#general
Title
h
high-egg-2153
01/05/2021, 7:02 PMLooks like when running a PEX I can access environment variables. Wondering if there is a way to have pants add variables to the environment when running a PEX. Also wondering if it can be done in a way that is user specific. Something like how gradle handles local.properties.
The specific use case I'm thinking of is when there is a utility that requires sensitive information. Perhaps a utility that requires a username and password. Only certain users should have the credentials and they shouldn't be added to source control. Users with access might have something like a .pants file containing the environment variables, which is ignored by git.
Anything like this exist?
h
happy-kitchen-89482
01/06/2021, 7:43 AMHmm, the
env_vars[subprocess-environment]./pants help-advanced subprocess-environmentAlso when running tests you can use
extra_env_vars[test]But I don't think there's a way to set arbitrary env vars on non-test processes. Wouldn't be hard to add though.
Oh, just realized I might be misunderstanding. Are you referring to setting env vars when Pants runs a pex file as part of its own operation, or somehow "baking" env vars into the pex files it creates when you run
./pants packageh
high-egg-2153
01/06/2021, 12:24 PMI think the former. So I don't want to bake them in. I'll make up a totally fictitious example. When developer A runs ./pants run utilities:generate it see a file named .pants_local containing a list of properties that are turned into environment variables. In this case the file might contain the user name and password for developer A's local database. Developer B also has a .pants_local file that has their specific properties. Neither A's or B's .pants_local file would get committed to source control. If the utility were deployed into production there would be no .pants_local file and the production user name and password would come from the production environment.
h
happy-kitchen-89482
01/06/2021, 9:57 PMI see, so it's specifically for
./pants runWhen asking pants to run your own code
That seems very reasonable to add, let me take a look
h
high-egg-2153
01/07/2021, 12:30 PMWow you guys are quick.
h
hundreds-father-404
01/07/2021, 3:30 PM@happy-kitchen-89482 the run goal already intentionally leaks in all env vars; we don't scrub it. Are you seeing differently @high-egg-2153?
h
high-egg-2153
01/07/2021, 3:34 PMYes, I was seeing that environment variables are available. The difference with the solution as I understood it was that now I could specify additional environment variables in a file that would get added to the run environment. That way each developer could have a local file with their specific variables.
h
hundreds-father-404
01/07/2021, 3:35 PMAh I see, that makes sense
Before we hit merge, have you heard of direnv? I'm wondering if that might work instead for your use case?
(I think we prob want this PR either way, but trying to stress test it)
h
high-egg-2153
01/07/2021, 3:37 PMNope - but that could potentially give me what I was asking for.
h
hundreds-father-404
01/07/2021, 3:39 PMI think we will still want this because it allows you to hardcode env vars in pants.toml, which could be useful. Plus parity with the test goal
👍 1
h
happy-kitchen-89482
01/07/2021, 7:10 PMI was unaware that we passed in the entire Pants env, although that makes sense.
h
hundreds-father-404
01/07/2021, 7:11 PMyeah formalized in https://github.com/pantsbuild/pants/pull/10701
h
happy-kitchen-89482
01/07/2021, 7:23 PMSo the "inherit this value from the environment" variant is redundant in this case
👍 1
Possibly my change is not necessary then, if direnv can work
although I guess it might be nice to support the
@fromfile4 Views