From aaa80f8055d01d574cfa93ecaacb09499caaed09 Mon Sep 17 00:00:00 2001
From: praveshtora <pravesh.tora@gmail.com>
Date: Sat, 13 Jul 2019 11:53:03 +0530
Subject: [PATCH] fix: Pass PROXY in child Process (#4013)
---
lib/manager/bundler/artifacts.js | 9 ++------
lib/manager/cargo/artifacts.js | 9 ++------
lib/manager/composer/artifacts.js | 10 ++-------
lib/manager/gomod/artifacts.js | 10 ++-------
lib/manager/npm/post-update/index.js | 17 +++++---------
lib/manager/pipenv/artifacts.js | 12 ++--------
lib/manager/poetry/artifacts.js | 9 ++------
lib/util/env.js | 24 ++++++++++++++++++++
test/util/env.spec.js | 33 ++++++++++++++++++++++++++++
9 files changed, 75 insertions(+), 58 deletions(-)
create mode 100644 lib/util/env.js
create mode 100644 test/util/env.spec.js
diff --git a/lib/manager/bundler/artifacts.js b/lib/manager/bundler/artifacts.js
index 1a5572ae21..1dda3ad850 100644
--- a/lib/manager/bundler/artifacts.js
+++ b/lib/manager/bundler/artifacts.js
@@ -1,6 +1,7 @@
const { exec } = require('child-process-promise');
const fs = require('fs-extra');
const upath = require('upath');
+const { getChildProcessEnv } = require('../../util/env');
const { getPkgReleases } = require('../../datasource/docker');
const {
@@ -40,13 +41,7 @@ async function updateArtifacts(
const localPackageFileName = upath.join(config.localDir, packageFileName);
await fs.outputFile(localPackageFileName, newPackageFileContent);
const localLockFileName = upath.join(config.localDir, lockFileName);
- const env =
- global.trustLevel === 'high'
- ? process.env
- : {
- HOME: process.env.HOME,
- PATH: process.env.PATH,
- };
+ const env = getChildProcessEnv();
const startTime = process.hrtime();
let cmd;
if (config.binarySource === 'docker') {
diff --git a/lib/manager/cargo/artifacts.js b/lib/manager/cargo/artifacts.js
index 3c19feeec6..a05817fd96 100644
--- a/lib/manager/cargo/artifacts.js
+++ b/lib/manager/cargo/artifacts.js
@@ -2,6 +2,7 @@ const upath = require('upath');
const process = require('process');
const fs = require('fs-extra');
const { exec } = require('child-process-promise');
+const { getChildProcessEnv } = require('../../util/env');
module.exports = {
updateArtifacts,
@@ -32,13 +33,7 @@ async function updateArtifacts(
await fs.outputFile(localPackageFileName, newPackageFileContent);
logger.debug('Updating ' + lockFileName);
const cwd = config.localDir;
- const env =
- global.trustLevel === 'high'
- ? process.env
- : {
- HOME: process.env.HOME,
- PATH: process.env.PATH,
- };
+ const env = getChildProcessEnv();
for (let i = 0; i < updatedDeps.length; i += 1) {
const dep = updatedDeps[i];
// Update dependency `${dep}` in Cargo.lock file corresponding to Cargo.toml file located
diff --git a/lib/manager/composer/artifacts.js b/lib/manager/composer/artifacts.js
index 0c9642afbd..7d92fb4d62 100644
--- a/lib/manager/composer/artifacts.js
+++ b/lib/manager/composer/artifacts.js
@@ -4,6 +4,7 @@ const { exec } = require('child-process-promise');
const fs = require('fs-extra');
const upath = require('upath');
const hostRules = require('../../util/host-rules');
+const { getChildProcessEnv } = require('../../util/env');
module.exports = {
updateArtifacts,
@@ -95,14 +96,7 @@ async function updateArtifacts(
const localAuthFileName = upath.join(cwd, 'auth.json');
await fs.outputFile(localAuthFileName, JSON.stringify(authJson));
}
- const env =
- global.trustLevel === 'high'
- ? process.env
- : {
- HOME: process.env.HOME,
- PATH: process.env.PATH,
- COMPOSER_CACHE_DIR: process.env.COMPOSER_CACHE_DIR,
- };
+ const env = getChildProcessEnv(['COMPOSER_CACHE_DIR']);
const startTime = process.hrtime();
let cmd;
if (config.binarySource === 'docker') {
diff --git a/lib/manager/gomod/artifacts.js b/lib/manager/gomod/artifacts.js
index 25b2e57a8a..37a178620c 100644
--- a/lib/manager/gomod/artifacts.js
+++ b/lib/manager/gomod/artifacts.js
@@ -2,6 +2,7 @@ const { exec } = require('child-process-promise');
const fs = require('fs-extra');
const upath = require('upath');
const hostRules = require('../../util/host-rules');
+const { getChildProcessEnv } = require('../../util/env');
module.exports = {
updateArtifacts,
@@ -38,14 +39,7 @@ async function updateArtifacts(
}
await fs.outputFile(localGoModFileName, massagedGoMod);
const localGoSumFileName = upath.join(config.localDir, sumFileName);
- const env =
- global.trustLevel === 'high'
- ? process.env
- : {
- HOME: process.env.HOME,
- PATH: process.env.PATH,
- GOPATH: process.env.GOPATH,
- };
+ const env = getChildProcessEnv(['GOPATH']);
const startTime = process.hrtime();
let cmd;
if (config.binarySource === 'docker') {
diff --git a/lib/manager/npm/post-update/index.js b/lib/manager/npm/post-update/index.js
index 23f634d751..32ef316b82 100644
--- a/lib/manager/npm/post-update/index.js
+++ b/lib/manager/npm/post-update/index.js
@@ -8,6 +8,7 @@ const lerna = require('./lerna');
const yarn = require('./yarn');
const pnpm = require('./pnpm');
const hostRules = require('../../../util/host-rules');
+const { getChildProcessEnv } = require('../../../util/env');
module.exports = {
determineLockFileDirs,
@@ -365,17 +366,11 @@ async function getAdditionalFiles(config, packageFiles) {
process.env.npm_config_store ||
upath.join(config.cacheDir, './others/pnpm');
await fs.ensureDir(process.env.npm_config_store);
-
- const env =
- global.trustLevel === 'high'
- ? process.env
- : {
- HOME: process.env.HOME,
- PATH: process.env.PATH,
- NPM_CONFIG_CACHE: process.env.NPM_CONFIG_CACHE,
- YARN_CACHE_FOLDER: process.env.YARN_CACHE_FOLDER,
- npm_config_store: process.env.npm_config_store,
- };
+ const env = getChildProcessEnv([
+ 'NPM_CONFIG_CACHE',
+ 'YARN_CACHE_FOLDER',
+ 'npm_config_store',
+ ]);
env.NODE_ENV = 'dev';
let token = '';
diff --git a/lib/manager/pipenv/artifacts.js b/lib/manager/pipenv/artifacts.js
index fdf47edb0e..b595cf5ee4 100644
--- a/lib/manager/pipenv/artifacts.js
+++ b/lib/manager/pipenv/artifacts.js
@@ -1,6 +1,7 @@
const { exec } = require('child-process-promise');
const fs = require('fs-extra');
const upath = require('upath');
+const { getChildProcessEnv } = require('../../util/env');
module.exports = {
updateArtifacts,
@@ -31,16 +32,7 @@ async function updateArtifacts(
const localPipfileFileName = upath.join(config.localDir, pipfileName);
await fs.outputFile(localPipfileFileName, newPipfileContent);
const localLockFileName = upath.join(config.localDir, lockFileName);
- const env =
- global.trustLevel === 'high'
- ? process.env
- : {
- HOME: process.env.HOME,
- PATH: process.env.PATH,
- LC_ALL: process.env.LC_ALL,
- LANG: process.env.LANG,
- PIPENV_CACHE_DIR: process.env.PIPENV_CACHE_DIR,
- };
+ const env = getChildProcessEnv(['LC_ALL', 'LANG', 'PIPENV_CACHE_DIR']);
const startTime = process.hrtime();
let cmd;
if (config.binarySource === 'docker') {
diff --git a/lib/manager/poetry/artifacts.js b/lib/manager/poetry/artifacts.js
index cc3412e32c..b2999a1633 100644
--- a/lib/manager/poetry/artifacts.js
+++ b/lib/manager/poetry/artifacts.js
@@ -2,6 +2,7 @@ const upath = require('upath');
const process = require('process');
const fs = require('fs-extra');
const { exec } = require('child-process-promise');
+const { getChildProcessEnv } = require('../../util/env');
module.exports = {
updateArtifacts,
@@ -42,13 +43,7 @@ async function updateArtifacts(
await fs.outputFile(localPackageFileName, newPackageFileContent);
logger.debug(`Updating ${lockFileName}`);
const cwd = upath.join(config.localDir, subDirectory);
- const env =
- global.trustLevel === 'high'
- ? process.env
- : {
- HOME: process.env.HOME,
- PATH: process.env.PATH,
- };
+ const env = getChildProcessEnv();
let cmd;
// istanbul ignore if
if (config.binarySource === 'docker') {
diff --git a/lib/util/env.js b/lib/util/env.js
new file mode 100644
index 0000000000..070942ee6c
--- /dev/null
+++ b/lib/util/env.js
@@ -0,0 +1,24 @@
+function getChildProcessEnv(customEnvVars = []) {
+ const env = {};
+ if (global.trustLevel === 'high') {
+ return Object.assign(env, process.env);
+ }
+ const envVars = [
+ 'HTTP_PROXY',
+ 'HTTPS_PROXY',
+ 'NO_PROXY',
+ 'HOME',
+ 'PATH',
+ ...customEnvVars,
+ ];
+ envVars.forEach(envVar => {
+ if (typeof process.env[envVar] !== 'undefined') {
+ env[envVar] = process.env[envVar];
+ }
+ });
+ return env;
+}
+
+module.exports = {
+ getChildProcessEnv,
+};
diff --git a/test/util/env.spec.js b/test/util/env.spec.js
new file mode 100644
index 0000000000..237a173ed9
--- /dev/null
+++ b/test/util/env.spec.js
@@ -0,0 +1,33 @@
+const { getChildProcessEnv } = require('../../lib/util/env');
+
+describe('getChildProcess environment when trustlevel set to low', () => {
+ const envVars = ['HTTP_PROXY', 'HTTPS_PROXY', 'NO_PROXY', 'HOME', 'PATH'];
+ beforeEach(() => {
+ envVars.forEach(env => {
+ process.env[env] = env;
+ });
+ });
+ afterEach(() => {
+ envVars.forEach(env => delete process.env[env]);
+ });
+ it('returns default environment variables', () => {
+ expect(getChildProcessEnv()).toHaveProperty(...envVars);
+ });
+ it('returns environment variable only if defined', () => {
+ delete process.env.PATH;
+ expect(getChildProcessEnv()).not.toHaveProperty('PATH');
+ });
+ it('returns custom environment variables if passed and defined', () => {
+ process.env.LANG = 'LANG';
+ expect(getChildProcessEnv(['LANG'])).toHaveProperty(...envVars, 'LANG');
+ delete process.env.LANG;
+ });
+
+ describe('getChildProcessEnv when trustlevel set to high', () => {
+ it('returns process.env if trustlevel set to high', () => {
+ global.trustLevel = 'high';
+ expect(getChildProcessEnv()).toMatchObject(process.env);
+ delete global.trustLevel;
+ });
+ });
+});
--
GitLab