introduce environment allow list

2024-06-02 10:54:44 +12:00 · 2021-01-21 13:37:59 +01:00 · 2021-01-21 13:37:59 +01:00 · d048c9eeb9
parent fb12bf84d0
commit d048c9eeb9
2 changed files with 28 additions and 7 deletions
--- a/app/config/environments.php
+++ b/app/config/environments.php
@ -1,8 +1,12 @@
 <?php
+use Utopia\App;
+
+$allowList = empty(App::getEnv('_APP_FUNCTIONS_ENV_ALLOWLIST', null)) ? false : \explode(',', App::getEnv('_APP_FUNCTIONS_ENV_ALLOWLIST', null));
+
 /**
 * List of Appwrite Cloud Functions supported environments
 */
-return [
+$environments = [
    'node-14.5' => [
        'name' => 'Node.js',
        'version' => '14.5',
@ -91,4 +95,11 @@ return [
        'build' => '/usr/src/code/docker/environments/dart-2.10.4',
        'logo' => 'dart.png',
    ],
-];
+];
+
+
+if ($allowList) {
+    $environments = array_intersect_key($environments, array_flip($allowList));
+}
+
+return $environments;
--- a/app/config/variables.php
+++ b/app/config/variables.php
@ -1,5 +1,7 @@
 <?php

+use Utopia\Config\Config;
+
 return [
    [
        'category' => 'General',
@ -22,7 +24,7 @@ return [
                'question' => '',
            ],
            [
-                'name' => '_APP_OPTIONS_FORCE_HTTPS', 
+                'name' => '_APP_OPTIONS_FORCE_HTTPS',
                'description' => 'Allows you to force HTTPS connection to your API. This feature redirects any HTTP call to HTTPS and adds the \'Strict-Transport-Security\' header to all HTTP responses. By default, set to \'disabled\'. To enable, set to \'enabled\'. This feature will work only when your ports are set to default 80 and 443.',
                'introduction' => '',
                'default' => 'enabled',
@ -51,7 +53,7 @@ return [
                'introduction' => '',
                'default' => 'localhost',
                'required' => true,
-                'question' => "Enter a DNS A record hostname to serve as a CNAME for your custom domains.\nYou can use the same value as used for the Appwrite hostname.",
+                'question' => 'Enter a DNS A record hostname to serve as a CNAME for your custom domains.\nYou can use the same value as used for the Appwrite hostname.',
            ],
            [
                'name' => '_APP_CONSOLE_WHITELIST_EMAILS',
@ -63,7 +65,7 @@ return [
            ],
            [
                'name' => '_APP_CONSOLE_WHITELIST_DOMAINS',
-                'description' => "This option allows you to limit creation of users to Appwrite console for users sharing the same email domains. This option is very useful for team working with company emails domain.\n\nTo enable this option, pass a list of allowed email domains separated by a comma.",
+                'description' => 'This option allows you to limit creation of users to Appwrite console for users sharing the same email domains. This option is very useful for team working with company emails domain.\n\nTo enable this option, pass a list of allowed email domains separated by a comma.',
                'introduction' => '',
                'default' => '',
                'required' => false,
@ -71,7 +73,7 @@ return [
            ],
            [
                'name' => '_APP_CONSOLE_WHITELIST_IPS',
-                'description' => "This last option allows you to limit creation of users in Appwrite console for users sharing the same set of IP addresses. This option is very useful for team working with a VPN service or a company IP.\n\nTo enable/activate this option, pass a list of allowed IP addresses separated by a comma.",
+                'description' => 'This last option allows you to limit creation of users in Appwrite console for users sharing the same set of IP addresses. This option is very useful for team working with a VPN service or a company IP.\n\nTo enable/activate this option, pass a list of allowed IP addresses separated by a comma.',
                'introduction' => '',
                'default' => '',
                'required' => false,
@ -225,7 +227,7 @@ return [
    ],
    [
        'category' => 'SMTP',
-        'description' => "Appwrite is using an SMTP server for emailing your projects users and server admins. The SMTP env vars are used to allow Appwrite server to connect to the SMTP container.\n\nIf running in production, it might be easier to use a 3rd party SMTP server as it might be a little more difficult to set up a production SMTP server that will not send all your emails into your user's SPAM folder.",
+        'description' => 'Appwrite is using an SMTP server for emailing your projects users and server admins. The SMTP env vars are used to allow Appwrite server to connect to the SMTP container.\n\nIf running in production, it might be easier to use a 3rd party SMTP server as it might be a little more difficult to set up a production SMTP server that will not send all your emails into your user\'s SPAM folder.',
        'variables' => [
            [
                'name' => '_APP_SMTP_HOST',
@ -351,6 +353,14 @@ return [
                'required' => false,
                'question' => '',
            ],
+            [
+                'name' => '_APP_FUNCTIONS_ENV_ALLOWLIST',
+                'description' => 'This option allows you to limit the available environments for cloud functions. This option is very useful for low-cost servers to safe disk space.\n\nTo enable/activate this option, pass a list of allowed environments separated by a comma.\n\nCurrently, support environments are: ' . \implode(', ', \array_keys(Config::getParam('providers'))),
+                'introduction' => '0.7.0',
+                'default' => '',
+                'required' => false,
+                'question' => '',
+            ],
        ],
        [
            'category' => 'Maintenance',