fix: enable uwsgi EXTRA_ARGS passthrough #13756
Conversation
🔴 Risk threshold exceeded.This pull request modifies a sensitive file path (docker/entrypoint-uwsgi.sh), and the scanner flagged it as a configured sensitive edit that may require review; sensitive paths and allowed authors can be configured in .dryrunsecurity.yaml.
🔴 Configured Codepaths Edit in
|
| Vulnerability | Configured Codepaths Edit |
|---|---|
| Description | Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml. |
We've notified @mtesauro.
All finding details can be found in the DryRun Security Dashboard.
| DD_UWSGI_LOGFORMAT_DEFAULT='[pid: %(pid)|app: -|req: -/-] %(addr) (%(dd_user)) {%(vars) vars in %(pktsize) bytes} [%(ctime)] %(method) %(uri) => generated %(rsize) bytes in %(msecs) msecs (%(proto) %(status)) %(headers) headers in %(hsize) bytes (%(switches) switches on core %(core))' | ||
|
|
||
| EXTRA_ARGS="" | ||
| EXTRA_ARGS="${EXTRA_ARGS:-}" |
There was a problem hiding this comment.
Isn't it better to call it DD_UWSGI_EXTRA_ARGS? As soon as EXTRA_ARGS appears in some configuration, it might be confusing: Extra args of what?
There was a problem hiding this comment.
agreed. I thought EXTRA_ARGS was some well-known way to startup uwsgi, but it's DD specific.
valentijnscholten
left a comment
valentijnscholten
left a comment
There was a problem hiding this comment.
@Bump-Action Thank you for the PR. Could you change it to be DD_UWSGI_EXTRA_ARGS?
4 participants
Description
Prevent resetting EXTRA_ARGS variable in uwsgi entry point
What problem does it solve?
Allows you to passthrough your startup parameters to the uwsgi binary