3 min read
It’s important to understand the behavior of variables like ${{CF_PULL_REQUEST_NUMBER}} in Codefresh pipelines and how it interacts with shell commands.
When you use ${{CF_PULL_REQUEST_NUMBER}} in a YAML file, Codefresh handles it like this:
- If the variable is set, the whole thing is replaced with the value of the variable
- If the variable is not set, it is left unchanged.
When you execute a command in a freestyle step, that command is passed to bash. So when CF_PULL_REQUEST_NUMBER is set to something like 34:
cf_export IMAGE_TAG=pr-${{CF_PULL_REQUEST_NUMBER}}becomes: cf_export IMAGE_TAG=pr-34, but when the variable is not set, the command is:cf_export IMAGE_TAG=pr-${{CF_PULL_REQUEST_NUMBER}}
which of course is bad bash variable interpolation syntax.
We (Cloud Posse) have created a tool to help with this called require_vars we ship in geodesic. If your pipeline should not run if certain variables are not supplied, you can create an initial step like this:
validate:
title: "Validate"
description: "Ensure build parameters are present"
stage: Prepare
image: cloudposse/geodesic:0.116.0
entry_point: /etc/codefresh/require_vars
cmd:
- |-
${{GITHUB_REPO_STATUS_TOKEN}} Personal Access Token used to give scripts
permission to update the "status check" status on GitHub pull requests
- ${{SLACK_WEBHOOK_URL}} Secret URL used by scripts to send updates to a Slack channel
- |-
${{AWS_DOCKER_REPO_HOST}} The host hame portion of the ECR Docker repo to use.
Typically something like 123456789012.dkr.ecr.us-east-1.amazonaws.com
- |-
${{CF_PULL_REQUEST_NUMBER}} The PR number from GitHub.
The PR number is only set if this build was triggered in relation to a PR.
Requiring this to be present means requiring this pipeline to only work with PRs.The PR number is only set if this build was triggered with a PR.
Requiring this to be present means requiring this pipeline to only work with PRs.
This step will verify the referenced variables are set and output the text as an error if they are not, causing the build to fail at that step. We recommend using it whenever a pipeline would not function properly with missing variables.
The other thing is that if a variable is optional, you test whether it is set or not by checking to see if the variable's value contains the variable's name. So, if a step should only run if there is not a PR number assigned, you can add a test like this:
when:
condition:
all:
isNotPR: 'includes("${{CF_PULL_REQUEST_NUMBER}}", "CF_PULL_REQUEST_NUMBER") == true'(It may seem, and really should be, redundant to have == true but it seems to be required.)
It is kind of weird and confusing but makes sense once you get the hang of it. Please feel free to reach out to me if you have further questions.
Sr DevOps contractor with decades of experience working with everything from bank-grade infrastructure at Wells Fargo to modern fully automated Infrastructure as Code deployments. He excels at building infrastructure tooling that developers love to use.
Specialties: Advanced Terraform, Security, Teleport, Kubernetes, Helm