Propagate base image's environment variable config to built image

[TadCordle]

Part of #595. Also did a small bit of refactoring/error checking for translating between environment variable list/map

[chanseokoh]

Later we will have the ability to add (not overwrite) env variables, right?

[TadCordle]

Possibly, I'm not sure what the plan is for that.

[coollog]

Yea, I think environment variables should be overwritten only at the specific variable level, and not at the entire environment level.

[coollog]

So it could be like initialize imageBuilder with the base image, then apply overwrites from buildConfiguration.

[chanseokoh]

I see this PR does not change the current behavior, but I'm just wondering if any kind of escaping should also be considered. Do we have to convert this to a list? Maybe changing some API, we could pass the map and don't worry about escaping at all, although I admit it'd be very rare to have = in a variable name.

[TadCordle]

Yeah, I definitely think this can be more bullet proof. Actually I think this breaks if there's an = in the value, not just the name.

Edit: Not this, the opposite conversion in JsonToImageTranslator

[coollog]

Hmm I think we might want to guard this at the environment-setting level - so maybe we might need to have a separate Environment class to be this abstraction (like mentioned in #15)

[TadCordle]

We can handle this when we handle #15 then?

[coollog]

Maybe we can just throw an IllegalArgumentException for now?

[coollog]

Hmm I think we might want to guard this at the environment-setting level - so maybe we might need to have a separate Environment class to be this abstraction (like mentioned in #15)

[coollog]

I believe environment variable names can actually contain any character (http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html) - These strings have the form name=value; names shall not contain the character '='., so we should probably have this pattern be like (.*?)=(.*).

[TadCordle]

Here it says:

env: (array of strings, OPTIONAL) with the same semantics as IEEE Std 1003.1-2008's environ.

And in the link you shared:

Environment variable names used by the utilities in the Shell and Utilities volume of IEEE Std 1003.1-2001 consist solely of uppercase letters, digits, and the '_' (underscore) from the characters defined in Portable Character Set and do not begin with a digit

[coollog]

Yep, for environment variables used in shell utilities (like bash), the names shouldn't consist of anything besides the alphanumerics, but for process environment variables, the definition is more lenient to allow any character besides =.

[TadCordle]

reading is hard

[TadCordle]

Shouldn't we make sure the name has at least one character though? I think what you gave will match something like "=ABC". Is that valid?

[coollog]

That’s a good point - let’s change the star to a plus.

[TadCordle]

That matches "====", I think ([^=].*?)=(.*) should work

[coollog]

Yea, I think having = in the value is okay

[coollog]

We could prob just have a real Image since there's nothing in Image that needs to be mocked.

[coollog]

Might want to call this like assertGoodEnvironmentPattern

[coollog]

nit: Propagates environment variables from base image...

[chanseokoh]

This seems weird. ([^=].*?) matches any string that doesn't start with =. I think it's conceptually correct to say ([^=]+).

[chanseokoh]

So as a concrete example,

    Pattern pattern = Pattern.compile("([^=].*?)");
    Matcher matcher = pattern.matcher("ab==c==d");
    matcher.matches();
    System.out.println(matcher.group(1));

It prints out ab==c==d.

[TadCordle]

Yeah I guess within the context of the rest of the expression, a name containing an = would only be detected if it started with an =. But yours makes more sense and is easier to read.

[briandealwis]

Suggestions only, take 'em or leave 'em as you see fit.

[briandealwis]

When patterns are far away from their use, it can help to use a named group (e.g., matcher.group("name") and matcher.group("value")).

[coollog]

+1 We should probably do this for some of the other regex patterns too.

[briandealwis]

I wonder if this could be simplified by instead having just a imageBuilder.addEnvironment():

+      // Initialize to environment from base image
+      imageBuilder.addEnvironment(
+          NonBlockingSteps.get(pullBaseImageStep).getBaseImage().getEnvironment());
+      // override with configured environment
+      if (buildConfiguration.getEnvironment() != null) {
+         imageBuilder.addEnvironment(buildConfiguration.getEnvironment());
+      }

[briandealwis]

This is exactly what Preconditions.checkArgument() does?

[briandealwis]

If you like streams, you could simplify this a bit:

    Preconditions.checkArgument(
        Iterables.any(environment.keySet(), s -> s.contains("=")),
        "Environment variable name cannot contain '='");
    return environment
        .entrySet()
        .stream()
        .map(entry -> entry.getKey() + "=" + entry.getValue())
        .collect(ImmutableList.toImmutableList());

[coollog]

It might be good to include the illegal name in the message.

[coollog]

nit: constants should be in all caps

[coollog]

Gonna leave LGTM to after addressing @briandealwis 's comments.

[chanseokoh]

I'm thinking this is no different from and just could be environmentBuilder.putAll(environment), am I right? You are just putting references to objects (Strings in this case) into the builder, not like you are doing a deep copy of String instances. (And Strings are immutable, so there is no point of deep copying, actually.) Am I right?

[TadCordle]

Sounds right to me.

[chanseokoh]

I think it looks good generally.

[chanseokoh]

key -> key.contains("=") seems more readable.

[chanseokoh]

ENVIRONMENT_PATTERN too.

[chanseokoh]

Since the parameter of addEnvironment() is @Nullable, we could probably remove the null check.

[coollog]

LGTM - will let someone else give final approval

[coollog]

Or, even more clear may be s/key/variableName/

[TadCordle]

I like key more since it's descriptive about which part of the map itself it's dealing with. And we can still tell that the key corresponds to the name with the error message right below.

Approval delegated