feat: load every environment from --env-file to workflow (#184)

* feat: load every environment from --env-file to workflow

* fix: pass dotenv's environments through by context

* updates to support --secret-file

Co-authored-by: Casey Lee <cplee@nektos.com>

pkg/runner/run_context.go

@@ -45,7 +45,7 @@ type stepResult struct {
 // GetEnv returns the env for the context
 func (rc *RunContext) GetEnv() map[string]string {
 	if rc.Env == nil {
-		rc.Env = mergeMaps(rc.Run.Workflow.Env, rc.Run.Job().Env)
+		rc.Env = mergeMaps(rc.Config.Env, rc.Run.Workflow.Env, rc.Run.Job().Env)
 	}
 	return rc.Env
 }

pkg/runner/runner.go

@@ -24,6 +24,7 @@ type Config struct {
 	ReuseContainers bool              // reuse containers to maintain state
 	ForcePull       bool              // force pulling of the image, if already present
 	LogOutput       bool              // log the output from docker run
+	Env             map[string]string // env for containers
 	Secrets         map[string]string // list of secrets
 	Platforms       map[string]string // list of platforms
 }

pkg/runner/runner_test.go

@@ -3,7 +3,6 @@ package runner
 import (
 	"context"
 	"fmt"
-	"os"
 	"path/filepath"
 	"testing"
 
@@ -110,18 +109,8 @@ func TestRunEventSecrets(t *testing.T) {
 	workdir, err := filepath.Abs("testdata")
 	assert.NilError(t, err, workflowPath)
 
-	_ = godotenv.Load(filepath.Join(workdir, workflowPath, ".env"))
-
-	secrets := make(map[string]string)
-	for _, secret := range []string{
-		"MY_SECRET",
-		"MULTILINE_SECRET",
-		"JSON_SECRET",
-	} {
-		if env, ok := os.LookupEnv(secret); ok && env != "" {
-			secrets[secret] = env
-		}
-	}
+	env, _ := godotenv.Read(filepath.Join(workdir, workflowPath, ".env"))
+	secrets, _ := godotenv.Read(filepath.Join(workdir, workflowPath, ".secrets"))
 
 	runnerConfig := &Config{
 		Workdir:         workdir,
@@ -129,6 +118,7 @@ func TestRunEventSecrets(t *testing.T) {
 		Platforms:       platforms,
 		ReuseContainers: false,
 		Secrets:         secrets,
+		Env:             env,
 	}
 	runner, err := New(runnerConfig)
 	assert.NilError(t, err, workflowPath)

pkg/runner/testdata/secrets/.actrc

@@ -1,4 +1,2 @@
 -W .
--s MY_SECRET
--s MULTILINE_SECRET
--s JSON_SECRET
+--secret-file .secrets

pkg/runner/testdata/secrets/.env

@@ -1,3 +1,2 @@
-MY_SECRET=top-secret
-MULTILINE_SECRET="foo\nbar\nbaz"
-JSON_SECRET={"foo": "bar"}
+HELLO=WORLD
+MULTILINE_ENV="foo\nbar\nbaz"

pkg/runner/testdata/secrets/.secrets

@@ -0,0 +1,3 @@
+MY_SECRET=top-secret
+MULTILINE_SECRET="foo\nbar\nbaz"
+JSON_SECRET={"foo": "bar"}

pkg/runner/testdata/secrets/push.yml

@@ -11,3 +11,7 @@ jobs:
           echo "${{secrets.MULTILINE_SECRET}}" | wc -l | grep 3
       - run: |
           echo '${{secrets.JSON_SECRET}}' | grep "{\"foo\": \"bar\"}"
+      - run: |
+          echo '${{env.HELLO}}' | grep "WORLD"
+      - run: |
+          echo "${{env.MULTILINE_ENV}}" | wc -l | grep 3