From 9d3f7e63b37d5ca723aa74a841b29a88307e670a Mon Sep 17 00:00:00 2001
From: Rhys Arkins <rhys@arkins.net>
Date: Sat, 14 Dec 2024 08:59:29 +0100
Subject: [PATCH] feat(config): global:safeEnv (#33096)

---
 lib/config/options/index.ts               |  1 +
 lib/config/presets/internal/global.ts     | 11 +++++++++++
 lib/config/presets/internal/index.spec.ts |  3 ++-
 lib/config/presets/internal/index.ts      |  2 ++
 lib/config/presets/parse.ts               |  1 +
 5 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 lib/config/presets/internal/global.ts

diff --git a/lib/config/options/index.ts b/lib/config/options/index.ts
index a87d3d8a91..8310f685b9 100644
--- a/lib/config/options/index.ts
+++ b/lib/config/options/index.ts
@@ -52,6 +52,7 @@ const options: RenovateOptions[] = [
     subType: 'string',
     globalOnly: true,
     patternMatch: true,
+    mergeable: true,
   },
   {
     name: 'detectGlobalManagerConfig',
diff --git a/lib/config/presets/internal/global.ts b/lib/config/presets/internal/global.ts
new file mode 100644
index 0000000000..aaf331d81e
--- /dev/null
+++ b/lib/config/presets/internal/global.ts
@@ -0,0 +1,11 @@
+import type { Preset } from '../types';
+
+/* eslint sort-keys: ["error", "asc", {caseSensitive: false, natural: true}] */
+
+export const presets: Record<string, Preset> = {
+  safeEnv: {
+    allowedEnv: ['GO*'],
+    description:
+      'Hopefully safe environment variables to allow users to configure.',
+  },
+};
diff --git a/lib/config/presets/internal/index.spec.ts b/lib/config/presets/internal/index.spec.ts
index 1b978f01d0..76f4d35725 100644
--- a/lib/config/presets/internal/index.spec.ts
+++ b/lib/config/presets/internal/index.spec.ts
@@ -30,7 +30,8 @@ describe('config/presets/internal/index', () => {
             const config = await resolveConfigPresets(
               massageConfig(presetConfig),
             );
-            const res = await validateConfig('repo', config, true);
+            const configType = groupName === 'global' ? 'global' : 'repo';
+            const res = await validateConfig(configType, config, true);
             expect(res.errors).toHaveLength(0);
             expect(res.warnings).toHaveLength(0);
           } catch (err) {
diff --git a/lib/config/presets/internal/index.ts b/lib/config/presets/internal/index.ts
index e61f0d5a0a..d9ec8c4bdf 100644
--- a/lib/config/presets/internal/index.ts
+++ b/lib/config/presets/internal/index.ts
@@ -3,6 +3,7 @@ import * as configPreset from './config';
 import * as customManagersPreset from './custom-managers';
 import * as defaultPreset from './default';
 import * as dockerPreset from './docker';
+import * as globalPreset from './global';
 import * as groupPreset from './group';
 import * as helpersPreset from './helpers';
 import * as mergeConfidence from './merge-confidence';
@@ -22,6 +23,7 @@ export const groups: Record<string, Record<string, Preset>> = {
   customManagers: customManagersPreset.presets,
   default: defaultPreset.presets,
   docker: dockerPreset.presets,
+  global: globalPreset.presets,
   group: groupPreset.presets,
   helpers: helpersPreset.presets,
   mergeConfidence: mergeConfidence.presets,
diff --git a/lib/config/presets/parse.ts b/lib/config/presets/parse.ts
index 09ac031b26..d81a7d9ac6 100644
--- a/lib/config/presets/parse.ts
+++ b/lib/config/presets/parse.ts
@@ -57,6 +57,7 @@ export function parsePreset(input: string): ParsedPreset {
     'customManagers',
     'default',
     'docker',
+    'global',
     'group',
     'helpers',
     'mergeConfidence',
-- 
GitLab