dotenv: add agree-once improvement to confirmation prompt (#8729)

* dotenv: add possibility to agree once for a given .env file

* refactor: fix code style

* Use :A modifier instead of readlink. Thanks Aloxaf

* Use grep and clean up allowed list check logic

* Simplify and reorder file; change default allowed list path

* Add new feature to README

* Make sure ZSH_CACHE_DIR is defined

* Resolve symlinks in $PWD before storing in allowed list

Co-authored-by: Aloxaf <bailong104@gmail.com>
Co-authored-by: Marc Cornellà <marc.cornella@live.com>
This commit is contained in:
Jędrzej Lewandowski 2020-03-23 12:10:06 +01:00 committed by GitHub
parent fe97382bc1
commit 6fbfc4c78b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 60 additions and 25 deletions

View File

@ -4,9 +4,7 @@ Automatically load your project ENV variables from `.env` file when you `cd` int
Storing configuration in the environment is one of the tenets of a [twelve-factor app](https://www.12factor.net). Anything that is likely to change between deployment environments, such as resource handles for databases or credentials for external services, should be extracted from the code into environment variables.
## Installation
Just add the plugin to your `.zshrc`:
To use it, add `dotenv` to the plugins array in your zshrc file:
```sh
plugins=(... dotenv)
@ -17,22 +15,26 @@ plugins=(... dotenv)
Create `.env` file inside your project root directory and put your ENV variables there.
For example:
```sh
export AWS_S3_TOKEN=d84a83539134f28f412c652b09f9f98eff96c9a
export SECRET_KEY=7c6c72d959416d5aa368a409362ec6e2ac90d7f
export MONGO_URI=mongodb://127.0.0.1:27017
export PORT=3001
```
`export` is optional. This format works as well:
```sh
AWS_S3_TOKEN=d84a83539134f28f412c652b09f9f98eff96c9a
SECRET_KEY=7c6c72d959416d5aa368a409362ec6e2ac90d7f
MONGO_URI=mongodb://127.0.0.1:27017
PORT=3001
```
You can even mix both formats, although it's probably a bad idea.
## Plugin options
## Settings
### ZSH_DOTENV_FILE
@ -40,7 +42,7 @@ You can also modify the name of the file to be loaded with the variable `ZSH_DOT
If the variable isn't set, the plugin will default to use `.env`.
For example, this will make the plugin look for files named `.dotenv` and load them:
```
```zsh
# in ~/.zshrc, before Oh My Zsh is sourced:
ZSH_DOTENV_FILE=.dotenv
```
@ -48,6 +50,27 @@ ZSH_DOTENV_FILE=.dotenv
### ZSH_DOTENV_PROMPT
Set `ZSH_DOTENV_PROMPT=false` in your zshrc file if you don't want the confirmation message.
You can also choose the `Always` option when prompted to always allow sourcing the .env file
in that directory. See the next section for more details.
### ZSH_DOTENV_ALLOWED_LIST
The default behavior of the plugin is to always ask whether to source a dotenv file. There's
a **Y**es, **N**o, and **A**lways option. If you choose Always, the directory of the .env file
will be added to an allowed list. If a directory is found in this list, the plugin won't ask
for confirmation and will instead source the .env file directly.
This allowed list is saved by default in `$ZSH_CACHE_DIR/dotenv-allowed.list`. If you want
to change that location, change the `$ZSH_DOTENV_ALLOWED_LIST` variable, like so:
```zsh
# in ~/.zshrc, before Oh My Zsh is sourced:
ZSH_DOTENV_ALLOWED_LIST=/path/to/dotenv/allowed/list
```
This file is just a list of directories allowed, separated by a newline character. If you want
to disallow a directory, just edit this file and remove the line for the directory you want to
disallow.
## Version Control
@ -58,5 +81,6 @@ Set `ZSH_DOTENV_PROMPT=false` in your zshrc file if you don't want the confirmat
This plugin only sources the `.env` file. Nothing less, nothing more. It doesn't do any checks. It's designed to be the fastest and simplest option. You're responsible for the `.env` file content. You can put some code (or weird symbols) there, but do it on your own risk. `dotenv` is the basic tool, yet it does the job.
If you need more advanced and feature-rich ENV management, check out these awesome projects:
* [direnv](https://github.com/direnv/direnv)
* [zsh-autoenv](https://github.com/Tarrasch/zsh-autoenv)

View File

@ -1,35 +1,46 @@
## Settings
# Filename of the dotenv file to look for
: ${ZSH_DOTENV_FILE:=.env}
# Path to the file containing allowed paths
: ${ZSH_DOTENV_ALLOWED_LIST:="${ZSH_CACHE_DIR:-$ZSH/cache}/dotenv-allowed.list"}
## Functions
source_env() {
if [[ -f $ZSH_DOTENV_FILE ]]; then
if [ "$ZSH_DOTENV_PROMPT" != "false" ]; then
# confirm before sourcing file
local confirmation
# print same-line prompt and output newline character if necessary
echo -n "dotenv: source '$ZSH_DOTENV_FILE' file in the directory? (Y/n) "
read -k 1 confirmation; [[ "$confirmation" != $'\n' ]] && echo
# only bail out if confirmation character is n
if [[ "$confirmation" = [nN] ]]; then
return
if [[ "$ZSH_DOTENV_PROMPT" != false ]]; then
local confirmation dirpath="${PWD:A}"
# make sure there is an allowed file
touch "$ZSH_DOTENV_ALLOWED_LIST"
# check if current directory's .env file is allowed or ask for confirmation
if ! grep -q "$dirpath" "$ZSH_DOTENV_ALLOWED_LIST" &>/dev/null; then
# print same-line prompt and output newline character if necessary
echo -n "dotenv: found '$ZSH_DOTENV_FILE' file. Source it? ([Y]es/[n]o/[a]lways) "
read -k 1 confirmation; [[ "$confirmation" != $'\n' ]] && echo
# check input
case "$confirmation" in
[nN]) return ;;
[aA]) echo "$dirpath" >> "$ZSH_DOTENV_ALLOWED_LIST" ;;
*) ;; # interpret anything else as a yes
esac
fi
fi
# test .env syntax
zsh -fn $ZSH_DOTENV_FILE || echo "dotenv: error when sourcing '$ZSH_DOTENV_FILE' file" >&2
if [[ -o a ]]; then
source $ZSH_DOTENV_FILE
else
set -a
source $ZSH_DOTENV_FILE
set +a
fi
setopt localoptions allexport
source $ZSH_DOTENV_FILE
fi
}
autoload -U add-zsh-hook
add-zsh-hook chpwd source_env
if [[ -z $ZSH_DOTENV_FILE ]]; then
ZSH_DOTENV_FILE=.env
fi
source_env