agent
agent copied to clipboard
buildkite-agent env has --from-env-file and --print flags
Adds two flags to the buildkite-agent env
command introduced in #1781.
By default, buildkite-agent env
loads os.Environ()
and prints it as a JSON object; it's mainly intended for internal use to capture a snapshot of environment before a hook runs, and detect changes afterwards.
The new --from-env-file
boolean flag sources the environment from the file named by $BUILDKITE_ENV_FILE
instead of from os.Environ()
, using bufio.Scanner
and strconv.Unquote()
to safely and correctly parse the quoting/escaping done by %q
when the file was written:
https://github.com/buildkite/agent/blob/2aaefb699828b512ad62cd7791104b47bad46b96/agent/job_runner.go#L490
The new --print NAME
flag causes a single environment value to be printed in its raw unescaped form followed by a newline, instead of printing all vars as a JSON object.
Combined, this solves the problem of safely parsing BUILDKITE_ENV_FILE
(which cannot be safely evaluated in a shell if it may contain untrusted user input) to access a single variable, and allows for usage like this in a pre-command hook or similar:
if [[ $(buildkite-agent env --from-env-file --print BUILDKITE_BRANCH) != "main" ]]; then
echo "This agent only builds branch 'main'"
exit 42
fi