MCPcopy
hub / github.com/docker/compose / checkEnvironmentVariables

Method checkEnvironmentVariables

pkg/compose/publish.go:428–451  ·  view source on GitHub ↗

checkEnvironmentVariables walks every compose file that will be serialized into the OCI artifact (the top-level files plus any local extends parents) and prompts the user to confirm before publishing: 1. service env_file declarations and literal environment values whose key name looks sensitive (pa

(ctx context.Context, project *types.Project, options api.PublishOptions)

Source from the content-addressed store, hash-verified

426// in the published YAML and don't leak the resolved value; the keyword
427// detector's value regex skips them automatically.
428func (s *composeService) checkEnvironmentVariables(ctx context.Context, project *types.Project, options api.PublishOptions) error {
429 if len(project.ComposeFiles) == 0 {
430 return nil
431 }
432
433 findings, err := collectEnvCheckFindings(ctx, project)
434 if err != nil {
435 return err
436 }
437
438 if !options.WithEnvironment && findings.hasEnvFinding() {
439 if err := s.confirmOrCancel(buildEnvPromptMessage(findings.services)); err != nil {
440 return err
441 }
442 }
443
444 if len(findings.configsLiteralContent) > 0 {
445 if err := s.confirmOrCancel(buildConfigContentPromptMessage(findings.configsLiteralContent)); err != nil {
446 return err
447 }
448 }
449
450 return nil
451}
452
453// confirmOrCancel runs an interactive yes/no prompt and returns:
454// - the prompt's error verbatim, if it failed;

Calls 5

confirmOrCancelMethod · 0.95
collectEnvCheckFindingsFunction · 0.85
buildEnvPromptMessageFunction · 0.85
hasEnvFindingMethod · 0.80