search

zalando-stups / senza

Deploy immutable application stacks and create and execute AWS CloudFormation templates in a sane way
https://pypi.python.org/pypi/stups-senza
Other
96 stars 72 forks source link

special characters within parameters are made html safe #459

Closed imduffy15 closed 7 years ago

imduffy15 commented 7 years ago

Mustache appears to be doing some escaping on parameters by default.

The following was passed as a parameter:

jdbc:postgresql://localhost:5432/database?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory

It was then used as an environment variable:

TaupageConfig:
    environment:
        JDBC_URL: "{{Arguments.jdbcUrl}}"

In the instance userdata script the following was seen:

jdbc:postgresql://localhost:5432/database?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory

Note the & which resulted in the application failing to deploy.

Workaround for now, was to use JDBC_URL: "{{{Arguments.jdbcUrl}}}" as the environment variable not the three braces instead of two. Didn't see this workaround documented anywhere.

hjacobs commented 7 years ago

@imduffy15 yes, I was aware of this problem, but I never ran into it (never passed something with "&" as parameter). Feel free to open a PR here or in stups-docs to document the workaround.

imduffy15 commented 7 years ago

PR opened, closing.

https://github.com/zalando-stups/documentation/pull/114