-
Notifications
You must be signed in to change notification settings - Fork 555
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Allow environment variables to override config values #1332
Conversation
export const config = new Configstore(pkg.name); | ||
|
||
class ConfigStoreWithEnvironmentVariables extends Configstore { | ||
constructor(id, defaults = undefined, options = {}) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Copied from configstore.
src/lib/user-config.ts
Outdated
} | ||
|
||
public get(key: string) { | ||
const env_key = `SNYK_${key.replace('-', '_').toUpperCase()}` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to do a bit of string replace here so we can support things like disable-analytics
which becomes SNYK_CFG_DISABLE_ANALYTICS.
219b6f5
to
2f03ffc
Compare
Is it From an aesthetic point of view, the former of these is much nicer. |
The comment was outdated. It is The comment points out that I had to substitute hyphens in config values with underscores for equivalent environment variables because hyphens are not allowed in environment variables. |
2f03ffc
to
2662595
Compare
src/lib/user-config.ts
Outdated
|
||
public get(key: string) { | ||
const envKey = `SNYK_CFG_${key.replace(/-/g, '_').toUpperCase()}`; | ||
return process.env[envKey] || super.get(key); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we worried about types here?
Afaik, configstore can return types like bool or number as well, but process.env will always be a string?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For disableSuggestions I can see the following code:
const disableSuggestions = userConfig.get('disableSuggestions');
if (disableSuggestions) {
config.disableSuggestions = disableSuggestions;
}
...
let dockerSuggestion = '';
if (options.docker && config.disableSuggestions !== 'true') {
Which suggests we look for a string here but in other cases we might not. We could try to eval
the environment value but this will have security implications. We could also try to do a parseInt, parseBool here and try to parse integer and boolean values (everything which cannot be parsed would be a string). WDYT?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or the other way around, cast everything from configstore as String to be consistent? Currently it's not typed at all and on many places we are already doing the conversion in code…
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've checked the places in the code which I could find and converting everything into a string or undefined should work ... (famous last words)
2662595
to
073d679
Compare
I think Boost having a firedrill might make the tests fail in the moment... |
44042b7
to
905878f
Compare
src/lib/config.ts
Outdated
config.timeout = +timeout ? +timeout : DEFAULT_TIMEOUT; | ||
let timeoutString = userConfig.get('timeout'); | ||
if (timeoutString) { | ||
let timeout = parseInt(timeoutString); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wanted to make the string conversion here a bit more explicit - can remove if anyone disagrees ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(actually nevermind)
2409531
to
c10fae2
Compare
c10fae2
to
16fc432
Compare
@@ -52,7 +52,7 @@ if (!config.org && org) { | |||
// invalid (non-numeric) value will fallback to the default | |||
const timeout = userConfig.get('timeout'); | |||
if (!config.timeout) { | |||
config.timeout = +timeout ? +timeout : DEFAULT_TIMEOUT; | |||
config.timeout = timeout && +timeout ? +timeout : DEFAULT_TIMEOUT; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I opted in the end for this as it doesn't require too much code change and seems to be ok with the now explicit typing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'll need helper methods like ensure[Number|Boolean]
but this is already an improvement as it brings solid typing for user-config
🎉 This PR is included in version 1.376.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
What does this PR do?
Adding a wrapper around configstore to allow environment variables to override config values.
How should this be manually tested?
You can run the following to disable suggestions:
Any background context you want to provide?
What are the relevant tickets?
https://snyksec.atlassian.net/browse/DC-881
Screenshots
Additional questions