Bug 1158851

Summary: Cron cartridge: loading of environment variables underquoted
Product: OpenShift Container Platform Reporter: Luke Meyer <lmeyer>
Component: ImageStreamsAssignee: Jason DeTiberus <jdetiber>
Status: CLOSED ERRATA QA Contact: libra bugs <libra-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 2.2.0CC: adellape, bleanhar, gpei, jokerman, jolamb, libra-bugs, libra-onpremise-devel, lmeyer, mmccomas, pruan, tschan+redhat, vvitek
Target Milestone: ---Keywords: Upstream
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: openshift-origin-cartridge-cron-1.24.1.1-1 Doc Type: Bug Fix
Doc Text:
Due to a bug in the cron cartridge, environment variables were not properly quoted. This could result in variables being set incorrectly when loaded by gear cron jobs. This bug fix updates the cron cartridge script that handles running the jobs, and as a result, variables are now set correctly. After applying this update, a cartridge upgrade is required.
 Story Points: ---
Clone Of: 1157830 Environment:
Last Closed: 2014-12-10 13:24:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1157830, 1158868    
Bug Blocks:    

Description Luke Meyer 2014-10-30 11:25:34 UTC 
+++ This bug was initially created as a clone of Bug #1157830 +++

Description of problem:
The loading of environment variables (system and user defined) is underquoted, resulting in unwanted word splitting and filename expansion.

Version-Release number of selected component (if applicable):
OpenShift Online as of 10-27-2014.

How reproducible:
Always

Steps to Reproduce:
1. rhc env set NAME="John Doe"
2. Add cron cartridge to any OpenShift app
3. Create cron job .openshift/cron/minutely/env.sh as follows:

#! /bin/sh

env >/tmp/env.txt

4. Wait a minute
5. grep ^NAME= /tmp/env.txt

Actual results:
NAME=John

Expected results:
NAME=John Doe

Additional info:
Naturally the bug also appears on OpenShift Enterprise. Verified with OpenShift Enterprise 2.0.8.

The culprits seem to be the following lines in '/usr/libexec/openshift/cartridges/cron/bin/cron_runjobs.sh' of the cron cartridge:

local contents=$(< $1)

export $key=$(< $1)

which should instead read:

local contents="$(< $1)"

export $key="$(< $1)"

--- Additional comment from Vojtech Vitek on 2014-10-29 20:09:27 EDT ---

Hey Daniel, thanks for this bug report and the provided fix. Much appreciated!

--- Additional comment from Vojtech Vitek on 2014-10-29 20:12:24 EDT ---

CC'ing Enterprise guys per comment 0, since user verified this bug on OpenShift Enterprise 2.0.8.

--- Additional comment from Vojtech Vitek on 2014-10-29 21:04:40 EDT ---

Steps to reproduce:
```
rhc app create php php-5.3
rhc cartridge-add cron --app php
cd php
mkdir -p .openshift/cron/minutely
echo -e "#!/bin/sh\nenv>/tmp/env.txt" > .openshift/cron/minutely/env.sh 
chmod +x .openshift/cron/minutely/env.sh
git commit -ama
git push

rhc env set NAME="John Doe" --app php

#Bug:
rhc ssh php "cat /tmp/env.txt | grep NAME=Jo"
NAME=John

#Fix applied:
rhc ssh php "cat /tmp/env.txt | grep NAME=Jo"
NAME=John Doe
```

--- Additional comment from Vojtech Vitek on 2014-10-29 21:05:04 EDT ---

https://github.com/openshift/origin-server/pull/5915
Comment 2 Brenton Leanhardt 2014-10-30 12:57:31 UTC 
*** Bug 1158868 has been marked as a duplicate of this bug. ***
Comment 4 Gaoyun Pei 2014-11-25 06:01:40 UTC 
verify this bug on puddle 2.2/2014-11-24.3 with package openshift-origin-cartridge-cron-1.24.1.1-1.el6op.noarch

1. rhc app create test1 php-5.3 cron-1.4

2. Create a minutely cron job in .openshift/cron/minutely/env.sh as follow:

#! /bin/sh

env >/tmp/env.txt

3. rhc env set NAME="John Doe" -a test1
   
[root@broker test1]# rhc ssh test1 "cat /tmp/env.txt | grep NAME=Jo"
NAME=John Doe
Comment 6 errata-xmlrpc 2014-12-10 13:24:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2014-1979.html