @@ func New(fname string, overrides *Overrides, secProvider SecretsProvider) (res *
 	}
 
 	// load secrets from secrets provider
-	if err = res.loadSecrets(); err != nil {
-		return nil, err
+	if secErr := res.loadSecrets(); secErr != nil {
+		return nil, secErr
 	}
 
 	// log loaded config info
@@ -500,6 +500,9 @@ func (p *PlayBook) loadSecrets() error {
 	secretsCount := 0
 	for _, t := range p.Tasks {
 		for _, c := range t.Commands {
+			if c.Options.NoAuto {
+				continue // skip commands with noauto flag
+			}
 			secretsCount += len(c.Options.Secrets)
 		}
 	}