chore: clone config.env in genEnv to prevent shared-object mutation#2981
Open
joonas wants to merge 1 commit intodefenseunicorns:mainfrom
Open
chore: clone config.env in genEnv to prevent shared-object mutation#2981joonas wants to merge 1 commit intodefenseunicorns:mainfrom
config.env in genEnv to prevent shared-object mutation#2981joonas wants to merge 1 commit intodefenseunicorns:mainfrom
Conversation
cmwylie19
approved these changes
Mar 2, 2026
cmwylie19
changed the title
config.env in genEnv to prevent shared-object mutationconfig.env in genEnv to prevent shared-object mutation
`genEnv` deleted `config.env["PEPR_WATCH_MODE"]` directly from the caller's `ModuleConfig` reference. Since the same config object is passed twice (once for the admission deployment and once for the watcher deployment) the first call permanently removed the key. Any code reading `config.env` after the first `genEnv` call would no longer see `PEPR_WATCH_MODE`. Shallow-clone `config.env` into a local `cfg` object and delete the key from the clone instead. This preserves the original config while still preventing a user-supplied `PEPR_WATCH_MODE` from overriding the programmatic value controlled by the `watchMode` parameter. Both regression tests assert `config.env` identity via snapshot comparison rather than checking `genEnv` return values. The `def` object always supplies `PEPR_WATCH_MODE` from the `watchMode` parameter, so output-based assertions pass even with the mutation bug present. Existing tests already cover output correctness for each mode. Signed-off-by: Joonas Bergius <joonas@defenseunicorns.com>
samayer12
force-pushed
the
fix/environment-mutates-shared-config-env
branch
from
d9479f9 to
bcdf37e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
genEnvdeletedconfig.env["PEPR_WATCH_MODE"]directly from the caller'sModuleConfigreference. Since the same config object is passed twice (once for the admission deployment and once for the watcher deployment) the first call permanently removed the key. Any code readingconfig.envafter the firstgenEnvcall would no longer seePEPR_WATCH_MODE.Shallow-clone
config.envinto a localcfgobject and delete the key from the clone instead. This preserves the original config while still preventing a user-suppliedPEPR_WATCH_MODEfrom overriding the programmatic value controlled by thewatchModeparameter.Both regression tests assert
config.envidentity via snapshot comparison rather than checkinggenEnvreturn values. Thedefobject always suppliesPEPR_WATCH_MODEfrom thewatchModeparameter, so output-based assertions pass even with the mutation bug present. Existing tests already cover output correctness for each mode.End to End Test:
(See Pepr Excellent Examples)
Type of change
Checklist before merging