Making it possible to enable --preserve-env by default

[jandubois]

I think I would like to have --preserve-env enabled by default, but have it block variables that commonly include credentials.

More complex patterns

The first thing it would need is to extend the wildcard mechanism to allow a leading * as well, so we can write something like

export LIMA_SHELLENV_BLOCK=+*AUTH*,*TOKEN*,…

I would probably add all of these patterns to my list:

*API*
*AUTH*
*CRED*
*DATABASE*
*ENCR*
*KEY*
*PASS*
*PRIVATE*
*SECRET*
*SIGNING*
*TOKEN*

Let me know if I missed anything commonly used!

Enabling --preserve-env by default

For now I can define limactl-sh with the new alias feature that would set my extended block list and then invokes limactl shell --preserve-env "$@". That way I can use limactl sh FOO printenv and it would include most of my host environment.

If we want to offer this as a built-in feature, then we would need a better mechanism to enable it (maybe with another env variable). Not sure this is needed, but this is why I made this a discussion and not an issue. 😄

Using the allow list to create exceptions for the block list

Right now if LIMA_SHELLENV_ALLOW is defined, the block list is ignored. Anything not defined in the allow list is blocked.

But with my new more aggressive block list I may want to just allow a specific credential to pass though, e.g. GITHUB_TOKEN or OPENAI_API_KEY, together with my regular env variables, but still block all other credentials.

I haven't come up with a good mechanism to do this yet. Ideas so far:

• Use yet another env variable: LIMA_SHELLENV_BLOCK_NOT=GITHUB_TOKEN

  Name needs bike shedding. Not happy about explosion of env variables.

• Add a prefix to LIMA_SHELLENV_ALLOW similar how we have the + prefix option on LIMA_SHELLENV_BLOCK: LIMA_SHELLENV_ALLOW=+GITHUB_TOKEN.

  It is breaking the concept that everything not explicitly allowed is blocked. The + has a different meaning here than on the block list, may need a different special character.

• Allow another prefix in the block list: LIME_SHELLENV_BLOCK=-GITHUB_TOKEN,+*TOKEN*

  All variables in the - list would not be blocked, even if they match a pattern in the + list. Could be used to also remove single entries from the default block list.
  Turns the setting into a mini-language that might be hard to understand.

All options feel too complicated to me, but I haven't been able to come up with something simpler that is still flexible enough.

[jandubois]

But with my new more aggressive block list I may want to just allow a specific credential to pass though

Another way would be to add another option: limactl shell --preserve-env --add-env GITHUB_TOKEN $INSTANCE gh …

Variables specified in --add-env would never be blocked by the blocklist.

Could use some bike-shedding for the option name, but this is probably easiest to understand for the user (compared to adding more env variables, or turning their values into mini-languages).

[jandubois]

Random thought (probably should sleep on it):

Rename LIMA_SHELLENV_ALLOW into LIMA_SHELLENV_ONLY to make it clear that only the variables specified here are preserved.

And then we can use --preserve-env --allow-env GITHUB_TOKEN to specify exceptions to the block list, without confusing it with the "only" list specified by the env variable.

• If LIMA_SHELLENV_ONLY is set then the --allow-env is added to the list.
• If it is not set, then --allow-env will not be filtered by the block list.

Right now I think this is my best suggestion so far.