2018-01-26 12:45:29 -05:00
|
|
|
package opts
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
|
|
|
"bytes"
|
|
|
|
"fmt"
|
|
|
|
"os"
|
|
|
|
"strings"
|
|
|
|
"unicode"
|
|
|
|
"unicode/utf8"
|
|
|
|
)
|
|
|
|
|
Fix labels copying value from environment variables
This patch fixes a bug where labels use the same behavior as `--env`, resulting
in a value to be copied from environment variables with the same name as the
label if no value is set (i.e. a simple key, no `=` sign, no value).
An earlier pull request addressed similar cases for `docker run`;
2b17f4c8a8caad552025edb05a73db683fb8a5c6, but this did not address the
same situation for (e.g.) `docker service create`.
Digging in history for this bug, I found that use of the `ValidateEnv`
function for labels was added in the original implementation of the labels feature in
https://github.com/docker/docker/commit/abb5e9a0777469e64fe2c7ecfa66ea01083d2071#diff-ae476143d40e21ac0918630f7365ed3cR34
However, the design never intended it to expand environment variables,
and use of this function was either due to either a "copy/paste" of the
equivalent `--env` flags, or a misunderstanding (the name `ValidateEnv` does
not communicate that it also expands environment variables), and the existing
`ValidateLabel` was designed for _engine_ labels (which required a value to
be set).
Following the initial implementation, other parts of the code followed
the same (incorrect) approach, therefore leading the bug to be introduced
in services as well.
This patch:
- updates the `ValidateLabel` to match the expected validation
rules (this function is no longer used since 31dc5c0a9a8bdc11c7ad335aebb753ed527caa5a),
and the daemon has its own implementation)
- corrects various locations in the code where `ValidateEnv` was used instead of `ValidateLabel`.
Before this patch:
```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox
docker service inspect --format '{{json .Spec.Labels}}' test
{"SOME_ENV_VAR":"I_AM_SOME_ENV_VAR"}
```
After this patch:
```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox
docker container inspect --format '{{json .Config.Labels}}' test
{"SOME_ENV_VAR":""}
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-02-13 10:47:30 -05:00
|
|
|
const whiteSpaces = " \t"
|
2018-01-26 12:45:29 -05:00
|
|
|
|
|
|
|
// ErrBadKey typed error for bad environment variable
|
|
|
|
type ErrBadKey struct {
|
|
|
|
msg string
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e ErrBadKey) Error() string {
|
|
|
|
return fmt.Sprintf("poorly formatted environment: %s", e.msg)
|
|
|
|
}
|
|
|
|
|
2018-07-01 17:55:38 -04:00
|
|
|
func parseKeyValueFile(filename string, emptyFn func(string) (string, bool)) ([]string, error) {
|
2018-01-26 12:45:29 -05:00
|
|
|
fh, err := os.Open(filename)
|
|
|
|
if err != nil {
|
|
|
|
return []string{}, err
|
|
|
|
}
|
|
|
|
defer fh.Close()
|
|
|
|
|
|
|
|
lines := []string{}
|
|
|
|
scanner := bufio.NewScanner(fh)
|
|
|
|
currentLine := 0
|
|
|
|
utf8bom := []byte{0xEF, 0xBB, 0xBF}
|
|
|
|
for scanner.Scan() {
|
|
|
|
scannedBytes := scanner.Bytes()
|
|
|
|
if !utf8.Valid(scannedBytes) {
|
|
|
|
return []string{}, fmt.Errorf("env file %s contains invalid utf8 bytes at line %d: %v", filename, currentLine+1, scannedBytes)
|
|
|
|
}
|
|
|
|
// We trim UTF8 BOM
|
|
|
|
if currentLine == 0 {
|
|
|
|
scannedBytes = bytes.TrimPrefix(scannedBytes, utf8bom)
|
|
|
|
}
|
|
|
|
// trim the line from all leading whitespace first
|
|
|
|
line := strings.TrimLeftFunc(string(scannedBytes), unicode.IsSpace)
|
|
|
|
currentLine++
|
|
|
|
// line is not empty, and not starting with '#'
|
|
|
|
if len(line) > 0 && !strings.HasPrefix(line, "#") {
|
2022-12-27 10:24:23 -05:00
|
|
|
variable, value, hasValue := strings.Cut(line, "=")
|
2018-01-26 12:45:29 -05:00
|
|
|
|
|
|
|
// trim the front of a variable, but nothing else
|
2022-12-27 10:24:23 -05:00
|
|
|
variable = strings.TrimLeft(variable, whiteSpaces)
|
2018-01-26 12:45:29 -05:00
|
|
|
if strings.ContainsAny(variable, whiteSpaces) {
|
2019-03-18 22:17:02 -04:00
|
|
|
return []string{}, ErrBadKey{fmt.Sprintf("variable '%s' contains whitespaces", variable)}
|
2018-01-26 12:45:29 -05:00
|
|
|
}
|
2018-07-01 17:55:38 -04:00
|
|
|
if len(variable) == 0 {
|
|
|
|
return []string{}, ErrBadKey{fmt.Sprintf("no variable name on line '%s'", line)}
|
|
|
|
}
|
2018-01-26 12:45:29 -05:00
|
|
|
|
2022-12-27 10:24:23 -05:00
|
|
|
if hasValue {
|
2018-01-26 12:45:29 -05:00
|
|
|
// pass the value through, no trimming
|
2022-12-27 10:24:23 -05:00
|
|
|
lines = append(lines, variable+"="+value)
|
2018-01-26 12:45:29 -05:00
|
|
|
} else {
|
2018-07-01 17:55:38 -04:00
|
|
|
var present bool
|
2018-01-26 12:45:29 -05:00
|
|
|
if emptyFn != nil {
|
2018-07-01 17:55:38 -04:00
|
|
|
value, present = emptyFn(line)
|
|
|
|
}
|
|
|
|
if present {
|
|
|
|
// if only a pass-through variable is given, clean it up.
|
2022-12-27 10:24:23 -05:00
|
|
|
lines = append(lines, strings.TrimSpace(variable)+"="+value)
|
2018-01-26 12:45:29 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return lines, scanner.Err()
|
|
|
|
}
|