How to create secrets via the machine API?

Hi,

I’m using this library in rust ( fly_sdk - Rust ). I’ve seen the author opened a thread in this forum but didn’t get an answer. this library uses the machine’s Rest API and specifically have the ability to call the create secret endpoint. However, I can invoke it with secret type such as SECRET_TYPE_KMS_HS256 however I’m specifically trying to create an app secret. Looking at the fly-go package / source code, I can see the “AppSecret” however the API responds saying this is an invalid secret type. What’s the correct value to use here? Otherwise shall i default to the GraphQL API?

//except from fly-go below
const (
// Secret types
AppSecret = “AppSecret”
VolumeEncryptionKey = “VolumeEncryptionKey”
SECRET_TYPE_KMS_HS256 = “SECRET_TYPE_KMS_HS256”
SECRET_TYPE_KMS_HS384 = “SECRET_TYPE_KMS_HS384”
SECRET_TYPE_KMS_HS512 = “SECRET_TYPE_KMS_HS512”
SECRET_TYPE_KMS_XAES256GCM = “SECRET_TYPE_KMS_XAES256GCM”
SECRET_TYPE_KMS_NACL_AUTH = “SECRET_TYPE_KMS_NACL_AUTH”
SECRET_TYPE_KMS_NACL_BOX = “SECRET_TYPE_KMS_NACL_BOX”
SECRET_TYPE_KMS_NACL_SECRETBOX = “SECRET_TYPE_KMS_NACL_SECRETBOX”
SECRET_TYPE_KMS_NACL_SIGN = “SECRET_TYPE_KMS_NACL_SIGN”
)

unfortunately this isn’t possible at the moment, Machines API secrets endpoints are only for Fly KMS (not yet GA).

Thank you for the quick response. Is the graphql API available for external use? Is there anywhere we can introspect the schema?

flyctl is open-source. it uses our fly-go library to make graphql requests, you can find the ones specific to secrets here: fly-go/resource_secrets.go at main · superfly/fly-go · GitHub