MAGETWO-66322: Dump env-specific and sensitive variables to env config file

Author: oshmyheliuk

app/code/Magento/Config/Model/Config/Export/Comment.php

@@ -59,30 +59,22 @@ public function __construct(
      */
     public function get()
     {
-        $comment = array_reduce($this->source->getExcludedFields(), function ($comment, $path) {
-            if ($this->isCommendRequired($path)) {
-                $comment .= "\n" . $this->placeholder->generate($path) . ' for ' . $path;
+        $comments = [];
+
+        foreach ($this->source->getExcludedFields() as $path) {
+            if ($this->typePool->isPresent($path, TypePool::TYPE_SENSITIVE)) {
+                $comments[] = $this->placeholder->generate($path) . ' for ' . $path;
             }
-            return $comment;
-        });
+        }
 
-        if ($comment) {
-            $comment = 'The configuration file doesn\'t contain sensitive data for security reasons. '
-                . 'Sensitive data can be stored in the following environment variables:'
-                . $comment;
+        if (!empty($comments)) {
+            $comments = array_merge([
+                'Shared configuration was written to config.php and system-specific configuration to env.php.',
+                'Shared configuration file (config.php) doesn\'t contain sensitive data for security reasons.',
+                'Sensitive data can be stored in the following environment variables:'
+            ], $comments);
         }
-        return $comment;
-    }
 
-    /**
-     * Checks if comment required for given configuration path.
-     *
-     * @param string $path Configuration field path
-     * @return bool
-     */
-    private function isCommendRequired($path)
-    {
-        return $this->typePool->isPresent($path, TypePool::TYPE_SENSITIVE)
-            && !$this->typePool->isPresent($path, TypePool::TYPE_ENVIRONMENT);
+        return implode(PHP_EOL, $comments);
     }
 }

app/code/Magento/Config/Model/Config/Parser/Comment.php

@@ -55,7 +55,8 @@ public function __construct(
      *      //...
      *  ],
      * // ...
-     * // The configuration file doesn't contain sensitive data for security reasons.
+     * // Shared configuration was written to config.php and system-specific configuration to env.php.
+     * // Shared configuration file (config.php) doesn't contain sensitive data for security reasons.
      * // Sensitive data can be stored in the following environment variables:
      * // CONFIG__DEFAULT__SOME__CONF__PATH_ONE for some/conf/path_one
      *  'system' => [],

app/code/Magento/Config/Test/Unit/Model/Config/Export/CommentTest.php

@@ -148,27 +148,23 @@ public function dataProviderForTestGet()
                 'expectedMessage' => ''
             ],
             [
-                'sensitive' => ['some/sensitive/field1', 'some/sensitive/field2', 'some/sensitiveAndEnv/field1'],
+                'sensitive' => ['some/sensitive/field1', 'some/sensitive/field2', 'some/sensitive_and_env/field'],
                 'notSensitive' => ['some/notSensitive/field1', 'some/notSensitive/field2'],
                 'expectedMocks' => [
                     'typePoolMock' => [
                         'isPresent' => [
-                            'expects' => $this->exactly(8),
+                            'expects' => $this->exactly(5),
                             'returnMap' => [
                                 ['some/sensitive/field1', TypePool::TYPE_SENSITIVE, true],
-                                ['some/sensitive/field1', TypePool::TYPE_ENVIRONMENT, false],
                                 ['some/sensitive/field2', TypePool::TYPE_SENSITIVE, true],
-                                ['some/sensitive/field2', TypePool::TYPE_ENVIRONMENT, false],
-                                ['some/sensitiveAndEnv/field1', TypePool::TYPE_SENSITIVE, true],
-                                ['some/sensitiveAndEnv/field1', TypePool::TYPE_ENVIRONMENT, true],
+                                ['some/sensitive_and_env/field', TypePool::TYPE_SENSITIVE, true],
                                 ['some/notSensitive/field1', TypePool::TYPE_SENSITIVE, false],
-                                ['some/notSensitive/field2', TypePool::TYPE_SENSITIVE, false],
                             ]
                         ],
                     ],
                     'placeholderMock' => [
                         'generate' => [
-                            'expects' => $this->exactly(2),
+                            'expects' => $this->exactly(3),
                             'returnMap' => [
                                 [
                                     'some/sensitive/field1',
@@ -182,14 +178,24 @@ public function dataProviderForTestGet()
                                     null,
                                     'CONFIG__SOME__SENSITIVE__FIELD2'
                                 ],
+                                [
+                                    'some/sensitive_and_env/field',
+                                    ScopeConfigInterface::SCOPE_TYPE_DEFAULT,
+                                    null,
+                                    'CONFIG__SOME__SENSITIVE_AND_ENV__FIELD'
+                                ],
                             ],
                         ],
                     ],
                 ],
-                'expectedMessage' => 'The configuration file doesn\'t contain sensitive data for security reasons. '
-                    . 'Sensitive data can be stored in the following environment variables:'
-                    . "\n" . 'CONFIG__SOME__SENSITIVE__FIELD1 for some/sensitive/field1'
-                    . "\n" . 'CONFIG__SOME__SENSITIVE__FIELD2 for some/sensitive/field2'
+                'expectedMessage' => implode(PHP_EOL, [
+                    'Shared configuration was written to config.php and system-specific configuration to env.php.',
+                    'Shared configuration file (config.php) doesn\'t contain sensitive data for security reasons.',
+                    'Sensitive data can be stored in the following environment variables:',
+                    'CONFIG__SOME__SENSITIVE__FIELD1 for some/sensitive/field1',
+                    'CONFIG__SOME__SENSITIVE__FIELD2 for some/sensitive/field2',
+                    'CONFIG__SOME__SENSITIVE_AND_ENV__FIELD for some/sensitive_and_env/field'
+                ])
             ],
         ];
     }

app/code/Magento/Config/Test/Unit/Model/Config/_files/config.local.php

@@ -12,7 +12,8 @@
         ],
     ],
     /**
-     * The configuration file doesn't contain sensitive data for security reasons.
+     * Shared configuration was written to config.php and system-specific configuration to env.php.
+     * Shared configuration file (config.php) doesn't contain sensitive data for security reasons.
      * Sensitive data can be stored in the following environment variables:
      * CONFIG__DEFAULT__SOME__PAYMENT__PASSWORD for some/payment/password
      */

dev/tests/integration/testsuite/Magento/Deploy/Console/Command/App/ApplicationDumpCommandTest.php

@@ -135,11 +135,14 @@ public function testExecute()
             ]
         ]);
 
-        $comment = 'The configuration file doesn\'t contain sensitive data for security reasons. '
-            . 'Sensitive data can be stored in the following environment variables:'
-            . "\nCONFIG__DEFAULT__WEB__TEST__TEST_SENSITIVE for web/test/test_sensitive"
-            . "\nCONFIG__DEFAULT__WEB__TEST__TEST_SENSITIVE3 for web/test/test_sensitive3"
-            . "\nCONFIG__DEFAULT__WEB__TEST__TEST_SENSITIVE_ENVIRONMENT5 for web/test/test_sensitive_environment5";
+        $comment = implode(PHP_EOL, [
+            'Shared configuration was written to config.php and system-specific configuration to env.php.',
+            'Shared configuration file (config.php) doesn\'t contain sensitive data for security reasons.',
+            'Sensitive data can be stored in the following environment variables:',
+            'CONFIG__DEFAULT__WEB__TEST__TEST_SENSITIVE for web/test/test_sensitive',
+            'CONFIG__DEFAULT__WEB__TEST__TEST_SENSITIVE3 for web/test/test_sensitive3',
+            'CONFIG__DEFAULT__WEB__TEST__TEST_SENSITIVE_ENVIRONMENT5 for web/test/test_sensitive_environment5'
+        ]);
         $outputMock = $this->getMock(OutputInterface::class);
         $outputMock->expects($this->at(0))
             ->method('writeln')

dev/tests/integration/testsuite/Magento/Deploy/_files/_config.local.php

@@ -8,7 +8,8 @@
         'websites' => []
     ],
     /**
-     * The configuration file doesn't contain sensitive data for security reasons.
+     * Shared configuration was written to config.php and system-specific configuration to env.php.
+     * Shared configuration file (config.php) doesn't contain sensitive data for security reasons.
      * Sensitive data can be stored in the following environment variables:
      * CONFIG__DEFAULT__SOME__CONFIG__PATH_ONE for some/config/path_one
      * CONFIG__DEFAULT__SOME__CONFIG__PATH_TWO for some/config/path_two

dev/tests/integration/testsuite/Magento/Deploy/_files/config.php

@@ -8,7 +8,8 @@
         'websites' => []
     ],
     /**
-     * The configuration file doesn't contain sensitive data for security reasons.
+     * Shared configuration was written to config.php and system-specific configuration to env.php.
+     * Shared configuration file (config.php) doesn't contain sensitive data for security reasons.
      * Sensitive data can be stored in the following environment variables:
      * CONFIG__DEFAULT__SOME__CONFIG__PATH_ONE for some/config/path_one
      * CONFIG__DEFAULT__SOME__CONFIG__PATH_TWO for some/config/path_two