spacebar/kamal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ensure env secrets are merged correctly with roles

Browse Source
This commit is contained in:
David Heinemeier Hansson
2023-01-21 11:32:40 +01:00
parent dda20eec11
commit fd23fc1dfd
4 changed files with 99 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
lib/mrsk/configuration/role.rb
View File

@@ -1,5 +1,5 @@
class Mrsk::Configuration::Role
delegate :argumentize, to: Mrsk::Utils
delegate :argumentize, :argumentize_env_with_secrets, to: Mrsk::Utils
attr_accessor :name
@@ -20,11 +20,15 @@ class Mrsk::Configuration::Role
end
def env
(config.env || {}).merge(specializations["env"] || {})
if config.env && config.env["secret"]
merged_env_with_secrets
else
merged_env
end
end
def env_args
argumentize "-e", env
argumentize_env_with_secrets env
end
def cmd
@@ -79,4 +83,20 @@ class Mrsk::Configuration::Role
config.servers[name].except("hosts")
end
end
def specialized_env
specializations["env"] || {}
end
def merged_env
config.env&.merge(specialized_env) || {}
end
# Secrets are stored in an array, which won't merge by default, so have to do it by hand.
def merged_env_with_secrets
merged_env.tap do |new_env|
new_env["secret"] = Array(config.env["secret"]) + Array(specialized_env["secret"])
new_env["clear"] = (Array(config.env["clear"] || config.env) + Array(specialized_env["clear"] || specialized_env)).uniq
end
end
end