-
Notifications
You must be signed in to change notification settings - Fork 302
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: CLI command checking missing secrets against environments #605
Comments
Hey, if this one is still up for grabs I would like to take it. |
Hey @pksieminski @eandre Since
which would then additionally exit with an error. Let me know what you think. |
Actually, now looking at what you initially wrote:
Does it then even make sense to provide environments as arguments since judging by the requirement we always want to compare dev <-> prod environments ? |
The desired behavior isn't really about comparing environments. It should accept a list of environment types and report whether any secret doesn't have a value for any of the provided environment types. (If no environment types are provided it would default to check all environment types) |
Ok makes sense, but still, the reason I am asking is as far as I know (correct me if I am wrong), currently there are only two environment types as defined here ? So the only possible combination is dev prod ... I get it if we want to cover future cases where we would have more environment types but I do hope you see my confusion? Thanks |
No, secrets can be configured for four different environment types (local, PR envs, dev, and prod). See https://encore.dev/docs/primitives/secrets |
Now it makes more sense ;) |
Hey, I submitted a PR |
Hey, just wanted to follow up - are we gonna move forward with this? |
General idea is to use this new command in GitHub Workflows, which would allow us to check PR before merge if all secrets for
development
andproduction
environments are properly set in Encore.Right now it is possible to get very late feedback loop if for example you set the secrets only on
development
environment and after some time you deploy toproduction
, where it fails on deploy step.With new command, which would list missing secrets & error if any is missing:
encore secret check [envs...]
Example usage:
The text was updated successfully, but these errors were encountered: