Commit db9f6454 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

feat: support multi-lines environment variables substitution

parent 0e4169e5

README.md

+4 −5
Original line number Diff line number Diff line
@@ -83,7 +83,6 @@ Here are some advices about your **secrets** (variables marked with a :lock:): 
  it will then be possible to mask it and the template will automatically decode it prior to using it.

3. Don't forget to escape special characters (ex: `$` -> `$$`).





### Environments configuration



As seen above, the Cloud Foundry template may support up to 4 environments (`review`, `integration`, `staging` and `production`).
@@ -192,7 +191,6 @@ Here are variables supported to configure the production environment: 
| `CF_PROD_ENVIRONMENT_URL`      | The production environment url **including scheme** (ex: `https://my-application.public.domain.com`) Do not use variable inside variable definition as it will result in a two level cascade variable and gitlab does not allow that. | _none_ |

| `CF_PROD_RETIRED_APP_SUFFIX` | If set, the app old version is not deleted/overriden but renamed with this suffix | _none_ |





### Hook scripts



Deployment jobs also support _optional_ **hook scripts** from your project, located in the `$CF_SCRIPTS_DIR` directory
@@ -257,7 +255,6 @@ So, what can be done about that? 
    * remind to delete your review env **manually before deleting the branch**

    * otherwise you'll have to do it afterwards from your computer (using `cf` CLI) or from the Cloud Foundry console.





### Manifest processing



Deployment jobs support a versatile way to evaluate the **deployment manifest**.
@@ -278,8 +275,10 @@ Deployment jobs support Cloud Foundry [variables replacement](https://docs.cloud 
* merged with file `cf-vars-$env.yml` if present in your project (e.g. `cf-vars-staging.yml` for staging environment).

* or merged with file `cf-vars.yml` if present in your project **and no `cf-vars-$env.yml` file was found**.



:warning: your `cf-vars-$env.yml` or `cf-vars.yml` files **may** contain variable patterns such as `${MY_SECRET}`. If so, those patterns will 

be evaluated (replaced) with actual environment values. This is a safe way of managing your application secrets.

:warning: your `cf-vars-$env.yml` or `cf-vars.yml` files **may** contain variable patterns such as `${MY_SECRET}`.

If so, those patterns will be evaluated (replaced) with actual environment values.

Multiline variables must be surrounded by **double quotes** (`"`).

This is a safe way of managing your application secrets.



### Routes management

templates/gitlab-ci-cf.yml

+6 −2
Original line number Diff line number Diff line
@@ -255,6 +255,10 @@ stages: 
    done

  }

  

  function awkenvsubst() {

    awk '{while(match($0,"[$]{[^}]*}")) {var=substr($0,RSTART+2,RLENGTH -3);val=ENVIRON[var];gsub(/["\\]/,"\\\\&", val);gsub("\n", "\\n", val);gsub("\r", "\\r", val);gsub("[$]{"var"}",val)}}1'

  }



  function pre_push() {

    # maybe execute pre push script

    prescript="$CF_SCRIPTS_DIR/cf-pre-push.sh"
@@ -277,11 +281,11 @@ stages: 
    if [[ -f "${envvarfile}" ]]

    then

      log_info "--- variables file for env \\e[33;1m${env}\\e[0m (\\e[33;1m${envvarfile}\\e[0m) found"

      envsubst < "$envvarfile" >> "$targetvarfile"

      awkenvsubst < "$envvarfile" >> "$targetvarfile"

    elif [[ -f "${globvarfile}" ]]

    then

      log_info "--- global variables file (\\e[33;1m${globvarfile}\\e[0m) found"

      envsubst < "$globvarfile" >> "$targetvarfile"

      awkenvsubst < "$globvarfile" >> "$targetvarfile"

    fi



    log_info "--- manifest variables:"