-
-
Notifications
You must be signed in to change notification settings - Fork 117
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feature #56985 [FrameworkBundle] Derivate
kernel.secret
from the de…
…cryption secret when its env var is not defined (nicolas-grekas) This PR was merged into the 7.2 branch. Discussion ---------- [FrameworkBundle] Derivate `kernel.secret` from the decryption secret when its env var is not defined | Q | A | ------------- | --- | Branch? | 7.2 | Bug fix? | no | New feature? | yes | Deprecations? | no | Issues | #38021 | License | MIT I'm pursuing the goal of making `APP_SECRET` empty in the default recipe. See symfony/recipes#1314 for background. At the moment, `kernel.secret` is used for remember-be, login-links and ESI. This means that when you start a project, you don't need it. But once you do enable those features, you'll get an "APP_SECRET env var not found" error message. I think we can live with this error and the related DX. We need good doc of course. Still, in order to make DX a bit smoother, I propose to derivate APP_SECRET from SYMFONY_DECRYPTION_SECRET when it's set. This is what this PR does. Of course, we should also document that creating a separate `APP_SECRET` is likely a good idea. FTR, here is how one can trivially generate a value for APP_SECRET and put it in the vault, thus fixing #38021: ```sh symfony console secrets:set APP_SECRET --random ``` Commits ------- 4749871a29 [FrameworkBundle] Derivate kernel.secret from the decryption secret when its env var is not defined
- Loading branch information
Showing
5 changed files
with
24 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters