Defer expansion of go templates in arguments until after the --secret…

…s-files flag has been processed

Makefile

@@ -12,6 +12,9 @@ dockerfy: deps
 	echo "Building dockerfy"
 	go install -ldflags "$(LDFLAGS)"
 
+debug: deps
+	godebug run  $(ls *.go | egrep -v unix) 
+
 deps:
 	go get github.com/hpcloud/tail
 	go get golang.org/x/net/context

args.go

@@ -58,7 +58,8 @@ func removeCommandsFromOsArgs() Commands {
 			if cmd_user != nil {
 				// Expect a username or uid
 				var err1 error
-				user_name_or_id := string_template_eval(os.Args[i])
+
+				user_name_or_id := os.Args[i]
 				cmd_user, err1 = user.LookupId(user_name_or_id)
 				if cmd_user == nil {
 					// Not a userid, try as a username
@@ -78,15 +79,14 @@ func removeCommandsFromOsArgs() Commands {
 			} else if cmd != nil {
 				// Expect a command first, then a series of arguments
 				if len(cmd.Path) == 0 {
-					_ = "breakpoint"
 					cmd.Path = os.Args[i]
 					if filepath.Base(cmd.Path) == cmd.Path {
 						cmd.Path, _ = exec.LookPath(cmd.Path)
 					}
 				}
-				cmd.Args = append(cmd.Args, string_template_eval(os.Args[i]))
+				cmd.Args = append(cmd.Args, os.Args[i])
 			} else {
-				newOsArgs = append(newOsArgs, string_template_eval(os.Args[i]))
+				newOsArgs = append(newOsArgs, os.Args[i])
 			}
 		}
 	}

dockerfy.go

@@ -33,6 +33,7 @@ var (
 	ctx          context.Context
 	delims       []string
 	wg           sync.WaitGroup
+	exitCode     int
 )
 
 // Flags
@@ -270,6 +271,12 @@ func main() {
 	}
 
 	if flag.NArg() > 0 {
+
+		// perform template substitution on primary cmd
+		//for i, arg := range flag.Args() {
+		//	flag.Args()[i] = string_template_eval(arg)
+		//}
+
 		var cmdString = strings.Join(flag.Args(), " ")
 		if verboseFlag {
 			log.Printf("Running Primary Command: `%s`\n", cmdString)
@@ -293,4 +300,5 @@ func main() {
 
 	wg.Wait()
 
+	os.Exit(exitCode)
 }

exec.go

@@ -22,9 +22,14 @@ func runCmd(ctx context.Context, cancel context.CancelFunc, cmd *exec.Cmd) {
 		log.Fatalf("Could not copy secrets files", err)
 	}
 
+	for i, arg := range cmd.Args {
+		cmd.Args[i] = string_template_eval(arg)
+	}
+
 	// start the cmd
 	err := cmd.Start()
 	if err != nil {
+		// TODO: bubble the platform-specific exit code of the process up via global exitCode
 		log.Fatalf("Error starting command: `%s` - %s\n", toString(cmd), err)
 	}
 

reaper.go

@@ -2,6 +2,13 @@
 
 package main
 
+import (
+	"log"
+	"time"
+
+	"golang.org/x/net/context"
+)
+
 //
 // Reap all child processes by receiving their signals and
 // waiting for their exit status

test/Makefile

@@ -215,25 +215,29 @@ run-option-expansion-test:
 	@docker rm -f test-nginx >/dev/null 2>&1 || true
 
 	@echo "\n\nrun-option-expansion-test:"
-	@echo "\tVerify that {{ .Env.VARS }} are expanded before use by dockerfy and $VARS are NOT"
+	@echo "\tVerify that {{ .Env.VARS }} are expanded before use by dockerfy and \$$VARS are NOT"
 	@echo "################################################################################"
-	docker run -d -it -e SECRETS_FILES=/secrets/secrets.json:/secrets/secrets.2.json \
+	docker run -d -it -e SECRETS_FILES=/secrets/secrets.json \
 		-e DB_NAME="My-Db" -e DB_HOST=localhost  \
 	    --name test-nginx nginx-with-dockerfy-and-zombie-maker \
+	    --verbose \
+		--secrets-files /secrets/secrets.2.json \
 	    --run echo 'DB_HOST={{ .Env.DB_HOST }}' -- \
 		--run echo 'DB_NAME_XP_1=$$DB_NAME' -- \
 		--run echo 'DB_NAME_XP_2={{ .Env.DB_NAME }}' --  \
+		--run echo 'AnotherSecret={{ .Secret.AnotherSecret }}' -- \
 		echo 'JSON_SECRET={{ .Secret.JSON_SECRET }}'
 
 
 	@sleep 5
 	docker logs test-nginx 2>/dev/null 
 	docker logs test-nginx 2>/dev/null | fgrep -q -- 'DB_HOST=localhost'
 	docker logs test-nginx 2>/dev/null | fgrep -q -- 'JSON_SECRET=Jason Voorhees did it'
+	docker logs test-nginx 2>/dev/null | fgrep -q -- 'AnotherSecret=Jason Voorhees is still alive'
 	docker logs test-nginx 2>/dev/null | fgrep -q -- 'DB_NAME_XP_1=$$DB_NAME'
 	docker logs test-nginx 2>/dev/null | fgrep -q -- 'DB_NAME_XP_2=My-Db'
 
-	@docker rm -f test-nginx >/dev/null 2>&1 || true
+	# @docker rm -f test-nginx >/dev/null 2>&1 || true
 	@echo "run-option-expansion-test PASSED"