teach eden to resolve THRIFT_TLS_CL_CERT_PATH in configs

Summary:
This stack updates eden to be able to check all of the locations that able
users certificate may reside.

THRIFT_TLS_CL_CERT_PATH is usally set with the location for the users x509
certs. So it seems best to check this location. In order to be able to check
this location, we need to be able to resolve the enviroment variable in our
parsing.

Reviewed By: wez, genevievehelsel

Differential Revision: D23359815

fbshipit-source-id: 2008cc52ab64d23dbcfda41292a60a4bf77a80df
This commit is contained in:
Katie Mancini 2020-09-15 10:15:44 -07:00 committed by Facebook GitHub Bot
parent deb57a25ed
commit 903532758e
3 changed files with 19 additions and 1 deletions

View File

@ -395,6 +395,9 @@ void EdenConfig::parseAndApplyConfigFile(
attrMap["HOME"] = userHomePath_.value();
attrMap["USER"] = userName_;
attrMap["USER_ID"] = std::to_string(userID_);
if (auto certPath = std::getenv("THRIFT_TLS_CL_CERT_PATH")) {
attrMap["THRIFT_TLS_CL_CERT_PATH"] = certPath;
}
try {
std::string fileContents;

View File

@ -15,10 +15,11 @@ using folly::Expected;
using std::string;
namespace {
constexpr std::array<folly::StringPiece, 3> kEnvVars = {
constexpr std::array<folly::StringPiece, 4> kEnvVars = {
folly::StringPiece{"HOME"},
folly::StringPiece{"USER"},
folly::StringPiece{"USER_ID"},
folly::StringPiece{"THRIFT_TLS_CL_CERT_PATH"},
};
/**

View File

@ -431,6 +431,20 @@ TEST_F(EdenConfigTest, variablesExpandInPathOptions) {
EXPECT_EQ(
getConfig().userIgnoreFile.getValue(),
normalizeBestEffort("/var/user/42/myignore"));
#ifndef _WIN32
setenv("THRIFT_TLS_CL_CERT_PATH", "edenTest", 1);
#else
_putenv_s("THRIFT_TLS_CL_CERT_PATH", "edenTest");
#endif
writeFile(
userConfigPath,
"[core]\n"
"ignoreFile=\"/var/user/${THRIFT_TLS_CL_CERT_PATH}/myignore\"\n"_sp)
.throwIfFailed();
EXPECT_EQ(
getConfig().userIgnoreFile.getValue(),
normalizeBestEffort("/var/user/edenTest/myignore"));
}
TEST_F(EdenConfigTest, missing_config_files_never_change) {