There have been multiple issues opened about the lack of newline support for values in the past, some going back a few years. #215 took a stab at this specifically for certificates in env files. And yes, in most cases simply providing a path to a cert as a value does the trick. But not in all situations.
The rather large environment I'm working in involves packaging up an application into a single bundle and shipping that off to AWS via serverless. Now, we could massage things to allow us to also ship this private key to the Lambda function, but then legal would go bananas and tell us that we're not in compliance and there'd be a whole political poopstorm internally. And no one wants that. What it boils down to is that we cannot ship a cert to the app's running destination.
Here's a sample key:value for reference:
PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
gobblygoop
-----END RSA PRIVATE KEY-----"
Note that this is not specific to certs, but to all multiline values:
MULTILINE='hello
goodby
allo'
For both, only the first line of the multiline value will be read, even though it's valid to wrap multiline values in quotes. They appear in process.env as:
PRIVATE_KEY: '"-----BEGIN RSA PRIVATE KEY-----',
MULTILINE: "'hello",
We could do what many have resorted to, and that's replacing every newline with '\n' in the cert in values in question. But holy crap does that get stupid long and it's extremely prone to errors.
This issue hits home especially hard since (on macs at least) if you place these values into a file and source the file, the system reads those values correctly. I haven't found a compelling argument against dotenv supporting the same.
What's holding dotenv back from being able to support this, when *nix flavors seem to be able to from the shell?
There have been multiple issues opened about the lack of newline support for values in the past, some going back a few years. #215 took a stab at this specifically for certificates in env files. And yes, in most cases simply providing a path to a cert as a value does the trick. But not in all situations.
The rather large environment I'm working in involves packaging up an application into a single bundle and shipping that off to AWS via serverless. Now, we could massage things to allow us to also ship this private key to the Lambda function, but then legal would go bananas and tell us that we're not in compliance and there'd be a whole political poopstorm internally. And no one wants that. What it boils down to is that we cannot ship a cert to the app's running destination.
Here's a sample key:value for reference:
Note that this is not specific to certs, but to all multiline values:
For both, only the first line of the multiline value will be read, even though it's valid to wrap multiline values in quotes. They appear in
process.envas:We could do what many have resorted to, and that's replacing every newline with
'\n'in the cert in values in question. But holy crap does that get stupid long and it's extremely prone to errors.This issue hits home especially hard since (on macs at least) if you place these values into a file and source the file, the system reads those values correctly. I haven't found a compelling argument against dotenv supporting the same.
What's holding dotenv back from being able to support this, when *nix flavors seem to be able to from the shell?