feat: enhance environment variable handling for shell commands

- Added `prepareEnvironmentVariablesForShell` function to properly escape environment variables for shell usage.
- Updated various builders (Docker, Heroku, Nixpacks, Paketo, Railpack) to utilize the new function for improved handling of special characters in environment variables.
- Introduced tests to validate the handling of environment variables with various special characters, ensuring robustness in shell command execution.
- Added `shell-quote` dependency to manage quoting of shell arguments effectively.
This commit is contained in:
Mauricio Siu
2025-11-19 21:17:09 -06:00
parent 42a4cc7fff
commit af2b053caa
10 changed files with 368 additions and 19 deletions

View File

@@ -1,7 +1,8 @@
import {
getEnviromentVariablesObject,
prepareEnvironmentVariables,
prepareEnvironmentVariablesForShell,
} from "@dokploy/server/utils/docker/utils";
import { quote } from "shell-quote";
import {
getBuildAppDirectory,
getDockerContextPath,
@@ -40,14 +41,14 @@ export const getDockerCommand = (application: ApplicationNested) => {
commandArgs.push("--no-cache");
}
const args = prepareEnvironmentVariables(
const args = prepareEnvironmentVariablesForShell(
buildArgs,
application.environment.project.env,
application.environment.env,
);
for (const arg of args) {
commandArgs.push("--build-arg", `'${arg}'`);
commandArgs.push("--build-arg", arg);
}
const secrets = getEnviromentVariablesObject(
@@ -57,7 +58,7 @@ export const getDockerCommand = (application: ApplicationNested) => {
);
const joinedSecrets = Object.entries(secrets)
.map(([key, value]) => `${key}='${value.replace(/'/g, "'\"'\"'")}'`)
.map(([key, value]) => `${key}=${quote([value])}`)
.join(" ");
for (const key in secrets) {