From a1aa0e80cf9397c367cd15626360a3a846bbd3e0 Mon Sep 17 00:00:00 2001 From: Patrick D'appollonio <930925+patrickdappollonio@users.noreply.github.com> Date: Sat, 14 Dec 2024 01:01:32 -0500 Subject: [PATCH] Include SIGKILL. Add GitHub Actions. --- .github/workflows/release.yaml | 51 ++++++++++++++++++++++++++++++++++ .github/workflows/test.yaml | 21 ++++++++++++++ README.md | 25 +++++++++++++---- src/main.rs | 5 ++++ 4 files changed, 97 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/release.yaml create mode 100644 .github/workflows/test.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..8515c63 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,51 @@ +name: Release Rust Application + +on: + release: + types: [created] + +permissions: + contents: write + +jobs: + release: + name: Release for ${{ matrix.target }} + strategy: + matrix: + include: + - target: aarch64-unknown-linux-gnu + os: ubuntu-latest + archive: linux-arm64 + - target: aarch64-apple-darwin + os: macos-latest + archive: darwin-arm64 + - target: x86_64-apple-darwin + os: macos-latest + archive: darwin-x86_64 + - target: x86_64-unknown-linux-gnu + os: ubuntu-latest + archive: linux-x86_64 + - target: x86_64-pc-windows-msvc + os: windows-latest + archive: windows-x86_64 + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v4 + - shell: bash + run: | + # Update the version in Cargo.toml + TAG_NAME="${{ github.event.release.tag_name }}" + TAG_NAME="${TAG_NAME#v}" + if [[ "${{ runner.os }}" == "macOS" ]]; then + sed -i"" -e "s/^version = .*/version = \"$TAG_NAME\"/" Cargo.toml + else + sed -i -e "s/^version = .*/version = \"$TAG_NAME\"/" Cargo.toml + fi + - uses: taiki-e/upload-rust-binary-action@v1 + with: + bin: gc-rust + archive: $bin-$tag-${{ matrix.archive }} + target: ${{ matrix.target }} + tar: unix + zip: windows + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000..c1570c1 --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,21 @@ +name: Test Rust Application + +on: + push: + +jobs: + test: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Setup Rust + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + override: true + + - name: Run tests + run: cargo test diff --git a/README.md b/README.md index 2f92b2a..5436f61 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # `dotenv` -**dotenv** is a small command-line utility that allows you to inject environment variables from a `.env` file into a command's environment before running it. It also supports a "strict" mode that only includes variables from the `.env` file plus a few common whitelist of essential environment variables, like `PATH`, `HOME` or even `SHLVL`. +**`dotenv`** is a small command-line utility that allows you to **inject environment variables from a `.env` file into a command's environment before running it.** It also supports a "strict" mode that only includes variables from the `.env` file without leaking potentially private environment variables, plus a few common whitelist of essential environment variables, like `PATH`, `HOME` or even `SHLVL`. - [`dotenv`](#dotenv) - [Features](#features) @@ -20,11 +20,12 @@ If an `.env` file is present in the current directory, `dotenv` loads it automatically. - **Named environments:** - Use `--environment ` to load variables from `~/.dotenv/.env`. + Use `--environment ` to load variables from `$HOME/.dotenv/.env`. - **Strict mode:** Use `--strict` to start the command with only the variables from the `.env` file and a minimal whitelist (like `PATH`, `HOME`, etc.). - The `.env` file itself can enforce strict mode by setting `DOTENV_STRICT=true`. + + The `.env` file itself can enforce strict mode by setting `DOTENV_STRICT=true` without needing to specify `--strict`. - **Transparent command execution:** After loading the environment variables, `dotenv` executes the specified command, passing all arguments along. @@ -32,13 +33,27 @@ - **Compatibility with commands requiring their own flags:** Use a double dash (`--`) to signal that subsequent arguments belong to the executed command, not to `dotenv`. +- **Death signal propagation:** + If the parent is killed by a `SIGTERM` or `SIGKILL` signal, the child process is also killed using `PR_SET_PDEATHSIG` *(only available in Linux)*. + ## Installation ### Precompiled Binaries Precompiled binaries for Linux, macOS, and Windows are available on the [Releases page](https://github.com/patrickdappollonio/dotenv/releases). -Download the binary for your platform, then move it to a directory in your `PATH`. +Download the binary for your platform, then move it to a directory in your `$PATH`, or use `install`: + +```bash +$ ls +dotenv + +# add executable permissions +$ chmod +x dotenv + +# install it to /usr/local/bin +$ sudo install -m 755 dotenv /usr/local/bin/dotenv +``` ### Rust and Cargo @@ -85,7 +100,7 @@ If you prefer custom environment variables, you can overwrite `dotenv`'s default Any file here named `.env` can be loaded by specifying `--environment ` or `-e `: ```bash -$ cat ~/.dotenv/example.env +$ cat $HOME/.dotenv/example.env FOO=bar $ dotenv --environment example -- printenv FOO diff --git a/src/main.rs b/src/main.rs index 8778b66..db4a85d 100644 --- a/src/main.rs +++ b/src/main.rs @@ -118,6 +118,11 @@ fn main() -> Result<()> { return Err(Error::last_os_error()); } + // Set the parent-death signal to SIGKILL + if libc::prctl(libc::PR_SET_PDEATHSIG, libc::SIGKILL, 0, 0, 0) != 0 { + return Err(Error::last_os_error()); + } + // Double-check parent PID let ppid = libc::getppid(); if ppid == 1 {