terraform-provider-dokku icon indicating copy to clipboard operation
terraform-provider-dokku copied to clipboard

Published 20 hours ago verified publisher icon aaronstillwell

Config variables don't have quotes escaped when being set

Open aaronstillwell opened this issue 3 years ago • 16 comments

Describe the bug

Config vars don't have quotes escaped when being set on an app.

To Reproduce

Try setting a config var on an app with quotes in it.

Expected behavior

Config vars with quotes should be supported without issue.

Additional context

This issue is being added retroactively. The above problem needs verifying before being worked on. The below snippet is where the suspected problem lies:

https://github.com/aaronstillwell/terraform-provider-dokku/blob/48f0f6827a5192e744556011c3bd7e6e4080c0c3/internal/provider/dokku.go#L96-L106

aaronstillwell avatar Mar 05 '22 22:03 aaronstillwell

You can assign this to me @aaronstillwell

jyoost avatar Mar 06 '22 01:03 jyoost

One question. Is there a way to put terraform in a verbose mode to spit out the command it is about to perform? @aaronstillwell ?

jyoost avatar Mar 06 '22 02:03 jyoost

@jyoost yes see the TF_LOG environment variable. https://www.terraform.io/cli/config/environment-variables

The run command automatically logs all dokku commands sent to the server.

https://github.com/aaronstillwell/terraform-provider-dokku/blob/48f0f6827a5192e744556011c3bd7e6e4080c0c3/internal/provider/ssh.go#L25-L56

aaronstillwell avatar Mar 06 '22 09:03 aaronstillwell

@jyoost a further good starting point for this issue would be to verify the problem exists by updating the following acceptance test to include a config var with a quote.

https://github.com/aaronstillwell/terraform-provider-dokku/blob/48f0f6827a5192e744556011c3bd7e6e4080c0c3/internal/provider/resource_app_test.go#L155-L200

aaronstillwell avatar Mar 06 '22 09:03 aaronstillwell

@aaronstillwell just wanted you to know, I'm working on these Issues. I set up a development environment, forked the project. Was able to build and run local. I also was able to deploy to a new VPS set up with dokku. so i will be testing on a live remote server.

I am in Oregon and on PST. Where are you located.

jyoost avatar Mar 07 '22 18:03 jyoost

Nice job @jyoost. London UK, UTC

aaronstillwell avatar Mar 07 '22 19:03 aaronstillwell

@aaronstillwell I want to verify we are looking to have it handle embedded quotes like "hell"o" dokku" or "hello" dokku"

jyoost avatar Mar 07 '22 19:03 jyoost

Correct.

aaronstillwell avatar Mar 07 '22 19:03 aaronstillwell

Sorry double quotes as per your PR - misread your last comment here.

aaronstillwell avatar Mar 07 '22 20:03 aaronstillwell

@aaronstillwell I sent you an email so you would have my contact info outside this repo.

I got hung up on other projects this week and I also got STUCK on what to do to include a test for this issue.

I can run the test manually by plugging in a string with quotes and it passes, what I am stuck on is how to add a test case to the workflow to do that.

If you could make the change in a separate branch so I can see what you did, it would get me unstuck and I will know what to do on other tests.

jyoost avatar Mar 11 '22 14:03 jyoost

No problem @jyoost.

Some background information on acceptance testing a Terraform provider can be found here.

We already have an acceptance test for setting config variables here:

https://github.com/aaronstillwell/terraform-provider-dokku/blob/48f0f6827a5192e744556011c3bd7e6e4080c0c3/internal/provider/resource_app_test.go#L155-L200

You can add a test step to the existing by coping the last step e.g

https://github.com/aaronstillwell/terraform-provider-dokku/blob/48f0f6827a5192e744556011c3bd7e6e4080c0c3/internal/provider/resource_app_test.go#L185-L197

but changing the value of the config var FOO3 in this example to something with a quote. You'd then need to change the assertion that calls testAccCheckDokkuAppConfigVar to match.

Hopefully that's enough guidance to get something working?

aaronstillwell avatar Mar 11 '22 22:03 aaronstillwell

@jyoost I've just updated the vagrantfile & readme to make it easier to run these tests locally using a vagrant VM.

aaronstillwell avatar Mar 12 '22 11:03 aaronstillwell

hey @aaronstillwell ,

After extensive testing on my live system, something is eating the quotes. since the debug messages print out the env vars as "******" it is very hard to determine what is happening.

HELP!!

@jyoost

jyoost avatar Mar 15 '22 13:03 jyoost

Sorry slow reply @jyoost - yes the logging is filtered deliberately to prevent leaking secrets. Have you tried developing with an acceptance test? This might be the easiest way to verify your change vs testing against prod like that.

aaronstillwell avatar Mar 22 '22 18:03 aaronstillwell

@aaronstillwell ,

No problem on being late , I have been busy on other projects.

I am using the acceptance test, but not vagrant. Vagrant requires virtualbox which I refuse to install. I run ubuntu Linux on my desktop. Virtualbox almost trashed my computer one time.

The test for this only checks the output. When I get back to it I think I have it solved.

jyoost avatar Mar 22 '22 20:03 jyoost

Hey @aaronstillwell ,

Could we have a short zoom meeting some time?

jyoost avatar Mar 28 '22 11:03 jyoost