[IMP] Expand env vars in config #8
Conversation
lasley
commented
Jan 21, 2017
lasley
commented
- Add optional environment variable expansion for the config file
* Add optional environment variable expansion for the config file
|
Oops I knew I was forgetting something! Documentation updated |
2 similar comments
|
Coverage drop is due to more lines being added in the ReadMe it seems. I submitted #9 for that. |
|
@lasley IMO Variable expansion should be the default. A plus should be to keep a parameter to disable the expansion. |
|
@lmignon Making it the default sounds good to me - not being a core contributor to this repo, I was trying to make the change as silently as possible for the proposal. @sbidoul Yeah there could be some security implications here, as with most things using environment vars. An example of a harmful act that could be performed with this is the using a Travis Secret env var in a test & dumping it to console. This would require a merge to master though, because the Travis secures are not exposed to forks. I'm sure some other dangerous things could be thought of as well, but that's the main one I watch out for in PRs with systems that include env expansion. As with most security holes, the tradeoff is usability. In my specific instance, these env vars enhance usability of this application quite a bit in the context of Docker. |
|
I prefer to keep the explicit activation of the substitution mode. |
| @@ -89,6 +89,16 @@ def get_parser(): | |||
| type=_log_level_string_to_int, | |||
| nargs='?', | |||
| help='Set the logging output level. {0}'.format(_LOG_LEVEL_STRINGS)) | |||
|
|
|||
| main_parser.add_argument( | |||
| '-e', '--expand-env', | |||
There was a problem hiding this comment.
Per @pedrobaeza in Tecnativa@50467a3#commitcomment-20682952:
this is an incorrect use of parse arguments.
There was a problem hiding this comment.
Correct use is:
main_parser.add_argument(
'-e', '--expand-env',
dest='expand_env',
action='store_true',
help='Expand environment variables in configuration file',
)
