d-bis/smom-dbis-138
4
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

fix(deployment): load env safely under nounset

Browse Source
This commit is contained in:
defiQUG
2026-03-29 18:27:24 -07:00
parent 089da29b9b
commit 59cdd5af60
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
scripts/lib/deployment/dotenv.sh
View File

@@ -24,17 +24,29 @@ load_deployment_env() {
local dotenv="${root}/.env"
[[ -n "${ENV_FILE:-}" && -f "${ENV_FILE}" ]] && dotenv="${ENV_FILE}"
if [[ -f "$dotenv" ]]; then
local had_nounset=0
if [[ $- == *u* ]]; then
had_nounset=1
set +u
fi
set -a
# shellcheck disable=SC1090
source "$dotenv"
set +a
(( had_nounset )) && set -u
fi
local secure_secrets_file="${SECURE_SECRETS_FILE:-$HOME/.secure-secrets/private-keys.env}"
if [[ -f "$secure_secrets_file" ]]; then
local had_nounset_secure=0
if [[ $- == *u* ]]; then
had_nounset_secure=1
set +u
fi
set -a
# shellcheck disable=SC1090
source "$secure_secrets_file"
set +a
(( had_nounset_secure )) && set -u
fi
if [[ -z "${PRIVATE_KEY:-}" && -n "${DEPLOYER_PRIVATE_KEY:-}" ]]; then
export PRIVATE_KEY="$DEPLOYER_PRIVATE_KEY"