Skip to content

Env as Secret #112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fqjony merged 7 commits into from
Dec 1, 2025
Merged

Env as Secret #112

fqjony merged 7 commits into from
Dec 1, 2025

Conversation

@fqjony
Copy link
Contributor

@fqjony fqjony commented Dec 1, 2025
edited
Loading

Changes

  • Added support for secrets ref in environment variables (supported both: deployment and config envs)
  • Upgrade docker dependencies
  • Upgrade github actions dependencies
  • Added deploy.yml for simple deployment

Container logs

image

Worker Env Show

image

@fqjony fqjony self-assigned this Dec 1, 2025
@fqjony fqjony requested a review from a team December 1, 2025 14:50
@fqjony fqjony added documentation Improvements or additions to documentation enhancement New feature or request dependencies Pull requests that update a dependency file docker Pull requests that update docker code labels Dec 1, 2025
@fqjony fqjony marked this pull request as ready for review December 1, 2025 14:51
@planv planv requested a review from Copilot December 1, 2025 14:52
planv
planv previously approved these changes Dec 1, 2025
View reviewed changes
Copilot AI reviewed Dec 1, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds support for secrets referenced directly in environment variables, allowing env vars to use the same provider/vault/secret format as the dedicated secrets section. Additionally, it updates Docker dependencies (Google Cloud SDK, yq, Python) and GitHub Actions to their latest versions, and introduces a new deploy.yml configuration file for streamlined deployment.

Key changes:

  • Added functions to detect and resolve secret references in environment variables from both worker config and deployment environment
  • Updated dependency versions across Dockerfile and GitHub Actions workflows
  • Added deployment configuration file with example secret reference usage

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
lib/secrets.sh Implements secret reference detection and resolution for environment variables
lib/environment.sh Integrates secret fetching from environment variables into configuration flow
docs/config.md Documents the new secret reference feature in environment variables with examples
deploy.yml Provides deployment configuration template with secret reference example
Dockerfile Updates Python, Google Cloud SDK, and yq to newer versions
.github/workflows/release.yml Updates checkout action from v5 to v6
.github/workflows/codeql.yml Updates checkout action from v5 to v6
.github/workflows/build-and-test.yml Updates checkout action from v5 to v6

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

kavaribes
kavaribes previously approved these changes Dec 1, 2025
View reviewed changes
@fqjony fqjony dismissed stale reviews from kavaribes and planv via 83c64f1 December 1, 2025 15:41
@fqjony fqjony requested review from kavaribes and planv December 1, 2025 15:43
kavaribes
kavaribes previously approved these changes Dec 1, 2025
View reviewed changes
planv
planv previously approved these changes Dec 1, 2025
View reviewed changes
planv
planv reviewed Dec 1, 2025
View reviewed changes
@planv planv requested a review from Copilot December 1, 2025 15:55
Copilot AI reviewed Dec 1, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 8 out of 8 changed files in this pull request and generated 4 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@fqjony fqjony dismissed stale reviews from planv and kavaribes via 2f03dbb December 1, 2025 16:08
@fqjony fqjony requested a review from planv December 1, 2025 16:08
@fqjony fqjony requested a review from kavaribes December 1, 2025 16:08
@fqjony fqjony merged commit e29ba8b into latest Dec 1, 2025
6 checks passed
@fqjony fqjony deleted the env-as-secret branch December 1, 2025 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@planv planv planv approved these changes

@kavaribes kavaribes Awaiting requested review from kavaribes

Assignees

@fqjony fqjony

Labels

dependencies Pull requests that update a dependency file docker Pull requests that update docker code documentation Improvements or additions to documentation enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@fqjony @planv @kavaribes