we kept the script environment as small as possible but have the possibility to add additional env values via PDS_SCRIPT_ENV_WHITELIST.
We have here 3 problems:
Problem 1: Setup for every environment necessary
It works, but there is a need to handle/setup this in any kind of environment again and again
(e.g. local, local testing, builds (github,jenkins), k83s helm, system tests etc. etc.)
After all: too much complicated to configure and so error prone...
Problem 2: Multiple products on same PDS will have both access
Multiple products on same PDS will have both access to the whitelisted parts - even when not
necessary.
Problem 3: Not clear at first sight
It is not clear on first glimpse which product has additional script variable access or not.
Wanted
It shall be no configuration effort any more
It shall be clear for an administrator what is whitelisted for a product by first glimpse
It shall be possible to define a env whitelist setup for each product
Solution
We change the existing implementation in a way, that no longer a env variable PDS_SCRIPT_ENV_WHITELIST is used for the comma separated list, but we move the information to the pds configuration file instead by providing a new (optional) field envWhitelist.
Situation
With
3142
we kept the script environment as small as possible but have the possibility to add additional env values via
PDS_SCRIPT_ENV_WHITELIST
.We have here 3 problems:
Problem 1: Setup for every environment necessary
It works, but there is a need to handle/setup this in any kind of environment again and again (e.g. local, local testing, builds (github,jenkins), k83s helm, system tests etc. etc.)
After all: too much complicated to configure and so error prone...
Problem 2: Multiple products on same PDS will have both access
Multiple products on same PDS will have both access to the whitelisted parts - even when not necessary.
Problem 3: Not clear at first sight
It is not clear on first glimpse which product has additional script variable access or not.
Wanted
Solution
We change the existing implementation in a way, that no longer a env variable
PDS_SCRIPT_ENV_WHITELIST
is used for the comma separated list, but we move the information to the pds configuration file instead by providing a new (optional) fieldenvWhitelist
.Example:
Also the PDS startup summary shall show the envWhitelist entries.