From f44ea8a10e767965fcf853d67e33adbe78d645a9 Mon Sep 17 00:00:00 2001 From: Radek Simko Date: Thu, 30 Apr 2020 07:56:42 +0100 Subject: [PATCH 1/2] terraform/exec: Extract passthrough variables for better visibility --- internal/terraform/exec/exec.go | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/internal/terraform/exec/exec.go b/internal/terraform/exec/exec.go index f6bba90ae..6f949bb66 100644 --- a/internal/terraform/exec/exec.go +++ b/internal/terraform/exec/exec.go @@ -19,6 +19,12 @@ import ( "github.com/hashicorp/terraform-ls/logging" ) +// Environment variables to pass through to Terraform +var passthroughEnvVars = []string{ + // This allows Terraform to find custom-built providers + "HOME", "USER", +} + // cmdCtxFunc allows mocking of Terraform in tests while retaining // ability to pass context for timeout/cancellation type cmdCtxFunc func(context.Context, string, ...string) *exec.Cmd @@ -100,12 +106,10 @@ func (e *Executor) cmd(args ...string) (*command, error) { // so we don't need to ask checkpoint for upgrades. cmd.Env = append(cmd.Env, "CHECKPOINT_DISABLE=1") - // This allows Terraform to find custom-built providers - if v := os.Getenv("HOME"); v != "" { - cmd.Env = append(cmd.Env, "HOME="+v) - } - if v := os.Getenv("USER"); v != "" { - cmd.Env = append(cmd.Env, "USER="+v) + for _, key := range passthroughEnvVars { + if value := os.Getenv(key); value != "" { + cmd.Env = append(cmd.Env, key+"="+value) + } } if e.execLogPath != "" { From e807d94a7b4023d453b227735a1666d68f98de08 Mon Sep 17 00:00:00 2001 From: Radek Simko Date: Thu, 30 Apr 2020 07:58:46 +0100 Subject: [PATCH 2/2] terraform/exec: Treat TempDir related vars as safe to pass through --- internal/terraform/exec/exec.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/internal/terraform/exec/exec.go b/internal/terraform/exec/exec.go index 6f949bb66..932d2831c 100644 --- a/internal/terraform/exec/exec.go +++ b/internal/terraform/exec/exec.go @@ -22,7 +22,11 @@ import ( // Environment variables to pass through to Terraform var passthroughEnvVars = []string{ // This allows Terraform to find custom-built providers - "HOME", "USER", + "HOME", "USER", "USERPROFILE", + // This allows Terraform to create crash log in the desired temp directory + // os.TempDir would otherwise fall back to C:\Windows on Windows + // which has no write permissions for non-admins + "TMPDIR", "TMP", "TEMP", } // cmdCtxFunc allows mocking of Terraform in tests while retaining