Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add secrets-common for shared secrets #933

Merged
merged 1 commit into from
Sep 11, 2024
Merged

Add secrets-common for shared secrets #933

merged 1 commit into from
Sep 11, 2024

Conversation

djmb
Copy link
Collaborator

@djmb djmb commented Sep 11, 2024
edited
Loading

Add a shared secrets file used across all destinations. Useful for things Github tokens or registry passwords.

The secrets are added to a new file called secrets-common to highlight they are shared, and to avoid accidentally inheriting a secret from the secrets file to secrets.destination.

@djmb
Add secrets-common for shared secrets
9089c41 
Add a shared secrets file used across all destinations. Useful for
things Github tokens or registry passwords.

The secrets are added to a new file called `secrets-common` to highlight
they are shared, and to avoid acciedentally inheriting a secret from the
`secrets` file to `secrets.destination`.
@djmb
Copy link
Collaborator Author

djmb commented Sep 11, 2024

cc @mhenrixon

@djmb djmb merged commit debdf00 into main Sep 11, 2024
9 checks passed
@djmb djmb deleted the common-secrets branch September 11, 2024 13:20
Sija
Sija reviewed Sep 11, 2024
View reviewed changes
lib/kamal/secrets.rb

Kamal::Secrets::Dotenv::InlineCommandSubstitution.install!

def initialize(destination: nil)
@secrets_file = [ *(".kamal/secrets.#{destination}" if destination), ".kamal/secrets" ].find { |f| File.exist?(f) }
@secrets_files = \
[ ".kamal/secrets-common", ".kamal/secrets#{(".#{destination}" if destination)}" ].select { |f| File.exist?(f) }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Stylistic suggestion: secrets.common would be more inline with the rest of the destination file naming format.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

secrets.common would clash with a destination called common

@visini visini mentioned this pull request Sep 27, 2024
Merged
@nickhammond nickhammond mentioned this pull request Sep 27, 2024
Closed
@AlexB52 AlexB52 mentioned this pull request Oct 6, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Sija Sija Sija left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@djmb @Sija