fix: allow local .env override

supabase · Nov 19, 2024 · 2aabe10 · 2aabe10
1 parent 3e8eccc
commit 2aabe10
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 6 deletions.
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -404,8 +404,10 @@ func (c *config) loadFromEnv() error {
 // Load the encrypted secrets build env variables as default values
 func (c *config) loadDefaultSecretsEnvs() error {
 	for envName, encryptedValue := range c.Secrets.BuildEnvs {
-		if err := os.Setenv(envName, encryptedValue); err != nil {
-			return fmt.Errorf("failed to set build env %s: %w", envName, err)
+		if os.Getenv(envName) == "" {
+			if err := os.Setenv(envName, encryptedValue); err != nil {
+				return fmt.Errorf("failed to set build env %s: %w", envName, err)
+			}
 		}
 	}
 	return nil
@@ -435,16 +437,16 @@ func (c *config) Load(path string, fsys fs.FS) error {
 			}
 		}
 	}
+	// Load default secrets build env variables
+	if err := c.loadDefaultSecretsEnvs(); err != nil {
+		return err
+	}
 	// Load secrets from .env file
 	if err := loadDefaultEnv(); err != nil {
 		return err
 	} else if err := c.loadFromEnv(); err != nil {
 		return err
 	}
-	// Load default secrets build env variables
-	if err := c.loadDefaultSecretsEnvs(); err != nil {
-		return err
-	}
 
 	// Generate JWT tokens
 	if len(c.Auth.AnonKey) == 0 {

diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go
@@ -29,6 +29,29 @@ func TestConfigParsing(t *testing.T) {
 	})
 
 	t.Run("config file with environment variables", func(t *testing.T) {
+		config := NewConfig()
+		// Setup in-memory fs
+		fsys := fs.MapFS{
+			"supabase/config.toml":           &fs.MapFile{Data: testInitConfigEmbed},
+			"supabase/templates/invite.html": &fs.MapFile{},
+		}
+		// Run test
+		t.Setenv("TWILIO_AUTH_TOKEN", "token")
+		t.Setenv("AZURE_CLIENT_ID", "hello")
+		t.Setenv("AZURE_SECRET", "this is cool")
+		t.Setenv("AUTH_SEND_SMS_SECRETS", "v1,whsec_aWxpa2VzdXBhYmFzZXZlcnltdWNoYW5kaWhvcGV5b3Vkb3Rvbw==")
+		t.Setenv("SENDGRID_API_KEY", "sendgrid")
+		t.Setenv("AUTH_CALLBACK_URL", "http://localhost:3000/auth/callback")
+		assert.NoError(t, config.Load("", fsys))
+		// Check error
+		assert.Equal(t, "hello", config.Auth.External["azure"].ClientId)
+		assert.Equal(t, "this is cool", config.Auth.External["azure"].Secret)
+		assert.Equal(t, []string{
+			"https://127.0.0.1:3000",
+			"http://localhost:3000/auth/callback",
+		}, config.Auth.AdditionalRedirectUrls)
+	})
+	t.Run("config file with secrets env", func(t *testing.T) {
 		config := NewConfig()
 		// Setup in-memory fs
 		fsys := fs.MapFS{