Fix interaction between environment variable interpolation in constants and shell escaping (#860).

This commit is contained in:
Dan Helfman 2024-04-30 09:36:26 -07:00
parent 92ed7573d4
commit 38bc4fbfe2
4 changed files with 24 additions and 7 deletions

3
NEWS
View file

@ -1,3 +1,6 @@
1.8.12.dev0
* #860: Fix interaction between environment variable interpolation in constants and shell escaping.
1.8.11
* #815: Add optional Healthchecks auto-provisioning via "create_slug" option.
* #851: Fix lack of file extraction when using "extract --strip-components all" on a path with a

View file

@ -50,12 +50,15 @@ def apply_constants(value, constants, shell_escape=False):
value[index] = apply_constants(list_value, constants, shell_escape)
elif isinstance(value, dict):
for option_name, option_value in value.items():
value[option_name] = apply_constants(
option_value,
constants,
shell_escape=(
shell_escape
or option_name.startswith('before_')
or option_name.startswith('after_')
or option_name == 'on_error'
),
)
value[option_name] = apply_constants(option_value, constants, shell_escape)
return value

View file

@ -1,6 +1,6 @@
from setuptools import find_packages, setup
VERSION = '1.8.11'
VERSION = '1.8.12.dev0'
setup(

View file

@ -50,6 +50,16 @@ def test_apply_constants_with_empty_constants_passes_through_value():
({'before_backup': '{inject}'}, {'before_backup': "'echo hi; naughty-command'"}),
({'after_backup': '{inject}'}, {'after_backup': "'echo hi; naughty-command'"}),
({'on_error': '{inject}'}, {'on_error': "'echo hi; naughty-command'"}),
(
{
'before_backup': '{env_pass}',
'postgresql_databases': [{'name': 'users', 'password': '{env_pass}'}],
},
{
'before_backup': "'${PASS}'",
'postgresql_databases': [{'name': 'users', 'password': '${PASS}'}],
},
),
(3, 3),
(True, True),
(False, False),
@ -63,6 +73,7 @@ def test_apply_constants_makes_string_substitutions(value, expected_value):
'int': 3,
'bool': True,
'inject': 'echo hi; naughty-command',
'env_pass': '${PASS}',
}
assert module.apply_constants(value, constants) == expected_value