DockerCLI/opts/file.go

package opts

import (
	"bufio"
	"bytes"
	"fmt"
	"os"
	"strings"
	"unicode"
	"unicode/utf8"
)

const whiteSpaces = " \t"

func parseKeyValueFile(filename string, lookupFn func(string) (string, bool)) ([]string, error) {
	fh, err := os.Open(filename)
	if err != nil {
		return []string{}, err
	}
	defer fh.Close()

	lines := []string{}
	scanner := bufio.NewScanner(fh)
	utf8bom := []byte{0xEF, 0xBB, 0xBF}
	for currentLine := 1; scanner.Scan(); currentLine++ {
		scannedBytes := scanner.Bytes()
		if !utf8.Valid(scannedBytes) {
			return []string{}, fmt.Errorf("env file %s contains invalid utf8 bytes at line %d: %v", filename, currentLine, scannedBytes)
		}
		// We trim UTF8 BOM
		if currentLine == 1 {
			scannedBytes = bytes.TrimPrefix(scannedBytes, utf8bom)
		}
		// trim the line from all leading whitespace first. trailing whitespace
		// is part of the value, and is kept unmodified.
		line := strings.TrimLeftFunc(string(scannedBytes), unicode.IsSpace)

		if len(line) == 0 || line[0] == '#' {
			// skip empty lines and comments (lines starting with '#')
			continue
		}

		key, _, hasValue := strings.Cut(line, "=")
		if len(key) == 0 {
			return []string{}, fmt.Errorf("no variable name on line '%s'", line)
		}

		// leading whitespace was already removed from the line, but
		// variables are not allowed to contain whitespace or have
		// trailing whitespace.
		if strings.ContainsAny(key, whiteSpaces) {
			return []string{}, fmt.Errorf("variable '%s' contains whitespaces", key)
		}

		if hasValue {
			// key/value pair is valid and has a value; add the line as-is.
			lines = append(lines, line)
			continue
		}

		if lookupFn != nil {
			// No value given; try to look up the value. The value may be
			// empty but if no value is found, the key is omitted.
			if value, found := lookupFn(line); found {
				lines = append(lines, key+"="+value)
			}
		}
	}
	return lines, scanner.Err()
}
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00			`package opts`

			`import (`
			`"bufio"`
			`"bytes"`
			`"fmt"`
			`"os"`
			`"strings"`
			`"unicode"`
			`"unicode/utf8"`
			`)`

Fix labels copying value from environment variables This patch fixes a bug where labels use the same behavior as `--env`, resulting in a value to be copied from environment variables with the same name as the label if no value is set (i.e. a simple key, no `=` sign, no value). An earlier pull request addressed similar cases for `docker run`; 2b17f4c8a8caad552025edb05a73db683fb8a5c6, but this did not address the same situation for (e.g.) `docker service create`. Digging in history for this bug, I found that use of the `ValidateEnv` function for labels was added in the original implementation of the labels feature in https://github.com/docker/docker/commit/abb5e9a0777469e64fe2c7ecfa66ea01083d2071#diff-ae476143d40e21ac0918630f7365ed3cR34 However, the design never intended it to expand environment variables, and use of this function was either due to either a "copy/paste" of the equivalent `--env` flags, or a misunderstanding (the name `ValidateEnv` does not communicate that it also expands environment variables), and the existing `ValidateLabel` was designed for _engine_ labels (which required a value to be set). Following the initial implementation, other parts of the code followed the same (incorrect) approach, therefore leading the bug to be introduced in services as well. This patch: - updates the `ValidateLabel` to match the expected validation rules (this function is no longer used since 31dc5c0a9a8bdc11c7ad335aebb753ed527caa5a), and the daemon has its own implementation) - corrects various locations in the code where `ValidateEnv` was used instead of `ValidateLabel`. Before this patch: ```bash export SOME_ENV_VAR=I_AM_SOME_ENV_VAR docker service create --label SOME_ENV_VAR --tty --name test busybox docker service inspect --format '{{json .Spec.Labels}}' test {"SOME_ENV_VAR":"I_AM_SOME_ENV_VAR"} ``` After this patch: ```bash export SOME_ENV_VAR=I_AM_SOME_ENV_VAR docker service create --label SOME_ENV_VAR --tty --name test busybox docker container inspect --format '{{json .Config.Labels}}' test {"SOME_ENV_VAR":""} ``` Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2019-02-13 10:47:30 -05:00			`const whiteSpaces = " \t"`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00
opts: parseKeyValueFile: cleanup and remove redundant trimming - the function already trimmed leading whitespace from each line before parsing. keys with trailing whitespace would be invalidated, and values have whitespace preserved, so there's no need to trim whitespace for the key. - if a line is validated (key is valid), we don't need to reconstruct the key=value by concatenating, and we can add the line as-is. - check if the key is empty before checking if it contains whitespace - touch-up comments - rename some variables for readability - slight cleanup to use early returns / early continues to reduce nesting Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-10-03 16:16:04 -04:00			`func parseKeyValueFile(filename string, lookupFn func(string) (string, bool)) ([]string, error) {`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00			`fh, err := os.Open(filename)`
			`if err != nil {`
			`return []string{}, err`
			`}`
			`defer fh.Close()`

			`lines := []string{}`
			`scanner := bufio.NewScanner(fh)`
			`utf8bom := []byte{0xEF, 0xBB, 0xBF}`
opts: parseKeyValueFile: cleanup and remove redundant trimming - the function already trimmed leading whitespace from each line before parsing. keys with trailing whitespace would be invalidated, and values have whitespace preserved, so there's no need to trim whitespace for the key. - if a line is validated (key is valid), we don't need to reconstruct the key=value by concatenating, and we can add the line as-is. - check if the key is empty before checking if it contains whitespace - touch-up comments - rename some variables for readability - slight cleanup to use early returns / early continues to reduce nesting Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-10-03 16:16:04 -04:00			`for currentLine := 1; scanner.Scan(); currentLine++ {`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00			`scannedBytes := scanner.Bytes()`
			`if !utf8.Valid(scannedBytes) {`
opts: parseKeyValueFile: cleanup and remove redundant trimming - the function already trimmed leading whitespace from each line before parsing. keys with trailing whitespace would be invalidated, and values have whitespace preserved, so there's no need to trim whitespace for the key. - if a line is validated (key is valid), we don't need to reconstruct the key=value by concatenating, and we can add the line as-is. - check if the key is empty before checking if it contains whitespace - touch-up comments - rename some variables for readability - slight cleanup to use early returns / early continues to reduce nesting Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-10-03 16:16:04 -04:00			`return []string{}, fmt.Errorf("env file %s contains invalid utf8 bytes at line %d: %v", filename, currentLine, scannedBytes)`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00			`}`
			`// We trim UTF8 BOM`
opts: parseKeyValueFile: cleanup and remove redundant trimming - the function already trimmed leading whitespace from each line before parsing. keys with trailing whitespace would be invalidated, and values have whitespace preserved, so there's no need to trim whitespace for the key. - if a line is validated (key is valid), we don't need to reconstruct the key=value by concatenating, and we can add the line as-is. - check if the key is empty before checking if it contains whitespace - touch-up comments - rename some variables for readability - slight cleanup to use early returns / early continues to reduce nesting Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-10-03 16:16:04 -04:00			`if currentLine == 1 {`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00			`scannedBytes = bytes.TrimPrefix(scannedBytes, utf8bom)`
			`}`
opts: parseKeyValueFile: cleanup and remove redundant trimming - the function already trimmed leading whitespace from each line before parsing. keys with trailing whitespace would be invalidated, and values have whitespace preserved, so there's no need to trim whitespace for the key. - if a line is validated (key is valid), we don't need to reconstruct the key=value by concatenating, and we can add the line as-is. - check if the key is empty before checking if it contains whitespace - touch-up comments - rename some variables for readability - slight cleanup to use early returns / early continues to reduce nesting Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-10-03 16:16:04 -04:00			`// trim the line from all leading whitespace first. trailing whitespace`
			`// is part of the value, and is kept unmodified.`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00			`line := strings.TrimLeftFunc(string(scannedBytes), unicode.IsSpace)`

opts: parseKeyValueFile: cleanup and remove redundant trimming - the function already trimmed leading whitespace from each line before parsing. keys with trailing whitespace would be invalidated, and values have whitespace preserved, so there's no need to trim whitespace for the key. - if a line is validated (key is valid), we don't need to reconstruct the key=value by concatenating, and we can add the line as-is. - check if the key is empty before checking if it contains whitespace - touch-up comments - rename some variables for readability - slight cleanup to use early returns / early continues to reduce nesting Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-10-03 16:16:04 -04:00			`if len(line) == 0 \|\| line[0] == '#' {`
			`// skip empty lines and comments (lines starting with '#')`
			`continue`
			`}`

			`key, _, hasValue := strings.Cut(line, "=")`
			`if len(key) == 0 {`
			`return []string{}, fmt.Errorf("no variable name on line '%s'", line)`
			`}`

			`// leading whitespace was already removed from the line, but`
			`// variables are not allowed to contain whitespace or have`
			`// trailing whitespace.`
			`if strings.ContainsAny(key, whiteSpaces) {`
			`return []string{}, fmt.Errorf("variable '%s' contains whitespaces", key)`
			`}`

			`if hasValue {`
			`// key/value pair is valid and has a value; add the line as-is.`
			`lines = append(lines, line)`
			`continue`
			`}`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00
opts: parseKeyValueFile: cleanup and remove redundant trimming - the function already trimmed leading whitespace from each line before parsing. keys with trailing whitespace would be invalidated, and values have whitespace preserved, so there's no need to trim whitespace for the key. - if a line is validated (key is valid), we don't need to reconstruct the key=value by concatenating, and we can add the line as-is. - check if the key is empty before checking if it contains whitespace - touch-up comments - rename some variables for readability - slight cleanup to use early returns / early continues to reduce nesting Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2024-10-03 16:16:04 -04:00			`if lookupFn != nil {`
			`// No value given; try to look up the value. The value may be`
			`// empty but if no value is found, the key is omitted.`
			`if value, found := lookupFn(line); found {`
			`lines = append(lines, key+"="+value)`
Fix `--label-file` weird behavior `--label-file` has the exact same behavior as `--env-file`, meaning any placeholder (i.e. a simple key, no `=` sign, no value), it will get the value from the environment variable. For `--label-file` it should just add an empty label. Signed-off-by: Vincent Demeester <vincent@sbr.pm> 2018-01-26 12:45:29 -05:00			`}`
			`}`
			`}`
			`return lines, scanner.Err()`
			`}`