Open umglurf opened 1 day ago
Just coming on to report this as well. We use quite a few ENV vars set in the the docker container running Semaphore, and inventory, and playbooks are no longer working as they require the ENV vars for authentication and configuration.
Reporting as well, closed my own issue #2467 as a duplicate. Reverting to v2.10.31 resolved the problem.
This breaks for me as well – I have a few environment variables for proxy settings and installing private galaxy roles configured...
Added env vars to config file. PR: https://github.com/semaphoreui/semaphore/pull/2470
Is is solution the issue?
Added env vars to config file. PR: #2470
Is is solution the issue?
It would solve the issue, but as commented in the PR by @Omicron7, having a whitelist of environment variables would be preferable.
Issue
This security fix breaks many legitimate workflows by removing every single environment variable before running a pipeline. I have several environment variables that I have set that I need to pass on the ansible run. On of them is for instance
HTTPS_PROXY
, now the pipelines are unable to reach out because this is no longer passed on. Instead of removing every environment variable, would it be possible to use a user configurarable whitelist?Impact
Ansible (task execution)
Installation method
Docker
Database
Postgres
Browser
No response
Semaphore Version
2.10.32-f33944e-1729509092
Ansible Version
No response
Logs & errors
No response
Manual installation - system information
No response
Configuration
No response
Additional information
No response