feat: use SNYK_TMP_PATH env var for temp dir path
#267
Conversation
|
|
thomasschafer
force-pushed
the
feat/read-env-var-to-allow-overriding-of-tmp-dir
branch
6 times, most recently
from
2a852e0 to
8a8b01b
Compare
thomasschafer
force-pushed
the
feat/read-env-var-to-allow-overriding-of-tmp-dir
branch
from
8a8b01b to
46cabae
Compare
| const tempDirObj = tmp.dirSync({ | ||
| unsafeCleanup: true, | ||
| }); | ||
| const tmp_path = process.env.SNYK_TMP_PATH; |
There was a problem hiding this comment.
perhaps this should be an official CLI parameter? --tmp-path
There was a problem hiding this comment.
I'll take a look at implementing this - out of interest @danlucian, was there a reason for us to use an env var in your PR here rather than the plugin accepting a CLI param?
There was a problem hiding this comment.
@gitphill I've just made the change - it will also require this change in the CLI
There was a problem hiding this comment.
We can use the snyk test -- --<plugin specific params here method to pass in the tmp dir param to the plugin, without involving the CLI team in a new param.
There was a problem hiding this comment.
Hey, @thomasschafer, the CLI provides a centrally defined set of local filesystem paths that should be used internally and by extensions to cache and temporarily store data. The paths are part of the user docs as well and can be configured by the user.
The tmp dir is a directory that is used during the CLI execution to store files in the filesystem. The tmp dir will be cleaned up at the end of the CLI run and its relative to the cache folder.
The tmp dir is based on the following pattern:
<OS_CACHE_PATH>/snyk/snyk-cli/<CLI_VERSION>/tmp/pid<PROCESS_ID>
The easiest propagation mechanism was through an environment variable, that helped us avoid changing the signature of the functions to possibly accomodate a new argument/variable.
Hope this helps!
There was a problem hiding this comment.
Thanks @danlucian - so by the sound of it, there's no reason we can't go with the recommendation from @orsagie to use a plugin-specific CLI arg? Is it just a matter of ease of implementation?
There was a problem hiding this comment.
As per @PeterSchafer's recommendation I've reverted the change to use CLI flags back to using the env var instead
thomasschafer
changed the title
--tmp-dir flag for temp dir path
thomasschafer
force-pushed
the
feat/read-env-var-to-allow-overriding-of-tmp-dir
branch
from
0ec0b1a to
f4dadc0
Compare
thomasschafer
force-pushed
the
feat/read-env-var-to-allow-overriding-of-tmp-dir
branch
from
f4dadc0 to
aa090ee
Compare
thomasschafer
changed the title
--tmp-dir flag for temp dir pathSNYK_TMP_PATH env var for temp dir path
thomasschafer
force-pushed
the
feat/read-env-var-to-allow-overriding-of-tmp-dir
branch
from
48f7e1a to
587c374
Compare
|
Also double checked arbitrary string from env not being put somewhere it shouldn't - even though this all happens on the client machine so risk was low anyway |
thomasschafer
deleted the
feat/read-env-var-to-allow-overriding-of-tmp-dir
branch
|
🎉 This PR is included in version 2.7.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
This plugin requires use of a directory for temporarily storing assets, which by default is the temp dir specified by the OS (e.g.
/tmpon macOS). We have seen issues with users running the CLI in environments where they do not have root access and so cannot create directories at this default OS temp dir. This PR overcomes this by making use of theSNYK_TMP_PATHenv var: if present then the directory specified by the env var will be used as the temp dir.To test, build the CLI pointing to this branch of the plugin, and then open up a Python project and run that locally built CLI against it:
If you provide a directory that exists and you have access to, there will be no errors. If you e.g. use
SNYK_TMP_PATH=/usr/bin(which requiressudoto write to), the command will fail: