Skip to content

fix: env-file path mismatch in DinD compose mode#198

Merged
xdotli merged 2 commits intodev-0.3from
fix/dind-env-file-shlex
Apr 25, 2026
Merged

fix: env-file path mismatch in DinD compose mode#198
xdotli merged 2 commits intodev-0.3from
fix/dind-env-file-shlex

Conversation

@xdotli
Copy link
Copy Markdown
Member

@xdotli xdotli commented Apr 25, 2026
edited by devin-ai-integration Bot
Loading

Bug

src/benchflow/process.py:325 sets:

remote_env_path = "/tmp/benchflow_env_\$\$.env"
inner_parts.extend(["--env-file", remote_env_path])
inner_cmd = shlex.join(inner_parts)   # ← single-quotes the \$\$

shlex.join() quotes $$ literally so docker compose receives '/tmp/benchflow_env_\$\$.env' (literal). But the heredoc that writes the file uses raw f-string interpolation:

f"umask 077 && cat > {remote_env_path} <<'__BENCHFLOW_ENV__'\n..."

Bash DOES expand $$ here. Result: file written to /tmp/benchflow_env_<pid>.env, looked up at literal /tmp/benchflow_env_\$\$.env. Mismatch. Env vars (including API keys) silently dropped in DinD compose mode.

Caught by Devin while reviewing PR #176 (was a side-finding outside that PR's diff, but a real bug already on dev-0.3 from PR #193).

Fix

Generate the unique suffix in Python with `uuid.uuid4().hex[:16]`. The path becomes a literal that survives quoting unchanged on both write and read sides. Same fix applied to the direct (non-DinD) Daytona branch even though it was working — both branches expand $$ consistently there, but uuid is robust against future quoting changes.

Tests

tests/test_process.py adds two regression tests asserting no remote command contains a literal \$\$ — would have caught this exact regression. All 8 tests in test_process.py pass.

Side fix

Pre-existing SIM103 lint in _daytona_patches.py (caught while validating). One-line cleanup.

Test plan

  • 8/8 tests in test_process.py pass
  • `ruff check .` clean
  • CI runs against this branch
  • Devin reviews
Open in Devin Review

@xdotli
fix: env-file path mismatch in DinD compose mode
5fd5495 
Devin caught a real bug introduced by PR #193 (DinD compose ACP):
src/benchflow/process.py:325 sets remote_env_path = "/tmp/benchflow_env_$$.env"
expecting the remote shell to expand $$ to its PID. But shlex.join() at
line 329 single-quotes the --env-file argument, so docker compose receives
the literal string "/tmp/benchflow_env_$$.env" while the cat heredoc that
writes the file (line 339, raw f-string) does expand $$. The file is
written to /tmp/benchflow_env_<pid>.env and read from /tmp/benchflow_env_$$.env
— silent mismatch, env vars (incl. API keys) silently dropped in DinD
compose tasks.

Fix: use uuid.uuid4().hex[:16] for the unique suffix instead of relying on
shell-side $$ expansion. The path is then a literal that survives quoting.
Apply the same fix to the direct (non-DinD) Daytona branch even though it
was working — uniformity makes the path robust against future quoting
changes.

Also fix a pre-existing SIM103 lint error in _daytona_patches.py that
ruff caught while validating the test changes.

Tests: tests/test_process.py +2 regression tests pinning that no remote
command contains a literal "$$" — would catch this exact regression.
8/8 process tests pass; ruff clean.
devin-ai-integration[bot]

This comment was marked as resolved.

Sign in to view

@xdotli
test: reference PR #193 / #198 in regression test docstring
eeb30d7 
Devin caught: CLAUDE.md mandates regression tests name the commit/PR
they guard. Updated TestDaytonaProcessEnvFilePath docstring to cite
PR #198 (the fix) and PR #193 / commit cdccac7 (the regression).
@xdotli xdotli merged commit 46d5eda into dev-0.3 Apr 25, 2026
1 check passed
@xdotli xdotli mentioned this pull request Apr 25, 2026
Merged
4 tasks
@devin-ai-integration devin-ai-integration Bot mentioned this pull request Apr 25, 2026
Merged
2 tasks
@xdotli xdotli deleted the fix/dind-env-file-shlex branch April 25, 2026 11:04
EYH0602 pushed a commit to EYH0602/benchflow that referenced this pull request Apr 25, 2026
@devin-ai-integration @xdotli
fix: use unique env-file path in DaytonaPtyProcess to avoid race cond…
4300dc0 
…itions

DaytonaPtyProcess.start() used a hardcoded /tmp/.benchflow_env path,
meaning concurrent instances on the same host would overwrite each
other's env file. Use uuid.uuid4().hex[:16] suffix to match the
pattern already used in DaytonaProcess.start().

Also removes redundant local 'import uuid' since it's already
imported at module level.

Flagged by Devin Review on PR benchflow-ai#198.

Co-Authored-By: Xiangyi Li <venusli370306@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@devin-ai-integration devin-ai-integration[bot] devin-ai-integration[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@xdotli