Always send the clear env to the container
Secret and clear env variables have different lifecycles. The clear ones are part of the repo, so it makes sense to always deploy them with the rest of the repo. The secret ones are external so we can't be sure that they are up to date, therefore they require an explicit push via `envify` or `env push`. We'll keep the env file, but now it just contains secrets. The clear values are passed directly to `docker run`.
This commit is contained in:
Donal McBreen
@@ -1,7 +1,7 @@
|
||||
require "test_helper"
|
||||
|
||||
class EnvFileTest < ActiveSupport::TestCase
|
||||
test "env file simple" do
|
||||
test "to_s" do
|
||||
env = {
|
||||
"foo" => "bar",
|
||||
"baz" => "haz"
|
||||
@@ -11,80 +11,27 @@ class EnvFileTest < ActiveSupport::TestCase
|
||||
Kamal::EnvFile.new(env).to_s
|
||||
end
|
||||
|
||||
test "env file clear" do
|
||||
env = {
|
||||
"clear" => {
|
||||
"foo" => "bar",
|
||||
"baz" => "haz"
|
||||
}
|
||||
}
|
||||
|
||||
assert_equal "foo=bar\nbaz=haz\n", \
|
||||
Kamal::EnvFile.new(env).to_s
|
||||
end
|
||||
|
||||
test "env file empty" do
|
||||
test "to_s empty" do
|
||||
assert_equal "\n", Kamal::EnvFile.new({}).to_s
|
||||
end
|
||||
|
||||
test "env file secret" do
|
||||
ENV["PASSWORD"] = "hello"
|
||||
test "to_s escaped newline" do
|
||||
env = {
|
||||
"secret" => [ "PASSWORD" ]
|
||||
"foo" => "hello\\nthere"
|
||||
}
|
||||
|
||||
assert_equal "PASSWORD=hello\n", \
|
||||
assert_equal "foo=hello\\\\nthere\n", \
|
||||
Kamal::EnvFile.new(env).to_s
|
||||
ensure
|
||||
ENV.delete "PASSWORD"
|
||||
end
|
||||
|
||||
test "env file secret escaped newline" do
|
||||
ENV["PASSWORD"] = "hello\\nthere"
|
||||
test "to_s newline" do
|
||||
env = {
|
||||
"secret" => [ "PASSWORD" ]
|
||||
"foo" => "hello\nthere"
|
||||
}
|
||||
|
||||
assert_equal "PASSWORD=hello\\\\nthere\n", \
|
||||
Kamal::EnvFile.new(env).to_s
|
||||
ensure
|
||||
ENV.delete "PASSWORD"
|
||||
end
|
||||
|
||||
test "env file secret newline" do
|
||||
ENV["PASSWORD"] = "hello\nthere"
|
||||
env = {
|
||||
"secret" => [ "PASSWORD" ]
|
||||
}
|
||||
|
||||
assert_equal "PASSWORD=hello\\nthere\n", \
|
||||
Kamal::EnvFile.new(env).to_s
|
||||
ensure
|
||||
ENV.delete "PASSWORD"
|
||||
end
|
||||
|
||||
test "env file missing secret" do
|
||||
env = {
|
||||
"secret" => [ "PASSWORD" ]
|
||||
}
|
||||
|
||||
assert_raises(KeyError) { Kamal::EnvFile.new(env).to_s }
|
||||
|
||||
ensure
|
||||
ENV.delete "PASSWORD"
|
||||
end
|
||||
|
||||
test "env file secret and clear" do
|
||||
ENV["PASSWORD"] = "hello"
|
||||
env = {
|
||||
"secret" => [ "PASSWORD" ],
|
||||
"clear" => {
|
||||
"foo" => "bar",
|
||||
"baz" => "haz"
|
||||
}
|
||||
}
|
||||
|
||||
assert_equal "PASSWORD=hello\nfoo=bar\nbaz=haz\n", \
|
||||
assert_equal "foo=hello\\nthere\n", \
|
||||
Kamal::EnvFile.new(env).to_s
|
||||
ensure
|
||||
ENV.delete "PASSWORD"
|
||||
|
||||
Reference in New Issue
Block a user