Commit 45e0fc5
#3008 added a $rejectEnvSecrets guard that hard-failed any non-empty
env.secret with Wheels.Deploy.EnvSecretUnsupported, which made the
env.secret block scaffolded by `wheels deploy init` (WHEELS_RELOAD_PASSWORD)
un-deployable without manual editing. #3167 then retired that guard and
implemented env.secret delivery via a remote --env-file (600 perms, SFTP),
so the scaffolded block is now correct and deploys end-to-end.
This pins that contract with two DeployMainCliSpec regression tests:
- the init scaffold round-trips through config() and deploy --dry-run with
no EnvSecretUnsupported/EnvSecretMissing, and the dry-run routes the
secret through the --env-file path;
- a deploy of the scaffold delivers WHEELS_RELOAD_PASSWORD to the role env
file over SFTP (FakeSshPool uploadString), never in argv.
Both tests fail if the scaffold drops its env.secret block (verified by
temporarily removing it), so they guard the scaffold and the deploy engine
against drifting apart again. No template or engine change is needed: the
scaffold is correct as shipped now that env.secret is a delivered feature.
CLI suite (lucee7 docker harness): 1071 pass / 0 fail / 2 tolerated
docker-env artifacts (SshClientSpec/SshPoolSpec require docker-in-docker).
Refs #3008, #3167
Fixes #3158
Signed-off-by: Peter Amiri <petera@pai.com>
Co-authored-by: Peter Amiri <petera@pai.com>
1 parent d02136e commit 45e0fc5
2 files changed
Lines changed: 89 additions & 0 deletions
File tree
- changelog.d
- cli/lucli/tests/specs/deploy/cli
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
349 | 349 | | |
350 | 350 | | |
351 | 351 | | |
| 352 | + | |
| 353 | + | |
| 354 | + | |
| 355 | + | |
| 356 | + | |
| 357 | + | |
| 358 | + | |
| 359 | + | |
| 360 | + | |
| 361 | + | |
| 362 | + | |
| 363 | + | |
| 364 | + | |
| 365 | + | |
| 366 | + | |
| 367 | + | |
| 368 | + | |
| 369 | + | |
| 370 | + | |
| 371 | + | |
| 372 | + | |
| 373 | + | |
| 374 | + | |
| 375 | + | |
| 376 | + | |
| 377 | + | |
| 378 | + | |
| 379 | + | |
| 380 | + | |
| 381 | + | |
| 382 | + | |
| 383 | + | |
| 384 | + | |
| 385 | + | |
| 386 | + | |
| 387 | + | |
| 388 | + | |
| 389 | + | |
| 390 | + | |
| 391 | + | |
| 392 | + | |
| 393 | + | |
| 394 | + | |
| 395 | + | |
| 396 | + | |
| 397 | + | |
| 398 | + | |
| 399 | + | |
| 400 | + | |
| 401 | + | |
| 402 | + | |
| 403 | + | |
| 404 | + | |
| 405 | + | |
| 406 | + | |
| 407 | + | |
| 408 | + | |
| 409 | + | |
| 410 | + | |
| 411 | + | |
| 412 | + | |
| 413 | + | |
| 414 | + | |
| 415 | + | |
| 416 | + | |
| 417 | + | |
| 418 | + | |
| 419 | + | |
| 420 | + | |
| 421 | + | |
| 422 | + | |
| 423 | + | |
| 424 | + | |
| 425 | + | |
| 426 | + | |
| 427 | + | |
| 428 | + | |
| 429 | + | |
| 430 | + | |
| 431 | + | |
| 432 | + | |
| 433 | + | |
| 434 | + | |
| 435 | + | |
| 436 | + | |
| 437 | + | |
| 438 | + | |
| 439 | + | |
352 | 440 | | |
353 | 441 | | |
354 | 442 | | |
| |||
0 commit comments