Retain custom environment variables in env-config.json between translation#2131
Retain custom environment variables in env-config.json between translation#2131jefchien wants to merge 6 commits into
Conversation
jefchien
added
the
ready for testing
jefchien
force-pushed
the
retain-envconfig
branch
from
bc795a3 to
0a5f49e
Compare
|
|
||
| // MergeEnvConfigFile merges the given values into the env-config.json at path. | ||
| // Existing values are retained; the provided values take precedence. | ||
| func MergeEnvConfigFile(path string, values map[string]string) error { |
There was a problem hiding this comment.
nit: is this just to clearly distinguish between merge and replace? seems unnecessary wrapper when the end result is always replace.
| if err != nil { | ||
| return err | ||
| } | ||
| return os.WriteFile(path, data, 0644) //nolint:gosec // G306: 0644 is intentional for env-config.json |
There was a problem hiding this comment.
This is the permissions that the env-config.json currently has. Don't want to introduce a potential regression by changing it.
| } | ||
| for k, v := range envVars { | ||
| if os.Setenv(k, v) == nil && visitor != nil { | ||
| visitor(k, v) |
There was a problem hiding this comment.
Should we log out if we fail to setEnv ?
|
|
||
| // ReplaceEnvConfigFile merges the given values into the env-config.json at path, | ||
| // first removing keysToRemove so stale values don't persist. | ||
| func ReplaceEnvConfigFile(path string, values map[string]string, keysToRemove []string) error { |
There was a problem hiding this comment.
I know that this function is NOT atomic so it can technically corrupt the env.json via a race condition. I think it should be okay since we have the 0644; however, if the user sets to run CWAgent as X user, is it possible for that user to right to the env-config.json and cause the race condition?
| } | ||
|
|
||
| // MergeEnvConfigFile merges the given values into the env-config.json at path. | ||
| // Existing values are retained; the provided values take precedence. |
There was a problem hiding this comment.
nit: I would say overwrite rather than precedence
|
This PR was marked stale due to lack of activity. |
|
This PR was marked stale due to lack of activity. |
5 participants
Description of the issue
When the config translator runs (e.g. on
fetch-config), it overwritesenv-config.jsonentirely. Any values written to that file outside of translation are lost. This means custom environment variables are not retained.Description of changes
Adds file-level helpers to the existing
cfg/envconfigpackage (ReadEnvConfigFile,LoadEnvConfigFile,MergeEnvConfigFile,ReplaceEnvConfigFile) that centralize allenv-config.jsonI/O.The key behavioral change is in
TranslateJSONMapToEnvConfigFile. Instead of overwritingenv-config.json, it now callsReplaceEnvConfigFilewithtoenvconfig.ManagedKeys, the explicit set of keys that translation owns. On each translation, managed keys are reset to reflect the current JSON config (clearing stale values), while unmanaged keys are preserved.License
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Tests
Added unit tests. Built and tested on EC2 instance.
Requirements
Before commiting your code, please do the following steps.
make fmtandmake fmt-shmake lintIntegration Tests
To run integration tests against this PR, add the
ready for testinglabel.