10000 secrets:decrypt-to-local always exits successfully, even when there were errors · Issue #57539 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

secrets:decrypt-to-local always exits successfully, even when there were errors #57539

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
petrisorciprian-vitals opened this issue Jun 26, 2024 · 1 comment · Fixed by #57670
Closed

secrets:decrypt-to-local always exits successfully, even when there were errors #57539

petrisorciprian-vitals opened this issue Jun 26, 2024 · 1 comment · Fixed by #57670
Labels
Feature FrameworkBundle

Comments

@petrisorciprian-vitals
Copy link
petrisorciprian-vitals commented Jun 26, 2024
edited
Loading

Description

The secrets:decrypt-to-local command exits successfully, even when there are errors.
This seems to be by design, and was changed here:
#43137

Steps to reproduce:

  1. Do not set an env for the decryption key
  2. Run bin/console secrets:decrypt-to-local --force --env=prod
  3. Errors are printed, saying decryption failed.
  4. Inspect exit code (echo $?), it is 0.

This makes it very hard to have reliable usage in deployment scripts, as no matter if the command fails or not, it exits with code 0 (e.g. missing decryption key) -- for the moment I'm grepping the output to work around this.

I propose either that an appropriate exit code is returned when secrets are not decrypted properly.
This can be opt in, via a CLI flag (e.g. bin/console secrets:decrypt-to-local --force --env=prod --fail-on-errors).

Example

bin/console secrets:decrypt-to-local --force --env=prod **--fail-on-errors**
echo $? // prints 1 if there were errors

OR

bin/console secrets:decrypt-to-local --force --env=prod
echo $? // prints 1 if there were errors
@dciprian-petrisor dciprian-petrisor mentioned this issue Jul 6, 2024
Merged
@javiereguiluz
Copy link
Member

@dcestari thanks for adding this feature and its docs ... and congrats on your first Symfony Docs contribution 🎉

@wouterj wouterj mentioned this issue Jul 22, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature FrameworkBundle
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[FrameworkBundle] Add exit option to secrets:decrypt-to-local command dciprian-petrisor/symfony
3 participants
@javiereguiluz @xabbuh @petrisorciprian-vitals
0