Add test for complex envvars with special characters

This requires changing the test inputs to expect JSON instead of K=V pairs in our e2e runner.

Author: sethvargo

.github/workflows/integration.yml

@@ -62,7 +62,7 @@ jobs:
         service: '${{ env.SERVICE_NAME }}'
         env_vars: |-
           FOO=bar
-          ZIP=zap
+          ZIP=zap\,with|separators\,and&stuff
         env_vars_file: './tests/fixtures/env_vars.txt'
         secrets: |-
           MY_SECRET=${{ vars.SECRET_NAME }}:latest
@@ -77,10 +77,28 @@ jobs:
       env:
         PROJECT_ID: ${{ vars.PROJECT_ID }}
         SERVICE: '${{ env.SERVICE_NAME }}'
-        ENV: 'FOO=bar,ZIP=zap,TEXT_FOO=bar,TEXT_ZIP=zap'
-        SECRET_ENV: MY_SECRET=${{ vars.SECRET_NAME }}:latest,MY_SECOND_SECRET=${{ vars.SECRET_NAME }}:1
-        PARAMS: '{"cpu":2, "containerConcurrency":20}'
-        LABELS: '{"label1":"value1", "label2":"value2"}'
+        ENV: |-
+          {
+            "FOO": "bar",
+            "ZIP": "zap,with|separators,and&stuff",
+            "TEXT_FOO": "bar",
+            "TEXT_ZIP": "zap"
+          }
+        SECRET_ENV: |-
+          {
+            "MY_SECRET": "${{ vars.SECRET_NAME }}:latest",
+            "MY_SECOND_SECRET": "${{ vars.SECRET_NAME }}:1"
+          }
+        PARAMS: |-
+          {
+            "cpu": "2",
+            "containerConcurrency": "20"
+          }
+        LABELS: |-
+          {
+            "label1": "value1",
+            "label2": "value2"
+          }
 
     - id: 'deploy-cloudrun-again'
       name: 'Deploy again'
@@ -98,11 +116,36 @@ jobs:
       env:
         PROJECT_ID: ${{ vars.PROJECT_ID }}
         SERVICE: '${{ env.SERVICE_NAME }}'
-        ENV: 'FOO=bar,ZIP=zap,TEXT_FOO=bar,TEXT_ZIP=zap,ABC=123,DEF=456'
-        SECRET_ENV: MY_SECRET=${{ vars.SECRET_NAME }}:latest,MY_SECOND_SECRET=${{ vars.SECRET_NAME }}:1
-        SECRET_VOLUMES: /api/secrets/my-secret=${{ vars.SECRET_NAME }}:latest
-        PARAMS: '{"cpu":2, "containerConcurrency":20}'
-        LABELS: '{"label1":"value1", "label2":"value2", "commit-sha":"${{ github.sha }}", "managed-by":"github-actions"}'
+        ENV: |-
+          {
+            "FOO": "bar",
+            "ZIP": "zap,with|separators,and&stuff",
+            "TEXT_FOO": "bar",
+            "TEXT_ZIP": "zap,with|separators,and&stuff",
+            "ABC": "123",
+            "DEF": "456"
+          }
+        SECRET_ENV: |-
+          {
+            "MY_SECRET": "${{ vars.SECRET_NAME }}:latest",
+            "MY_SECOND_SECRET": "${{ vars.SECRET_NAME }}:1"
+          }
+        SECRET_VOLUMES: |-
+          {
+            "/api/secrets/my-secret": "${{ vars.SECRET_NAME }}:latest"
+          }
+        PARAMS: |-
+          {
+            "cpu": "2",
+            "containerConcurrency": "20"
+          }
+        LABELS: |-
+          {
+            "label1": "value1",
+            "label2": "value2",
+            "commit-sha": "${{ github.sha }}",
+            "managed-by": "github-actions"
+          }
         REVISION_COUNT: 2
 
   metadata:
@@ -141,9 +184,20 @@ jobs:
       env:
         PROJECT_ID: '${{ vars.PROJECT_ID }}'
         SERVICE: '${{ env.SERVICE_NAME }}'
-        PARAMS: '{"cpu":2, "memory":"1Gi", "containerConcurrency":20}'
-        ANNOTATIONS: '{"run.googleapis.com/cloudsql-instances":"test-project:us-central1:my-test-instance"}'
-        LABELS: '{"test_label":"test_value"}'
+        PARAMS: |-
+          {
+            "cpu": "2",
+            "memory": "1Gi",
+            "containerConcurrency": "20"
+          }
+        ANNOTATIONS: |-
+          {
+            "run.googleapis.com/cloudsql-instances": "test-project:us-central1:my-test-instance"
+          }
+        LABELS: |-
+          {
+            "test_label": "test_value"
+          }
 
     - id: 'deploy-cloudrun-again'
       name: 'Deploy again'
@@ -156,6 +210,14 @@ jobs:
       env:
         PROJECT_ID: '${{ vars.PROJECT_ID }}'
         SERVICE: '${{ env.SERVICE_NAME }}'
-        PARAMS: '{"cpu":2, "memory":"1Gi", "containerConcurrency":20}'
-        ANNOTATIONS: '{"run.googleapis.com/cloudsql-instances":"test-project:us-central1:my-test-instance"}'
+        PARAMS: |-
+          {
+            "cpu": "2",
+            "memory": "1Gi",
+            "containerConcurrency": "20"
+          }
+        ANNOTATIONS: |-
+          {
+            "run.googleapis.com/cloudsql-instances": "test-project:us-central1:my-test-instance"
+          }
         REVISION_COUNT: 2

README.md

@@ -97,6 +97,16 @@ jobs:
         ZIP=zap
     ```
 
+    Entries are separated by commas (`,`) and newline characters. Keys and
+    values are separated by `=`. To use `,`, `=`, or newline characters, escape
+    them with a backslash:
+
+    ```yaml
+    with:
+      env_vars: |
+        [email protected]\,[email protected]
+    ```
+
 -   `env_vars_file`: (Optional) Path to a file on disk, relative to the
     workspace, that defines environment variables. The file can be
     newline-separated KEY=VALUE pairs, JSON, or YAML format. If both `env_vars`
@@ -124,6 +134,9 @@ jobs:
     ZIP: 'zap'
     ```
 
+    When specified as KEY=VALUE pairs, the same escaping rules apply as
+    described in `env_vars`. You do not have to escape YAML or JSON.
+
 -   `secrets`: (Optional) List of key=value pairs to use as secrets. These can
     either be injected as environment variables or mounted as volumes. All
     existing environment secrets and volume mounts will be retained.
@@ -138,6 +151,9 @@ jobs:
         /secrets/api/key=secret-key-2:latest
     ```
 
+    The same rules apply for escaping entries as from `env_vars`, but Cloud Run
+    is more restrictive with allowed keys and names for secrets.
+
 -   `labels`: (Optional) List of key=value pairs to set as labels on the Cloud
     Run service. Existing labels will be overwritten.
 
@@ -147,7 +163,8 @@ jobs:
         my-label=my-value
     ```
 
-    Labels have strict naming and casing requirements. See [Requirements for
+    The same rules apply for escaping entries as from `env_vars`, but labels
+    have strict naming and casing requirements. See [Requirements for
     labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels#requirements)
     for more information.