Exporting environment variables in CMD do not persist in next command

marschro commented 7 months ago

[MANDATORY] Describe the bug [MANDATORY] I have the following Bastillefile:

ARG ENV_FOO
ARG ENV_BAR

CMD export FOO=${ENV_FOO}
CMD export BAR=${ENV_BAR}

CMD echo $FOO
CMD echo "expected output should be 'Foo' - but is empty. env variable is not set in consecutive commands"

Setting environment variables is not possible with this approach.
I currently set environment variables with the following workaround:
```
CMD env APP_PHX_SERVER=${app_phx_server} env APP_DATABASE_URL=${app_database_url} env APP_SECRET_KEY_BASE=${app_secret_key_base} boot_my_app"
```
... which is working but is not readable and not well maintainable as along long one-liner (there are much more variables to set in my real project)

[MANDATORY] Bastille and FreeBSD version (paste bastille -v && freebsd-version -kru output)

0.10.20231125
14.0-RELEASE-p6
shell is posix compliant (sh)

[MANDATORY] How did you install bastille? (port/pkg/git)

pkg

[optional] Steps to reproduce?

none

[optional] Expected behavior

Environment variables that are exported in a CMD should be accessible in the following CMDs

[optional] Screenshots

none

[optional] Additional context

I checked multiple things, also sourcing a rendered .env file. These sourced variables also do not persist...
I generally do not understand, why that happens.
I guess, the process, that "terraforms" the jail is different from those, executing the commands...?
It might be, that I completely lack the knowledge and doing sth obviously wrong...

michael-o commented 6 months ago

I don't consider this is a bug. Each CMD is completely standalone. That would require a new ENV section.

marschro commented 5 months ago

Thanks, @michael-o - I guessed that already. An ENV section for the future would probably be nice. For now it works.

I would also be interested, how other people solve this. Another way to do that is, a script, that is rendered with the variables, by Bastille, then is executed, and right after deleted... as one does not want to values to be somewhere readable in a file on the server. Or would you say, that this is fine, or what would be best practice here?

I guess I can close this then - or is that something to keep? Kind regards, Martin

yaazkal commented 4 months ago

A script is usually the way to go. You can check something like the wordpress template as an example.

marschro commented 3 months ago

A script is usually the way to go. You can check something like the wordpress template as an example.

Hi @yaazkal - yes. I had that also first. But that means that I have to write the secure credentials into that script file. Alternatively, could RENDER the credentials, provided by the CI/CD system to that script file. But... then I still have the credentials written to a file in the system what I want to avoid. I could then after starting the system, delete the file again... but that all feels like "von hinten durch die Brust".

Does anyone know if I could at least write multiline in the Bastillefile ? like so...

CMD do this \
 do one thing \
 and then another \
 and so on

michael-o commented 3 months ago

@marschro ...durch die Brust in die Anus

BastilleBSD / bastille

Exporting environment variables in CMD do not persist in next command #696