feat: import/export of config and secrets #1982
Conversation
matt2e
force-pushed
the
matt2e/secret-import-export
branch
from
862ed85 to
cee8568
Compare
| in.ExpectError( | ||
| in.ExecWithOutput("ftl", "deploy", "notexportedverb"), | ||
| "call first argument must be a function but is an unresolved reference to echo.Echo, does it need to be exported?"), | ||
| in.ExecWithExpectedError("call first argument must be a function but is an unresolved reference to echo.Echo, does it need to be exported?", |
There was a problem hiding this comment.
Why the change? The previous function was generalisable to any Action.
There was a problem hiding this comment.
I went in circles a bit on this:
- When I used
ExecWithOutputI expected to be able to use the output. It didn't indicate that it was only capturing the output in case of an error - I then tried to make
ExecWithOutputwork for both success success and error cases:- For success cases, call a func with the output (like the replacement
ExecWithOutputaction I added) - For error cases throw the error with the output (old behaviour)
- For success cases, call a func with the output (like the replacement
- It then felt a bit messy for the error case so I tried cleaning it up.
I can go back to ExecWithOutput handling both cases. Thoughts?
There was a problem hiding this comment.
I think it's fine to introduce new functionality, but that doesn't seem like a reason to remove in.ExpectError()?
There was a problem hiding this comment.
Yeh I see what you mean. I've moved them back into one func called ExecWithOutput which works like before for the error case (used in conjunction with ExpectError and an empty capture func).
|
What's the behaviour when restoring, I assume it will just write the values in the dump, not remove any extra keys in the target? |
|
FYI @AlexSzlavik |
That's right. Existing refs that aren't in the dump aren't touched. So it's less of a "restore" and more of an "import" |
matt2e
force-pushed
the
matt2e/secret-import-export
branch
from
093aaea to
7d5d345
Compare
matt2e
changed the title
matt2e
changed the title
matt2e
force-pushed
the
matt2e/secret-import-export
branch
from
06ca81d to
f9a77be
Compare
closes #1947 closes #1772 Creates an entry in 1Password called `<projectname>.secrets` with each secret stored in a password field called `<modulename>.<secretname>` Username is set to a warning string as that is presented at the top of the 1Password UI. This will break existing secrets stored in 1Password. Migration can be done using commands made available in: #1982
closes #1948
Usage:
Exporting
Prints json of all secrets to stdout:
ftl secret exportExports all inline secrets to a json file
ftl secret export --inline > exported.jsonImporting
Imports json from a file:
ftl secret import --inline exported.jsonMigrating
Migrates inline secrets to 1Password:
ftl secret export --inline | ftl secret import --op --opvault <vauld id>JSON Format