how to set secrets from JSON file?


how can I set sectrets from Google OAuth JSON file? When I copied the file as a string I got an error

PS C:\Users\> flyctl.exe set GOOGLE_OAUTH2_CLIENT_SECRETS_JSON={"web":{"client_id":"","project_id":"-3630","auth_uri":"","token_uri":"","auth_provider_x509_cert_url":"","client_secret":"-yMbT_foVRNsnTYVb1bh"}} -a zzrec
At line:1 char:56
+ flyctl.exe set GOOGLE_OAUTH2_CLIENT_SECRETS_JSON={"web":{"client_id": ...
+                                                        ~
Unexpected token ':' in expression or statement.
At line:1 char:69
+ ... {"client_id":" ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Unexpected token ':""' in expression or
At line:1 char:144
+ ...","project ...
+                                                                 ~
Missing argument in parameter list.
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : UnexpectedToken

Thank you

You can base64 it and set it as one big string (as long as it fits the undocumented, unknown size-limit for secrets), like so:

# on a *nix, from a loooong b64:
echo "long-base64-text..." | fly secrets set SECRET_BIG_B64=-

# and, from a file
fly secrets set SECRET_MASSIVE_TXT =- < file.txt

Ref: How are you managing cert files with Fly? - #16 by michael


It was actually good enough to enclose the JSON text in single quote

1 Like

so from a file using< does not work for me. I did not base64 it

PS C:\Users\Radek> flyctl secrets -a zzrec set GOOGLE_OAUTH2_CLIENT_SECRETS_JSON=- < C:\downloads\
At line:1 char:65

  • … tl secrets -a zzrec set GOOGLE_OAUTH2_CLIENT_SECRETS_JSON=- < C:\down …
  •                                                             ~

The ‘<’ operator is reserved for future use.
+ CategoryInfo : ParserError: (:slight_smile: , ParentContainsErrorRecordException
+ FullyQualifiedErrorId : RedirectionNotSupported

I solved this issue on Windows by setting each key in the JSON file as a separate environment variable.
Which went well with well. But I was facing an issue with a key in my JSON file because it has a humongous value that spanned many lines in the terminal.

To fix that this Windows Powershell Command that did the job for me:

flyctl secrets set private_key="$((Get-Content secrets.json | ConvertFrom-Json).private_key)" --json 

Here is the bash equivalent of this(Not verified):

flyctl secrets set private_key="$(jq -r '.private_key' secrets.json)" --json

These commands basically extract the key private_key from the secrets.json file in my root directory.
The resulting value is passed as a parameter to the flyctl secrets set command.

1 Like