[keyserver] Fix importJSON environmental variables to avoid special chars in name
ClosedPublic
Actions

Authored by ashoat on Jun 1 2022, 1:29 AM.

Details

Reviewers

tomek
atul

Commits

rCOMMa407cad3a87d: [keyserver] Fix importJSON environmental variables to avoid special chars in…

Summary

I did not test D4102 well enough. When I actually got around to using it, I realized that placing special characters like / and . in environmental variable names does not work.

This diff does two things:

Makes sure we don't have any special chars in the names of the environmental variables
It improves the security by limiting access to facts and keyserver directories (assuming we can trust Flow)

Test Plan

I configured a .env that uses importJSON like this:

COMM_MYSQL_DATABASE=commdev
COMM_MYSQL_USER=commdev
COMM_MYSQL_PASSWORD=pass
COMM_JSONCONFIG_facts_landing_url='{"baseDomain":"http://localhost","basePath":"/commlanding/","baseRoutePath":"/commlanding/","https":false}'
COMM_JSONCONFIG_facts_commapp_url='{"baseDomain":"http://localhost","basePath":"/comm/","https":false,"baseRoutePath":"/comm/"}'

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

ashoat created this revision.Jun 1 2022, 1:29 AM

Herald added subscribers: • abosh, • adrian. · View Herald TranscriptJun 1 2022, 1:29 AM

ashoat added a child revision: D4172: [keyserver] Add Webpack builds to keyserver Dockerfile.Jun 1 2022, 1:29 AM

Harbormaster completed remote builds in B9566: Diff 13264.Jun 1 2022, 1:36 AM

ashoat requested review of this revision.Jun 1 2022, 1:36 AM

atul accepted this revision.Jun 1 2022, 6:45 AM

atul added inline comments.

keyserver/src/utils/import-json.js
32 ↗	(On Diff #13264)	Guessing that we're prefixing the ENV name with `COMM_JSONCONFIG` to avoid potential collisions with other environment variables?