add opt-in analytics, refactoring, update gateway middleware, code cl…

…eanup

README.md

@@ -65,6 +65,7 @@ The `settings` section of the configuration file is used to configure the applic
 
 | field     | description                        | required? |
 |-----------|------------------------------------|-----------|
+| `anonymous-stats` | `boolean` value specifying whether to send anonymous usage statistics, defaults to `false` | no |
 | `defaults.tasks.path` | default path for tasks | no |
 | `defaults.tasks.platforms` | default platforms for tasks | no |
 | `defaults.tasks.silent` | default silent setting for tasks | no |
@@ -81,6 +82,7 @@ name: my stack
 version: 1.0.0
 
 settings:
+  anonymous-stats: true # opt-in to sending anonymous usage statistics, default is false.
   dotenv: ['.env', '.env.local'] # loads both `.env` and `.env.local` files, defaults to `.env`.
   exit-on-checksum-mismatch: false # do not exit if a checksum mismatch occurs, defaults to true.
   checksum-verification: false # do not verify checksums, defaults to true.
@@ -135,6 +137,19 @@ env:
   - MY_ENV_VAR_TWO=1234test
 ```
 
+#### Integration: dotenv-vault
+
+`StackUp` supports loading encrypted values from `.env.vault` files (see the [dotenv-vault website](https://vault.dotenv.org)).
+
+To load a `.env.vault` file, add an entry to the `env` section named `dotenv://vault`.  This item will cause the `.env.vault` file to
+be loaded into the environment, if it exists.  If it does not exist, no action is taken.
+
+```yaml
+env:
+  - MY_ENV_VAR_ONE=test1234
+  - dotenv://vault # loads .env.vault, if it exists
+```
+
 ### Configuration: Includes
 
 The `includes` section of the configuration file is used to specify a list of filenames, file urls, or s3 urls that should be merged with the configuration.  This is useful for splitting up a large configuration file into smaller, more manageable files or reusing commonly-used tasks, init scripts, or preconditions. Startup, shutdown, servers, and scheduled tasks are not merged from the included files.

go.mod

@@ -4,6 +4,7 @@ go 1.20
 
 require (
 	github.com/blang/semver v3.5.1+incompatible
+	github.com/dotenv-org/godotenvvault v0.6.0
 	github.com/eiannone/keyboard v0.0.0-20220611211555-0d226195f203
 	github.com/joho/godotenv v1.5.1
 	github.com/logrusorgru/aurora v2.0.3+incompatible
@@ -41,11 +42,14 @@ require (
 
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.7
+	github.com/denisbrodbeck/machineid v1.0.1
 	github.com/emirpasic/gods v1.18.1
 	github.com/golang-module/carbon/v2 v2.2.3
 	github.com/kr/pretty v0.3.1 // indirect
 	github.com/minio/minio-go v6.0.14+incompatible
 	github.com/minio/minio-go/v7 v7.0.61
+	github.com/posthog/posthog-go v0.0.0-20230801140217-d607812dee69
+	github.com/rs/zerolog v1.30.0
 	github.com/ryanuber/go-glob v1.0.0
 	go.etcd.io/bbolt v1.3.7
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect

go.sum

@@ -1,22 +1,30 @@
 github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=
 github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
 github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
 github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
+github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
 github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/denisbrodbeck/machineid v1.0.1 h1:geKr9qtkB876mXguW2X6TU4ZynleN6ezuMSRhl4D7AQ=
+github.com/denisbrodbeck/machineid v1.0.1/go.mod h1:dJUwb7PTidGDeYyUBmXZ2GphQBbjJCrnectwCyxcUSI=
+github.com/dotenv-org/godotenvvault v0.6.0 h1:e6rUPELZaPmf6SgxxdB3nACG9VQAE8+omrSSZm0QUgk=
+github.com/dotenv-org/godotenvvault v0.6.0/go.mod h1:q/635WfmO04uUBVwrDWchRPOvPWaplWC6Udm+illcS4=
 github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/eiannone/keyboard v0.0.0-20220611211555-0d226195f203 h1:XBBHcIb256gUJtLmY22n99HaZTz+r2Z51xUPi01m3wg=
 github.com/eiannone/keyboard v0.0.0-20220611211555-0d226195f203/go.mod h1:E1jcSv8FaEny+OP/5k9UxZVw9YFWGj7eI4KR/iOBqCg=
 github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
 github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
+github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/golang-module/carbon/v2 v2.2.3 h1:WvGIc5+qzq9drNzH+Gnjh1TZ0JgDY/IA+m2Dvk7Qm4Q=
 github.com/golang-module/carbon/v2 v2.2.3/go.mod h1:LdzRApgmDT/wt0eNT8MEJbHfJdSqCtT46uZhfF30dqI=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -45,9 +53,11 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/logrusorgru/aurora v2.0.3+incompatible h1:tOpm7WcpBTn4fjmVfgpQq0EfczGlG91VSDkswnjF5A8=
 github.com/logrusorgru/aurora v2.0.3+incompatible/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4=
 github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
@@ -68,8 +78,11 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/posthog/posthog-go v0.0.0-20230801140217-d607812dee69 h1:01dHVodha5BzrMtVmcpPeA4VYbZEsTXQ6m4123zQXJk=
+github.com/posthog/posthog-go v0.0.0-20230801140217-d607812dee69/go.mod h1:migYMxlAqcnQy+3eN8mcL0b2tpKy6R+8Zc0lxwk4dKM=
 github.com/robertkrimen/otto v0.2.1 h1:FVP0PJ0AHIjC+N4pKCG9yCDz6LHNPCwi/GKID5pGGF0=
 github.com/robertkrimen/otto v0.2.1/go.mod h1:UPwtJ1Xu7JrLcZjNWN8orJaM5n5YEtqL//farB5FlRY=
 github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
@@ -78,8 +91,12 @@ github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZV
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc=
 github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/rs/zerolog v1.30.0 h1:SymVODrcRsaRaSInD9yQtKbtWqwsfoPcRff/oRXLj4c=
+github.com/rs/zerolog v1.30.0/go.mod h1:/tk+P47gFdPXq4QYjvCmT5/Gsug2nagsFWBWhAiSi1w=
+github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
 github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
+github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -93,6 +110,7 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ=
 go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw=
@@ -112,6 +130,8 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -141,6 +161,7 @@ gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
 gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/sourcemap.v1 v1.0.5 h1:inv58fC9f9J3TK2Y2R1NPntXEn3/wjWHkonhIUODNTI=
 gopkg.in/sourcemap.v1 v1.0.5/go.mod h1:2RlvNNSMglmRrcvhfuzp4hQHwOtjxlbjX7UPY/GXb78=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

lib/app/app.go

@@ -16,6 +16,7 @@ import (
 	"github.com/robfig/cron/v3"
 	"github.com/stackup-app/stackup/lib/gateway"
 	"github.com/stackup-app/stackup/lib/support"
+	"github.com/stackup-app/stackup/lib/telemetry"
 	"github.com/stackup-app/stackup/lib/updater"
 	"github.com/stackup-app/stackup/lib/utils"
 	"github.com/stackup-app/stackup/lib/version"
@@ -44,6 +45,7 @@ type Application struct {
 	KillCommandCallback CommandCallback
 	ConfigFilename      string
 	Gateway             *gateway.Gateway
+	Analytics           *telemetry.Telemetry
 }
 
 func (a *Application) loadWorkflowFile(filename string) *StackupWorkflow {
@@ -336,9 +338,14 @@ func (a *Application) Run() {
 	a.init()
 	a.handleFlagOptions()
 
+	a.Analytics = telemetry.New(true, a.Gateway)
 	a.Workflow.Initialize()
 	a.Gateway.SetAllowedDomains(a.Workflow.Settings.Domains.Allowed)
 
+	if *a.Workflow.Settings.AnonymousStatistics {
+		a.Analytics.EventOnly("app.start")
+	}
+
 	if len(a.Workflow.Settings.DotEnvFiles) > 0 {
 		godotenv.Load(a.Workflow.Settings.DotEnvFiles...)
 	}

lib/app/workflow.go

@@ -2,12 +2,14 @@ package app
 
 import (
 	"fmt"
+	"net/url"
 	"os"
 	"path"
 	"regexp"
 	"strings"
 	"sync"
 
+	"github.com/dotenv-org/godotenvvault"
 	lla "github.com/emirpasic/gods/lists/arraylist"
 	lls "github.com/emirpasic/gods/stacks/linkedliststack"
 	"github.com/golang-module/carbon/v2"
@@ -65,6 +67,7 @@ type WorkflowSettings struct {
 	DotEnvFiles            []string                  `yaml:"dotenv"`
 	Cache                  *WorkflowSettingsCache    `yaml:"cache"`
 	Domains                *WorkflowSettingsDomains  `yaml:"domains"`
+	AnonymousStatistics    *bool                     `yaml:"anonymous-stats"`
 }
 
 type WorkflowSettingsDomains struct {
@@ -346,6 +349,28 @@ func (workflow *StackupWorkflow) reversePreconditions(items []*Precondition) []*
 	return items
 }
 
+func (workflow *StackupWorkflow) TryLoadDotEnvVaultFile(value string) bool {
+	if !utils.IsFile(utils.WorkingDir(".env.vault")) {
+		return false
+	}
+
+	parsedUrl, err := url.Parse(value)
+	if err != nil || parsedUrl.Scheme != "dotenv" || parsedUrl.Hostname() != "vault" {
+		return false
+	}
+
+	vars, err := godotenvvault.Read()
+	if err != nil {
+		return false
+	}
+
+	for key, value := range vars {
+		os.Setenv(key, value)
+	}
+
+	return true
+}
+
 func (workflow *StackupWorkflow) Initialize() {
 	workflow.Cache = cache.CreateCache("")
 
@@ -354,38 +379,35 @@ func (workflow *StackupWorkflow) Initialize() {
 		task.Uuid = utils.GenerateTaskUuid()
 	}
 
-	if len(workflow.Env) > 0 {
-		for _, def := range workflow.Env {
-			key, value, _ := strings.Cut(def, "=")
-			os.Setenv(key, value)
-		}
+	workflow.processEnvSection()
+	workflow.createMissingSettingsSection()
+	workflow.configureDefaultSettings()
+	workflow.ProcessIncludes()
+
+	if len(workflow.Init) > 0 {
+		App.JsEngine.Evaluate(workflow.Init)
 	}
 
-	// no default settings were provided, so create sensible defaults
-	if workflow.Settings == nil {
-		verifyChecksums := true
-		workflow.Settings = &WorkflowSettings{
-			DotEnvFiles:          []string{".env"},
-			Cache:                &WorkflowSettingsCache{TtlMinutes: 5},
-			ChecksumVerification: &verifyChecksums,
-			Domains: &WorkflowSettingsDomains{
-				Allowed: []string{"raw.githubusercontent.com", "api.github.com"},
-			},
-			Defaults: &WorkflowSettingsDefaults{
-				Tasks: &WorkflowSettingsDefaultsTasks{
-					Silent:    false,
-					Path:      App.JsEngine.MakeStringEvaluatable("getCwd()"),
-					Platforms: []string{"windows", "linux", "darwin"},
-				},
-			},
-		}
+	for _, pc := range workflow.Preconditions {
+		pc.Initialize()
 	}
 
+	for _, task := range workflow.Tasks {
+		task.Initialize()
+	}
+}
+
+func (workflow *StackupWorkflow) configureDefaultSettings() {
 	if workflow.Settings.ChecksumVerification == nil {
 		verifyChecksums := true
 		workflow.Settings.ChecksumVerification = &verifyChecksums
 	}
 
+	if workflow.Settings.AnonymousStatistics == nil {
+		enableStats := false
+		workflow.Settings.AnonymousStatistics = &enableStats
+	}
+
 	if workflow.Settings.Domains == nil {
 		workflow.Settings.Domains = &WorkflowSettingsDomains{Allowed: []string{}}
 	}
@@ -418,37 +440,45 @@ func (workflow *StackupWorkflow) Initialize() {
 			task.Platforms = workflow.Settings.Defaults.Tasks.Platforms
 		}
 	}
+}
 
-	// // ensure that the allowed domains are in the correct format, i.e. without a protocol or port
-	// tempDomains := []string{}
-	// for _, domain := range workflow.Settings.Domains.Allowed {
-	// 	if strings.Contains(domain, "://") {
-	// 		parsedUrl, _ := url.Parse(domain)
-	// 		tempDomains = append(tempDomains, parsedUrl.Host)
-	// 	} else {
-	// 		tempDomains = append(tempDomains, domain)
-	// 	}
-	// }
-	// copy(workflow.Settings.Domains.Allowed, tempDomains)
-	// workflow.Settings.Domains.Allowed = tempDomains
-
-	// initialize the includes
-	for _, inc := range workflow.Includes {
-		inc.Initialize()
-	}
-
-	workflow.ProcessIncludes()
-
-	if len(workflow.Init) > 0 {
-		App.JsEngine.Evaluate(workflow.Init)
+func (workflow *StackupWorkflow) createMissingSettingsSection() {
+	// no default settings were provided, so create sensible defaults
+	if workflow.Settings == nil {
+		verifyChecksums := true
+		enableStats := false
+		workflow.Settings = &WorkflowSettings{
+			AnonymousStatistics:  &enableStats,
+			DotEnvFiles:          []string{".env"},
+			Cache:                &WorkflowSettingsCache{TtlMinutes: 5},
+			ChecksumVerification: &verifyChecksums,
+			Domains: &WorkflowSettingsDomains{
+				Allowed: []string{"raw.githubusercontent.com", "api.github.com"},
+			},
+			Defaults: &WorkflowSettingsDefaults{
+				Tasks: &WorkflowSettingsDefaultsTasks{
+					Silent:    false,
+					Path:      App.JsEngine.MakeStringEvaluatable("getCwd()"),
+					Platforms: []string{"windows", "linux", "darwin"},
+				},
+			},
+		}
 	}
+}
 
-	for _, pc := range workflow.Preconditions {
-		pc.Initialize()
-	}
+func (workflow *StackupWorkflow) processEnvSection() {
+	if len(workflow.Env) > 0 {
+		for _, def := range workflow.Env {
+			if strings.Contains(def, "://") {
+				workflow.TryLoadDotEnvVaultFile(def)
+				continue
+			}
 
-	for _, task := range workflow.Tasks {
-		task.Initialize()
+			if strings.Contains(def, "=") {
+				key, value, _ := strings.Cut(def, "=")
+				os.Setenv(key, value)
+			}
+		}
 	}
 }
 
@@ -470,6 +500,11 @@ func (workflow *StackupWorkflow) RemoveTasks(uuidsToRemove []string) {
 }
 
 func (workflow *StackupWorkflow) ProcessIncludes() {
+	// initialize the includes
+	for _, inc := range workflow.Includes {
+		inc.Initialize()
+	}
+
 	var wg sync.WaitGroup
 	for _, include := range workflow.Includes {
 		wg.Add(1)

lib/gateway/middleware.go

@@ -47,6 +47,10 @@ func verifyFileTypeHandler(g *Gateway, link string) error {
 	baseName := path.Base(parsedUrl.Path)
 	fileExt := path.Ext(baseName)
 
+	if fileExt == "" {
+		return nil
+	}
+
 	allowedFileNames := []string{"checksums.txt", "checksums.sha256.txt", "checksums.sha512.txt", "sha256sum", "sha512sum"}
 	allowedExts := []string{".yaml", ".yml", ".txt", ".sha256", ".sha512"}