Hi there!
Is there a way to import secrets from a running app into a newly created one using the CLI?
Use case: per branch deployments in our CI/CD pipeline.
Cheers
Not quite sure what you mean by import from a running app into a newly created one … The problem is secrets are stored encrypted. The API can’t decrypt them to get them back out again, if that’s what you mean by “from”. Check their docs for a bit more about how they work behind the scenes:
But if you are simply looking to set secrets using the CLI, sure, that’s totally do-able:
Changing the secrets will trigger a new release. As you’d need since the app would need to know the new values.
1 Like
Not possible with flyctl unless (as Greg pointed out) you somehow know the secrets (both keys & values) to set.
One way is to retrieve them from the VM itself:
-
flyctl ssh -a <app1>into a random (well, closest) VM running<app1>. -
printenvorecho $secret_name. - Note down all secret keys/values you want exported in to another Fly app,
<app2>. -
flyctl secrets set k1=v1 k2=v2 ... -a <app2> --detachwhich should trigger a deployment with these secrets imported.
2 Likes