feat: hide os shell envs

flanksource · Sep 15, 2024 · 708d505 · 708d505
1 parent 0c02f68
commit 708d505
Show file tree

Hide file tree

Showing 2 changed files with 84 additions and 3 deletions.
diff --git a/shell/shell.go b/shell/shell.go
@@ -38,14 +38,16 @@ type Artifact struct {
 }
 
 type ExecDetails struct {
-	Error    error    `json:"-"`
 	Stdout   string   `json:"stdout"`
 	Stderr   string   `json:"stderr"`
 	ExitCode int      `json:"exitCode"`
 	Path     string   `json:"path"`
 	Args     []string `json:"args"`
+
 	// Any extra details about the command execution, e.g. git commit id, etc.
-	Extra     map[string]any       `json:"extra,omitempty"`
+	Extra map[string]any `json:"extra,omitempty"`
+
+	Error     error                `json:"-" yaml:"-"`
 	Artifacts []artifacts.Artifact `json:"-" yaml:"-"`
 }
 
@@ -72,9 +74,11 @@ func Run(ctx context.Context, exec Exec) (*ExecDetails, error) {
 		return nil, ctx.Oops().Wrap(err)
 	}
 
+	// Set to a non-nil empty slice to prevent access to current environment variables
+	cmd.Env = []string{}
 	if len(envParams.envs) != 0 {
 		ctx.Logger.V(6).Infof("using environment %s", logger.Pretty(envParams.envs))
-		cmd.Env = append(os.Environ(), envParams.envs...)
+		cmd.Env = append(cmd.Env, envParams.envs...)
 	}
 
 	if envParams.mountPoint != "" {

diff --git a/shell/shell_test.go b/shell/shell_test.go
@@ -0,0 +1,77 @@
+package shell
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/flanksource/duty/context"
+	"github.com/flanksource/duty/types"
+	"github.com/samber/lo"
+)
+
+func TestEnv(t *testing.T) {
+	testData := []struct {
+		name         string
+		exec         Exec
+		expectedVars []string
+	}{
+		{
+			name: "access custom env vars",
+			exec: Exec{
+				Script: "env",
+				EnvVars: []types.EnvVar{
+					{Name: "mc_test_secret", ValueStatic: "abcdef"},
+				},
+			},
+			expectedVars: []string{"mc_test_secret=abcdef"},
+		},
+		{
+			name: "access multiple custom env vars",
+			exec: Exec{
+				Script: "env",
+				EnvVars: []types.EnvVar{
+					{Name: "mc_test_secret_key", ValueStatic: "abc"},
+					{Name: "mc_test_secret_id", ValueStatic: "xyz"},
+				},
+			},
+			expectedVars: []string{"mc_test_secret_key=abc", "mc_test_secret_id=xyz"},
+		},
+		{
+			name: "no access to process env",
+			exec: Exec{
+				Script: "env",
+			},
+			expectedVars: []string{},
+		},
+	}
+
+	ctx := context.New()
+	for _, td := range testData {
+		t.Run(td.name, func(t *testing.T) {
+			result, err := Run(ctx, td.exec)
+			if err != nil {
+				t.Fatalf("failed to run command %s", err)
+			}
+
+			if result.ExitCode != 0 {
+				t.Errorf("unexpected non-zero exit code: %d", result.ExitCode)
+			}
+
+			if result.Stderr != "" {
+				t.Errorf("unexpected stderr: %s", result.Stderr)
+			}
+
+			envVars := strings.Split(result.Stdout, "\n")
+
+			// These env vars are always made available.
+			envVars = lo.Filter(envVars, func(v string, _ int) bool {
+				key, _, _ := strings.Cut(v, "=")
+				return key != "PWD" && key != "SHLVL" && key != "_"
+			})
+
+			if !lo.Every(envVars, td.expectedVars) || !lo.Every(td.expectedVars, envVars) {
+				t.Errorf("expected %s, got %s", td.expectedVars, envVars)
+			}
+		})
+	}
+}