[AGENT-209] Refactor adding env vars from file

[pec1985]

Refactor, yeah!

Summary by CodeRabbit

• New Features
  • Added a visible --force flag to control environment file processing in multiple commands.
  • Enhanced environment variable management with interactive prompts to synchronize local .env files, templates, and project settings.
  • Automatic detection and masking of secret environment variables during prompts.
• Refactor
  • Consolidated environment file processing logic into a dedicated utility for improved maintainability.
  • Replaced local environment prompting and string truncation functions with shared utility implementations.
• Style
  • Improved string truncation for environment variable display.
• Chores
  • Minor code cleanup and import adjustments for consistency.

[coderabbitai]

Walkthrough

The changes refactor environment variable file handling by moving logic from various command files into a new envutil package. Calls to process and prompt for environment variables are now centralized. Helper functions for string truncation are also moved to a utility package. The codebase now uses these shared utilities across commands for consistency.

Changes

Files/Group	Change Summary
cmd/cloud.go	Removed inline environment file logic and helpers; replaced with a call to envutil.ProcessEnvFiles.
cmd/dev.go, cmd/project.go	Added calls to envutil.ProcessEnvFiles after project config retrieval/import; added --force flag to control processing; auto-set force if no TTY.
cmd/env.go, cmd/root.go	Replaced local prompt and string truncation functions with envutil.PromptForEnv and util.MaxString. Updated imports accordingly.
internal/envutil/envutil.go	Added new file encapsulating all environment file processing, prompting, and reconciliation logic as reusable utilities.
internal/util/strings.go	Added MaxString utility function for truncating strings.
internal/util/api.go	Added a blank line for formatting; no logic changes.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI_Command
    participant EnvUtil
    participant API

    User->>CLI_Command: Run (e.g., dev, cloud deploy, project import)
    CLI_Command->>EnvUtil: ProcessEnvFiles(ctx, logger, dir, project, ...)
    EnvUtil->>EnvUtil: Read .env and template files
    alt TTY
        EnvUtil->>User: Prompt for missing env vars
        User->>EnvUtil: Provide values
        EnvUtil->>EnvUtil: Update .env file
    else non-TTY
        EnvUtil->>CLI_Command: Output issues, exit(1)
    end
    EnvUtil->>API: Update project env vars (if needed)
    API-->>EnvUtil: API response
    EnvUtil-->>CLI_Command: Return updated env/project data

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Refactor env template variable detection into reusable utilities for dev and project import (AGENT-209)	✅
Add support for both TTY (interactive) and non-TTY (CI) modes (AGENT-209)	❓	Non-TTY handling sets force=true but it is unclear if it outputs a failure table and exits with code 1 as specified.

Poem

In burrows deep, a rabbit toils,
Tidying up the env file spoils.
With prompts and checks both near and far,
Utilities shine like a guiding star.
Now every project, dev or deploy,
Hops along with env-filled joy!
🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Cache: Disabled due to data retention organization setting
Knowledge Base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 5049547 and 803a5ec.

📒 Files selected for processing (1)

• internal/envutil/envutil.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• internal/envutil/envutil.go

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Build and Test (windows-latest)

✨ Finishing Touches

• 📝 Generate Docstrings

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🔭 Outside diff range comments (1)

cmd/cloud.go (1)

125-129: ⚠️ Potential issue

Compilation will fail – unused variables left behind

envTemplateFileNames, border, and redDiff were only referenced by the now-deleted inline env-diff logic.
They are no longer used anywhere in this file, so go vet / go build will abort with:

cmd/cloud.go:125:6: envTemplateFileNames declared but not used
cmd/cloud.go:127:6: border declared but not used
cmd/cloud.go:128:6: redDiff declared but not used

Delete these definitions (and their imports, if any) or integrate them into the new envutil flow.

- var envTemplateFileNames = []string{".env.example", ".env.template"}
- var border = lipgloss.NewStyle().Border(lipgloss.NormalBorder()).Padding(1).BorderForeground(lipgloss.AdaptiveColor{Light: "#999999", Dark: "#999999"})
- var redDiff = lipgloss.NewStyle().Foreground(lipgloss.AdaptiveColor{Light: "#990000", Dark: "#EE0000"})

🧰 Tools

🪛 golangci-lint (1.64.8)

125-125: var envTemplateFileNames is unused

(unused)

---

127-127: var border is unused

(unused)

---

128-128: var redDiff is unused

(unused)

🧹 Nitpick comments (5)

cmd/project.go (1)

825-826: Process result from envutil.ProcessEnvFiles or add an explanatory comment

ProcessEnvFiles returns an updated *deployer.EnvFile and potentially updated *project.ProjectData, yet both results are discarded.
Even if they are not currently required downstream, ignoring them may surprise future maintainers and makes it harder to notice silent failures inside the helper (e.g. .env parsing errors that are swallowed after a refactor).

-        _, _ = envutil.ProcessEnvFiles(ctx, logger, context.Dir, context.Project, nil, context.APIURL, context.Token)
+        if _, _ = envutil.ProcessEnvFiles(ctx, logger, context.Dir, context.Project, nil, context.APIURL, context.Token); false {
+            // intentionally ignore for now – kept to document that return values
+            // are not needed in the import flow.
+        }

Alternatively: capture the return values and log them at debug-level, or add a short comment explaining why they are intentionally ignored.
This prevents new-lint / staticcheck warnings and aids readability.

cmd/env.go (1)

227-231: Minor UI detail: resulting string length is now max + 3

util.MaxString appends "..." after truncation, so the success message can be up to 43 chars when max is 40.
If strict column alignment is important in TUI output, reduce the max argument by three.

No functional impact otherwise.

internal/envutil/envutil.go (3)

156-159: Remove unnecessary assignment to the blank identifier
This eliminates the gosimple S1005 warning and makes intent clearer.

-		var key string
-		for _key, _ := range keyvalue {
-			key = _key
-		}
+		var key string
+		for k := range keyvalue {
+			key = k
+			break // first (and only needed) key
+		}

🧰 Tools

🪛 golangci-lint (1.64.8)

157-157: S1005: unnecessary assignment to the blank identifier

(gosimple)

---

82-82: Unused statement can be removed
The _ = filename assignment is no longer required; filename is already referenced above.
Removing it avoids dead code noise.

---

270-275: Duplicate string-truncation helper – reuse the shared util instead
internal/util already exposes MaxString; keeping a private copy violates DRY and risks inconsistent behaviour.

-func maxString(val string, max int) string {
-	if len(val) > max {
-		return val[:max] + "..."
-	}
-	return val
-}
-
...
-			help = "Press enter to set as " + maxString(cstr.Mask(val), 30) + " from your .env file"
+			help = "Press enter to set as " + util.MaxString(cstr.Mask(val), 30) + " from your .env file"
...
-			help = "Press enter to set as " + maxString(cstr.Mask(val), 30) + " from your environment"
+			help = "Press enter to set as " + util.MaxString(cstr.Mask(val), 30) + " from your environment"

After removing the local function, remember to tidy the imports (goimports) if unused.

Also applies to: 283-289

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Cache: Disabled due to data retention organization setting
Knowledge Base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 132fc5c and f7161b2.

📒 Files selected for processing (8)

• cmd/cloud.go (2 hunks)
• cmd/dev.go (2 hunks)
• cmd/env.go (3 hunks)
• cmd/project.go (2 hunks)
• cmd/root.go (2 hunks)
• internal/envutil/envutil.go (1 hunks)
• internal/util/api.go (1 hunks)
• internal/util/strings.go (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (4)

cmd/env.go (2)

internal/envutil/envutil.go (1)

• PromptForEnv (277-309)

internal/util/strings.go (1)

• MaxString (42-47)

cmd/root.go (1)

internal/envutil/envutil.go (1)

• PromptForEnv (277-309)

cmd/cloud.go (1)

internal/envutil/envutil.go (1)

• ProcessEnvFiles (34-58)

cmd/project.go (1)

internal/envutil/envutil.go (1)

• ProcessEnvFiles (34-58)

🪛 golangci-lint (1.64.8)

internal/envutil/envutil.go

157-157: S1005: unnecessary assignment to the blank identifier

(gosimple)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Build and Test (macos-latest)
• GitHub Check: Build and Test (windows-latest)
• GitHub Check: Test CLI Upgrade Path (windows-latest)
• GitHub Check: Analyze (go)

🔇 Additional comments (10)

internal/util/api.go (1)

158-158: Minor spacing improvement.

This additional blank line improves code readability by visually separating the error handling from the subsequent code flow.

internal/util/strings.go (1)

42-47: Good addition of reusable string truncation utility.

The MaxString function provides a centralized approach to string truncation with ellipsis, supporting the refactoring effort by replacing duplicated truncation logic across the codebase.

cmd/dev.go (2)

15-15: Appropriate import addition for the refactor.

This import supports the refactoring effort by allowing access to the centralized environment utilities.

---

70-71: Consistent implementation of environment processing.

This change integrates the centralized environment variable handling, aligning with the broader refactoring pattern in the codebase. The function call processes environment files and potentially updates the project with environment-specific configurations.

cmd/root.go (2)

15-15: Appropriate import addition for the refactor.

This import supports the refactoring effort by allowing access to the centralized environment utilities.

---

186-186: Cohesive integration of environment variable prompting.

The change replaces the local environment variable prompting function with the centralized implementation from the envutil package, improving code consistency and reducing duplication across the codebase.

cmd/env.go (3)

15-19: Good call – centralised helpers improve maintainability

Replacing local helpers with envutil / util keeps the CLI surface consistent and removes duplication.
No further action required.

---

221-223: Use of envutil.PromptForEnv looks correct

Parameters match the helper’s signature and preserve previous behaviour (default/placeholder are empty).

---

396-397: Consistent truncation helper applied

Switching to util.MaxString keeps truncation logic uniform across commands.
Looks good.

cmd/cloud.go (1)

231-232: 👍 Refactored env processing handled via envutil

The new call simplifies the deploy path and correctly threads the returned envFile / projectData into later pre-flight checks.

[jhaynie]

LGTM except a couple of good suggestions from code rabbit

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (2)

internal/envutil/envutil.go (2)

33-58: Keep envFile.Env in sync after potential mutations

In the ProcessEnvFiles function, after calling HandleMissingProjectEnvs which may modify the environment variables, envFile.Env is not updated to reflect these changes. This means downstream consumers won't see the new variables.

---

243-245: Restrict file permissions when writing secrets to .env

Writing the file with 0644 makes secrets world-readable on many systems. Use 0600 (or at least 0640) to limit exposure.

- if err := os.WriteFile(envfile, []byte(buf.String()), 0644); err != nil {
+ // 0600 => rw for owner only; helps prevent accidental disclosure of secrets
+ if err := os.WriteFile(envfile, []byte(buf.String()), 0600); err != nil {

🧹 Nitpick comments (5)

internal/envutil/envutil.go (5)

166-167: Remove unnecessary blank identifier in range operation

The blank identifier assignment is unnecessary when you only need the key from a map.

- for _key, _ := range keyvalue {
+ for _key := range keyvalue {
    key = _key
}

🧰 Tools

🪛 golangci-lint (1.64.8)

166-166: S1005: unnecessary assignment to the blank identifier

(gosimple)

---

281-286: Consider moving maxString to the utility package

The maxString function is a generic string utility that could be used elsewhere. Since you already have a utility package with string functions (imported as util), consider moving this function there to promote code reuse.

// Remove from this file:
-func maxString(val string, max int) string {
-	if len(val) > max {
-		return val[:max] + "..."
-	}
-	return val
-}

// Use from util package:
if val, ok := localenv[key]; ok {
-	help = "Press enter to set as " + maxString(cstr.Mask(val), 30) + " from your .env file"
+	help = "Press enter to set as " + util.MaxString(cstr.Mask(val), 30) + " from your .env file"

---

288-320: Consider adding validation for required environment variables

The PromptForEnv function does a good job handling secrets and default values, but it doesn't enforce that a value is provided for potentially required environment variables.

You might want to add a parameter for whether the environment variable is required and validate that a non-empty value is returned.

-func PromptForEnv(logger logger.Logger, key string, isSecret bool, localenv map[string]string, osenv map[string]string, defaultValue string, placeholder string) string {
+func PromptForEnv(logger logger.Logger, key string, isSecret bool, localenv map[string]string, osenv map[string]string, defaultValue string, placeholder string, required bool) string {
    // Existing code...
    
    if value == "" && defaultValue != "" {
        value = defaultValue
    }
+    
+    // Ensure required variables have a value
+    if required && value == "" {
+        logger.Warn("A value is required for %s", key)
+        return PromptForEnv(logger, key, isSecret, localenv, osenv, defaultValue, placeholder, required)
+    }
    
    return value
}

---

144-150: Simplify the conditional checks for existing environment variables

The current code has separate checks for variables in projectData.Env and projectData.Secrets. These can be combined for clarity.

- if projectData != nil && projectData.Env != nil && projectData.Env[ev.Key] == ev.Val {
-   continue
- }
- if projectData != nil && projectData.Secrets != nil && projectData.Secrets[ev.Key] == cstr.Mask(ev.Val) {
-   continue
- }
+ if projectData != nil {
+   if (projectData.Env != nil && projectData.Env[ev.Key] == ev.Val) || 
+      (projectData.Secrets != nil && projectData.Secrets[ev.Key] == cstr.Mask(ev.Val)) {
+     continue
+   }
+ }

---

179-183: Initialize projectData.Env map once before the loop

The current code checks and initializes projectData.Env inside the loop for each key. It's more efficient to do this check once before the loop.

if force {
+   if projectData.Env == nil {
+       projectData.Env = make(map[string]string)
+   }
    for key, val := range keyvalue {
-       if projectData.Env == nil {
-           projectData.Env = make(map[string]string)
-       }
        projectData.Env[key] = val
    }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Cache: Disabled due to data retention organization setting
Knowledge Base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between f7161b2 and 97bdbad.

📒 Files selected for processing (4)

• cmd/cloud.go (4 hunks)
• cmd/dev.go (3 hunks)
• cmd/project.go (3 hunks)
• internal/envutil/envutil.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• cmd/dev.go
• cmd/project.go
• cmd/cloud.go

🧰 Additional context used

🪛 golangci-lint (1.64.8)

internal/envutil/envutil.go

166-166: S1005: unnecessary assignment to the blank identifier

(gosimple)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Build and Test (macos-latest)
• GitHub Check: Build and Test (windows-latest)
• GitHub Check: Test CLI Upgrade Path (windows-latest)
• GitHub Check: Analyze (go)

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

internal/envutil/envutil.go (1)

161-163: Loop still iterates over map values, not keys
This was called out in the previous review: for _, key := range keyvalue ranges over values, so key holds the value (the env var contents), not the variable name. Use the map keys instead:

- for _, key := range keyvalue {
+ for key := range keyvalue {

🧹 Nitpick comments (1)

internal/envutil/envutil.go (1)

166-169: Unnecessary second range variable and unpredictable chosen key

The loop only needs a single key and should break immediately to avoid non-deterministic selection:

-var key string
-for _key, _ := range keyvalue {
-    key = _key
-}
+var key string
+for k := range keyvalue {
+    key = k
+    break
+}

This removes the redundant blank identifier assignment flagged by gosimple and makes the behaviour explicit.

🧰 Tools

🪛 golangci-lint (1.64.8)

167-167: S1005: unnecessary assignment to the blank identifier

(gosimple)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Cache: Disabled due to data retention organization setting
Knowledge Base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 97bdbad and 9fb81a0.

📒 Files selected for processing (4)

• cmd/cloud.go (3 hunks)
• cmd/dev.go (3 hunks)
• cmd/project.go (3 hunks)
• internal/envutil/envutil.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• cmd/dev.go
• cmd/project.go
• cmd/cloud.go

🧰 Additional context used

🪛 golangci-lint (1.64.8)

internal/envutil/envutil.go

167-167: S1005: unnecessary assignment to the blank identifier

(gosimple)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Build and Test (windows-latest)
• GitHub Check: Test CLI Upgrade Path (windows-latest)
• GitHub Check: Analyze (go)

🔇 Additional comments (2)

internal/envutil/envutil.go (2)

54-56: 👍 State synchronisation now handled correctly

Assigning envFile.Env = le after the possible mutation keeps the returned struct in-sync with the slice that might have been rebuilt by earlier helpers. Thanks for closing the gap flagged in the previous round.

---

244-246: ✅ File written with restrictive 0600 permissions

Great job tightening the permissions; secrets are no longer world-readable.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (2)

internal/envutil/envutil.go (2)

230-243: 🛠️ Refactor suggestion

Raw fallback missing – empty values are written to the file

AppendToEnvFile unconditionally writes ev.Raw, but for entries created/updated at runtime Raw may be an empty string (see previous comment). The resulting line in the .env file becomes KEY=, silently discarding the provided value.

-        buf.WriteString(fmt.Sprintf("%s=%s\n", ev.Key, ev.Raw))
+        raw := ev.Raw
+        if raw == "" {
+            raw = ev.Val
+        }
+        buf.WriteString(fmt.Sprintf("%s=%s\n", ev.Key, raw))

Apply the same fallback for the loop that writes envs a few lines below.

Without this safeguard, users risk losing data every time the file is re-written.

---

103-113: ⚠️ Potential issue

Missing variables still not written to .env – the continue prematurely skips persistence

When the user (or automation) is prompted and provides a value, ev.Val becomes non-empty.
The if ev.Val != "" { continue } statement therefore bails out before the entry is appended to addtoenvfile, so the newly supplied variable is never written to disk – the exact problem flagged in the previous review is still present.

@@
-               if ev.Val != "" {
-                   continue
-               }
-               addtoenvfile = append(addtoenvfile, env.EnvLineComment{
+               // Persist the captured value (mask if secret).
+               if ev.Raw == "" {
+                   if isSecret {
+                       ev.Raw = cstr.Mask(ev.Val)
+                   } else {
+                       ev.Raw = ev.Val
+                   }
+               }
+               addtoenvfile = append(addtoenvfile, env.EnvLineComment{
                    EnvLine: env.EnvLine{
                        Key: ev.Key,
                        Val: ev.Val,
                        Raw: ev.Raw,
                    },

This removes the early continue, ensures Raw is populated, and guarantees the variable is actually appended to – and later written into – the .env file.
Failing to fix this means interactive values vanish after the run, forcing the user to re-enter them every time.

🧹 Nitpick comments (2)

internal/envutil/envutil.go (2)

165-170: Unnecessary assignment to blank identifier (_)

The blank identifier on the right-hand side of the range statement is redundant and triggers gosimple (S1005).

-            var key string
-            for _key, _ := range keyvalue {
-                key = _key
-            }
+            var key string
+            for k := range keyvalue {
+                key = k
+            }

Pure readability / lint fix; no behavioural change.

🧰 Tools

🪛 golangci-lint (1.64.8)

167-167: S1005: unnecessary assignment to the blank identifier

(gosimple)

---

34-41: Handle the “template exists but .env doesn’t” scenario

ProcessEnvFiles skips all processing when .env is missing.
If a repository ships only a template (.env.example, .env.template) the CLI never offers to create a fresh .env, forcing users to craft one manually.

Consider:

1. Detecting the absence of an .env file when at least one template exists.
2. Offering to create the file (optionally pre-populated from the template) or doing so automatically when --force is supplied.

This greatly improves onboarding and aligns with typical .env.example workflows.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Cache: Disabled due to data retention organization setting
Knowledge Base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 9fb81a0 and f7f99ae.

📒 Files selected for processing (1)

• internal/envutil/envutil.go (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (1)

internal/envutil/envutil.go (6)

internal/project/project.go (1)

• ProjectData (44-53)

internal/deployer/deployer.go (1)

• EnvFile (14-17)

internal/util/io.go (1)

• Exists (14-19)

internal/errsystem/errorcodes.go (2)

• ErrParseEnvironmentFile (41-44)
• ErrApiRequest (21-24)

internal/errsystem/errsystem.go (2)

• WithContextMessage (100-104)
• WithUserMessage (70-74)

internal/util/strings.go (1)

• Pluralize (32-40)

🪛 golangci-lint (1.64.8)

internal/envutil/envutil.go

167-167: S1005: unnecessary assignment to the blank identifier

(gosimple)

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

internal/envutil/envutil.go (3)

165-167: Simplify range loop by removing unnecessary blank identifier

This range loop assigns to a blank identifier but only needs the key.

-				for _key, _ := range keyvalue {
-					key = _key
-				}
+				for key = range keyvalue {
+					break
+				}

🧰 Tools

🪛 golangci-lint (1.64.8)

165-165: S1005: unnecessary assignment to the blank identifier

(gosimple)

---

284-289: Consider moving maxString to a utility package

This function is a general string truncation utility that's not specific to environment handling. It might be better placed in the util package for broader reuse.

This could be moved to internal/util/strings.go and imported where needed, following the pattern used for other utility functions.

---

224-227: Consider handling the case when .env file doesn't exist

If the .env file doesn't exist, ParseEnvFileWithComments will return an error, but it might be expected to create the file in this case.

Would you like me to suggest an implementation that handles the case when the .env file doesn't exist yet?

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Cache: Disabled due to data retention organization setting
Knowledge Base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between f7f99ae and 7a90726.

📒 Files selected for processing (1)

• internal/envutil/envutil.go (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (1)

internal/envutil/envutil.go (6)

internal/project/project.go (1)

• ProjectData (44-53)

internal/deployer/deployer.go (1)

• EnvFile (14-17)

internal/util/io.go (1)

• Exists (14-19)

internal/errsystem/errorcodes.go (2)

• ErrParseEnvironmentFile (41-44)
• ErrApiRequest (21-24)

internal/errsystem/errsystem.go (2)

• WithContextMessage (100-104)
• WithUserMessage (70-74)

internal/util/strings.go (1)

• Pluralize (32-40)

🪛 golangci-lint (1.64.8)

internal/envutil/envutil.go

165-165: S1005: unnecessary assignment to the blank identifier

(gosimple)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Build and Test (windows-latest)
• GitHub Check: Test CLI Upgrade Path (windows-latest)
• GitHub Check: Analyze (go)

🔇 Additional comments (3)

internal/envutil/envutil.go (3)

246-246: Security-focused file permissions are correctly used

Using 0600 for file permissions when writing the .env file is a good security practice, as it ensures that only the owner can read and write the file, which helps protect sensitive secrets.

---

54-55: Good fix: Keeping envFile.Env in sync with le

The code correctly updates envFile.Env with the latest environment variables after processing, ensuring that downstream code sees all changes.

---

239-242: Good implementation of defensive check for Raw values

The defensive fallback for when ev.Raw is empty correctly ensures that the env file always contains values, even for newly added variables.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

internal/envutil/envutil.go (3)

35-59: Consider handling the “.env missing” scenario instead of returning nil.

ProcessEnvFiles only proceeds when an existing .env file is found (util.Exists(envfilename)), otherwise it returns envFile == nil. Many callers assume the helper will always return a usable *deployer.EnvFile; dereferencing the result without a nil-check will panic.

Two common fixes:

-	var envFile *deployer.EnvFile
+	// Always return a non-nil pointer to avoid nil-dereference surprises.
+	envFile := &deployer.EnvFile{Filepath: envfilename}

 	if (tui.HasTTY || force) && util.Exists(envfilename) {
 	    …
+	} else if util.Exists(envfilename) == false && (tui.HasTTY || force) {
+		// Create an empty .env so further logic can still operate.
+		if err := os.WriteFile(envfilename, nil, 0600); err != nil {
+			return nil, projectData // bubble up the error instead if preferred
+		}
+		envFile.Env = []env.EnvLineComment{}
+		return envFile, projectData
 	}
-	return envFile, projectData
+
+	return envFile, projectData

This guards downstream code and provides a consistent API surface.

---

167-171: Simplify loop & silence gosimple warning.

Iterating over both key and value when you only need the key triggers S1005: unnecessary assignment to the blank identifier. Capture the first key directly:

-var key string
-for _key, _ := range keyvalue {
-    key = _key
-}
+var key string
+for k := range keyvalue {
+    key = k
+    break // we only need one element
+}

🧰 Tools

🪛 golangci-lint (1.64.8)

169-169: S1005: unnecessary assignment to the blank identifier

(gosimple)

---

292-315: Duplicate helper – reuse util.MaxString instead of defining maxString.

internal/util/strings.go already exposes MaxString; redefining it here:

1. adds maintenance overhead,
2. risks diverging behaviour.

You can delete lines 292-297 and call the shared helper:

-   help = "Press enter to set as " + maxString(cstr.Mask(val), 30) + " from your .env file"
+   help = "Press enter to set as " + util.MaxString(cstr.Mask(val), 30) + " from your .env file"

Do the same for the similar call a few lines below (osenv branch).

After that, the local maxString function (lines 292-297) can be removed entirely.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Cache: Disabled due to data retention organization setting
Knowledge Base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 7a90726 and 5049547.

📒 Files selected for processing (1)

• internal/envutil/envutil.go (1 hunks)

🧰 Additional context used

🪛 golangci-lint (1.64.8)

internal/envutil/envutil.go

169-169: S1005: unnecessary assignment to the blank identifier

(gosimple)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Build and Test (macos-latest)
• GitHub Check: Build and Test (windows-latest)
• GitHub Check: Test CLI Upgrade Path (windows-latest)
• GitHub Check: Analyze (go)

🔇 Additional comments (1)

internal/envutil/envutil.go (1)

226-258: Nice security hardening with 0600 permissions.

Good catch updating os.WriteFile to restrict read access on secrets.