Closed Kunamatata closed 1 year ago
--include
renamed to --only-secrets
❯ ./doppler run --only-secrets STRIPE_KEY,DB_URL -- env | rg "STRIPE_KEY|DB_URL"
DB_URL=psql://elon@localhost/modelX
STRIPE_KEY=sk_test_mKciizZfpXhQgXoNZmzECVN
--only-secrets
and -i
(shorthand for the flag) with 1 nonexisting secret name
❯ ./doppler run -i STRIPE_KEY,DOES_NOT_EXIST -- printenv STRIPE_KEY
Doppler Error: the following secrets you are trying to include do not exist in your config:
DOES_NOT_EXIST
-i
with two non existing secrets
❯ ./doppler run -i STRIPE_KEY,DOES_NOT_EXIST,MAYBE_THIS -- printenv STRIPE_KEY
Doppler Error: the following secrets you are trying to include do not exist in your config:
DOES_NOT_EXIST
MAYBE_THIS
--only-secrets
works with --mount
❯ ./doppler run --only-secrets STRIPE_KEY,DB_URL --mount mount.json -- cat mount.json
{"DB_URL":"psql://user@localhost/my_db","STRIPE_KEY":"sk_test_mKciizZfpXhQgXoNZmzECVN"}%
--only-secrets
with --no-exit-on-missing-included-secrets
❯ ./doppler run --only-secrets STRIPE_KEY,DOES_NOT_EXIST --no-exit-on-missing-included-secrets -- printenv STRIPE_KEY
Warning: the following secrets you are trying to include do not exist in your config:
DOES_NOT_EXIST sk_test_mKciizZfpXhQgXoNZmzECVN
CheckForDangerousSecretNames
function and dangerousSecretNames
list
@Piccirello I have questions in the comments above.Would we be cool with --no-exit
instead of the very verbose --no-exit-on-missing-included-secrets
utils.PrintWarning
with utils.LogWarning
so that we log to stderr
not to stdout
Ready for re-review.
chore:
prefix to Filter Map commitStringSliceVarP
with StringSliceVar
--no-exit-on-missing-only-secrets
question here: https://github.com/DopplerHQ/cli/pull/341#discussion_r1014976897Way to go on your first CLI feature PR, @Kunamatata!
Description
This pull request contains updates to address the possibility of RCE (Remote Code Execution)
It introduces the following new features for the
doppler run
command:--only-secrets
to only include the specified secrets. This new flag will error if a specified secret does not exist in the current config--no-exit-on-missing-only-secrets
will prevent exiting on an error of the--only-secrets
flagCheck for dangerous secret names via the
CheckForDangerousSecretNames(...)
function (will not run when--mount
is provided):"PERL5OPT", "PYTHONWARNINGS", "BROWSER" "HOSTNAME" "PHPRC" "NODE_VERSION" "NODE_OPTIONS"
NOTE: All
DOPPLER_
variables will not be included by default when setting the--include
(-i
) flag without specifying them.Scenarios
PSA: The logs about the environment variable being included is part of the
./app.js
. These are not logged by thedoppler
cliNote: the
--include
flag in the images below has been replaced with--only-secrets
Trying to include secrets that do not exist in the config:
./doppler run --include "SECRET_1,SECRET_2,SECRET_3" -- node ./app.js
Including a secret that exists
./doppler run --include "DB_URL" -- node ./app.js
Including multiple secrets that exist
./doppler run --include "DB_URL,STRIPE_KEY,LOGGING" -- node ./app.js
Including multiple secrets that exist but one that does not exist
./doppler run --include "DB_URL,STRIPE_KEY,LOGGING,DOES_NOT_EXIST" -- node ./app.js
Same as above but with
--no-exit-on-missing-included-secrets
:./doppler run --include "DB_URL,STRIPE_KEY,LOGGING,DOES_NOT_EXIST" --no-exit-on-missing-included-secrets -- node ./app.js
Dangerous Secret Name Detected:
./doppler run -- node ./app.js
Dangerous Secret Name Detected with
--include
./doppler run --include "DB_URL,STRIPE_KEY,LOGGING" -- node ./app.js
Closes #322