fix: Resolve Docker Secrets in all() method for empty variables
- Update all() to automatically resolve Docker Secrets (*_FILE pattern) for empty variables - Ensures DB_PASSWORD, REDIS_PASSWORD, etc. are resolved from their *_FILE counterparts when empty - Variables like DB_PASSWORD_FILE are still included in output, but empty values are replaced with resolved secrets - Fixes issue where DB_PASSWORD and REDIS_PASSWORD appeared empty in logs even though *_FILE variables existed
This commit is contained in:
@@ -61,7 +61,7 @@ final readonly class Environment
|
||||
|
||||
/**
|
||||
* Get variable from system environment as fallback
|
||||
*
|
||||
*
|
||||
* This ensures we can access environment variables that were set
|
||||
* after Environment initialization (e.g., by PHP-FPM/FastCGI)
|
||||
*/
|
||||
@@ -69,7 +69,7 @@ final readonly class Environment
|
||||
{
|
||||
// Priority: $_ENV > $_SERVER > getenv()
|
||||
// $_ENV and $_SERVER may contain dynamically set vars in PHP-FPM
|
||||
|
||||
|
||||
if (isset($_ENV[$key]) && is_string($_ENV[$key])) {
|
||||
return $_ENV[$key];
|
||||
}
|
||||
@@ -161,23 +161,45 @@ final readonly class Environment
|
||||
/**
|
||||
* @return array<string, mixed>
|
||||
*/
|
||||
public function all(): array
|
||||
public function all(bool $sorted = false): array
|
||||
{
|
||||
// Merge internal variables with system environment variables
|
||||
// This ensures all available environment variables are returned,
|
||||
// including those that became available after Environment initialization
|
||||
// (e.g., set by PHP-FPM/FastCGI during request processing)
|
||||
$systemVariables = $this->getSystemEnvironment();
|
||||
|
||||
|
||||
// Merge: internal variables take precedence over system variables
|
||||
// This ensures variables loaded from .env files or set during initialization
|
||||
// take precedence over system environment variables
|
||||
return array_merge($systemVariables, $this->variables);
|
||||
$all = array_merge($systemVariables, $this->variables);
|
||||
|
||||
// Resolve Docker Secrets for variables that are empty or not set
|
||||
// This ensures that variables like DB_PASSWORD are resolved from their *_FILE counterparts
|
||||
$resolved = [];
|
||||
foreach ($all as $key => $value) {
|
||||
// If variable is empty or not set, check for Docker Secret
|
||||
if (empty($value) || $value === '' || $value === null) {
|
||||
$secretValue = $this->secretsResolver->resolve($key, $all);
|
||||
if ($secretValue !== null) {
|
||||
$resolved[$key] = $secretValue;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
// Include non-empty values and *_FILE variables
|
||||
$resolved[$key] = $value;
|
||||
}
|
||||
|
||||
if ($sorted) {
|
||||
ksort($resolved);
|
||||
}
|
||||
|
||||
return $resolved;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all system environment variables dynamically
|
||||
*
|
||||
*
|
||||
* @return array<string, mixed>
|
||||
*/
|
||||
private function getSystemEnvironment(): array
|
||||
@@ -193,11 +215,11 @@ final readonly class Environment
|
||||
|
||||
// Load from $_SERVER (may contain additional vars from web server)
|
||||
foreach ($_SERVER as $key => $value) {
|
||||
if (!isset($variables[$key]) &&
|
||||
is_string($key) &&
|
||||
is_string($value) &&
|
||||
if (!isset($variables[$key]) &&
|
||||
is_string($key) &&
|
||||
is_string($value) &&
|
||||
!str_starts_with($key, 'HTTP_') &&
|
||||
!in_array($key, ['GATEWAY_INTERFACE', 'SERVER_SOFTWARE', 'SERVER_NAME', 'SERVER_ADDR',
|
||||
!in_array($key, ['GATEWAY_INTERFACE', 'SERVER_SOFTWARE', 'SERVER_NAME', 'SERVER_ADDR',
|
||||
'SERVER_PORT', 'REQUEST_URI', 'REQUEST_METHOD', 'QUERY_STRING',
|
||||
'CONTENT_TYPE', 'CONTENT_LENGTH', 'SCRIPT_NAME', 'SCRIPT_FILENAME',
|
||||
'PATH_INFO', 'FCGI_ROLE', 'REDIRECT_STATUS', 'REQUEST_TIME',
|
||||
|
||||
Reference in New Issue
Block a user