implement preserving env from host into vm in shell command

Signed-off-by: olalekan odukoya <odukoyaonline@gmail.com>

Author: olamilekan000

cmd/limactl/shell.go

@@ -19,6 +19,7 @@ import (
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 
+	"github.com/lima-vm/lima/v2/pkg/envutil"
 	"github.com/lima-vm/lima/v2/pkg/instance"
 	"github.com/lima-vm/lima/v2/pkg/ioutilx"
 	"github.com/lima-vm/lima/v2/pkg/limayaml"
@@ -54,6 +55,7 @@ func newShellCommand() *cobra.Command {
 	shellCmd.Flags().String("shell", "", "Shell interpreter, e.g. /bin/bash")
 	shellCmd.Flags().String("workdir", "", "Working directory")
 	shellCmd.Flags().Bool("reconnect", false, "Reconnect to the SSH session")
+	shellCmd.Flags().Bool("preserve-env", false, "Propagate environment variables to the shell")
 	return shellCmd
 }
 
@@ -178,7 +180,24 @@ func shellAction(cmd *cobra.Command, args []string) error {
 	} else {
 		shell = shellescape.Quote(shell)
 	}
-	script := fmt.Sprintf("%s ; exec %s --login", changeDirCmd, shell)
+	// Handle environment variable propagation
+	var envPrefix string
+	preserveEnv, err := cmd.Flags().GetBool("preserve-env")
+	if err != nil {
+		return err
+	}
+	if preserveEnv {
+		filteredEnv := envutil.FilterEnvironment()
+		if len(filteredEnv) > 0 {
+			envVars := make([]string, len(filteredEnv))
+			for i, envVar := range filteredEnv {
+				envVars[i] = shellescape.Quote(envVar)
+			}
+			envPrefix = "env " + strings.Join(envVars, " ") + " "
+		}
+	}
+
+	script := fmt.Sprintf("%s ; exec %s%s --login", changeDirCmd, envPrefix, shell)
 	if len(args) > 1 {
 		quotedArgs := make([]string, len(args[1:]))
 		parsingEnv := true

cmd/nerdctl.lima

@@ -1,3 +1,3 @@
 #!/bin/sh
 set -eu
-exec lima nerdctl "$@"
+exec limactl shell --preserve-env default nerdctl "$@"

pkg/envutil/envutil.go

@@ -0,0 +1,146 @@
+// SPDX-FileCopyrightText: Copyright The Lima Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package envutil
+
+import (
+	"os"
+	"strings"
+
+	"github.com/sirupsen/logrus"
+)
+
+// BuiltinBlocklist contains environment variables that should not be propagated by default.
+var BuiltinBlocklist = []string{
+	"BASH*",
+	"DISPLAY",
+	"DYLD_*",
+	"EUID",
+	"FPATH",
+	"GID",
+	"GROUP",
+	"HOME",
+	"HOSTNAME",
+	"LD_*",
+	"LOGNAME",
+	"OLDPWD",
+	"PATH",
+	"PWD",
+	"SHELL",
+	"SHLVL",
+	"SSH_*",
+	"TERM",
+	"TERMINFO",
+	"TMPDIR",
+	"UID",
+	"USER",
+	"XAUTHORITY",
+	"XDG_*",
+	"ZDOTDIR",
+	"ZSH*",
+	"_*", // Variables starting with underscore are typically internal
+}
+
+func getBlockList() []string {
+	if blockEnv := os.Getenv("LIMA_SHELLENV_BLOCK"); blockEnv != "" {
+		if strings.HasPrefix(blockEnv, "+") {
+			additionalBlocks := parseEnvList(blockEnv[1:])
+			blockList := make([]string, len(BuiltinBlocklist)+len(additionalBlocks))
+			copy(blockList, BuiltinBlocklist)
+			copy(blockList[len(BuiltinBlocklist):], additionalBlocks)
+			return blockList
+		}
+		return parseEnvList(blockEnv)
+	}
+	return BuiltinBlocklist
+}
+
+func getAllowList() []string {
+	if allowEnv := os.Getenv("LIMA_SHELLENV_ALLOW"); allowEnv != "" {
+		return parseEnvList(allowEnv)
+	}
+	return nil
+}
+
+func IsUsingBuiltinBlocklist() bool {
+	blockEnv := os.Getenv("LIMA_SHELLENV_BLOCK")
+	return blockEnv == "" || strings.HasPrefix(blockEnv, "+")
+}
+
+func parseEnvList(envList string) []string {
+	if envList == "" {
+		return nil
+	}
+
+	parts := strings.Split(envList, ",")
+	result := make([]string, 0, len(parts))
+	for _, part := range parts {
+		if trimmed := strings.TrimSpace(part); trimmed != "" {
+			result = append(result, trimmed)
+		}
+	}
+
+	return result
+}
+
+func matchesPattern(name, pattern string) bool {
+	if pattern == name {
+		return true
+	}
+
+	if strings.HasSuffix(pattern, "*") {
+		prefix := pattern[:len(pattern)-1]
+		return strings.HasPrefix(name, prefix)
+	}
+
+	return false
+}
+
+func matchesAnyPattern(name string, patterns []string) bool {
+	for _, pattern := range patterns {
+		if matchesPattern(name, pattern) {
+			return true
+		}
+	}
+	return false
+}
+
+func FilterEnvironment() []string {
+	return FilterEnvironmentWithLists(os.Environ(), getBlockList(), getAllowList())
+}
+
+func FilterEnvironmentWithLists(env, blockList, allowList []string) []string {
+	var filtered []string
+
+	for _, envVar := range env {
+		parts := strings.SplitN(envVar, "=", 2)
+		if len(parts) != 2 {
+			continue
+		}
+
+		name := parts[0]
+
+		if len(allowList) > 0 {
+			if !matchesAnyPattern(name, allowList) {
+				continue
+			}
+			filtered = append(filtered, envVar)
+			continue
+		}
+
+		if matchesAnyPattern(name, blockList) {
+			logrus.Debugf("Blocked env variable %q", name)
+			continue
+		}
+
+		filtered = append(filtered, envVar)
+	}
+
+	return filtered
+}
+
+func GetBuiltinBlocklist() []string {
+	result := make([]string, len(BuiltinBlocklist))
+	copy(result, BuiltinBlocklist)
+	return result
+}