garden
garden copied to clipboard
garden-io
Cannot reference variables in Project scan config
Bug
Current Behavior
When creating a project config, it's impossible to reference variables or use any other templating in the scan field.
That makes it impossible to scan different paths based on different environments.
It also prevents other more dynamic patterns.
Expected behavior
Variables should be resolved first and then every possible field on the project config should be templated.
Reproducible example
kind: Project
name: example-project
scan:
include:
- $concat: ${var.scan-config.include}
- foo
variables:
scan-config:
include:
- bar
- ${local.username}-baz
environments:
- name: default
Error validating Project 'example-project':
...
4 | include:
5 | - $concat: ${var.scan-config.include}
-----------^
scan.include[0] must be a string
Suggested solution(s)
We should resolve the config in stages if possible and once variables have been resolved, resolve the other fields too.
Additional context
I did some digging in the source code and there's no trivial fix for this at the moment.
The project config first resolves templates for the variables and varfile, and then proceeds to validate the configuration.
We can't simply just use those variables to resolve the rest, since the varfile also needs resolving, which is currently tied to the environment configuration. That would need to be refactored if possible so that we can also resolve the global varfile.
Also the scan property is used rather early on in the entire process before we've done further processing of the configuration.
We need to take another look at the project configs and consider which parts if the config should be resolved at what time with what variables.
