search

auth0 / auth0-deploy-cli

The Auth0 Deploy CLI is a tool that helps you manage your Auth0 tenant configuration. It integrates into your development workflows as a standalone CLI or as a node module.
MIT License
248 stars 155 forks source link

Allow partial exports/imports #969

Closed philippefutureboy closed 2 weeks ago

philippefutureboy commented 1 month ago

Checklist

Describe the problem you'd like to have solved

Using the export command (dump in node) result in an error if there is no credit card associated with the tenant, as logStream retrieval requires a verified credit card on file:

Error: Problem loading tenant data from Auth0 Forbidden: There must be a verified credit card on file to perform this operation
    at YAMLContext.<anonymous> (.../auth0/node_modules/auth0-deploy-cli/lib/context/yaml/index.js:144:23)
    at Generator.throw (<anonymous>)
    at rejected (.../auth0/node_modules/auth0-deploy-cli/lib/context/yaml/index.js:6:65)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

This prevents us from keeping our tenants synced across environments. It didn't use to be the case, but since we upgraded recently from 7.15.2 to 7.24.3 as part of our migration from rules to actions, this breaks the workflow. Log Stream is an opt-in feature (that we don't use in paid and unpaid tenants) so I don't understand why this would be a breaking change in a non-major version of auth0-deploy-cli.

Describe the ideal solution

Add a CLI & node interface option "exclude":

CLI: Either comma separated or repeated flag:

--exclude logStream,other
# or
--exclude logStream --exclude other

node:

const { dump } = require("auth0-deploy-cli");

await dump({
    output_folder: ...
    format: "yaml",
    config: localConfig,
    exclude: ["logStream"]
});

This would most likely require an --exclude flag on the import command as well, to avoid the auth0-deploy-cli from deleting existing resources due to their absence from the local tenant YAML manifest.

Alternatives and current workarounds

None, exporting the tenant info fails. We could instrument the package directly, but that's a lot of work, and unadvisable.

Additional context

No response

patkub commented 3 weeks ago

You can exclude logStreams and customDomains in your config.json passed to a0deploy CLI command, or Node script.

AUTH0_EXCLUDED: ["logStreams", "customDomains"]

Example config.json:

{
    "AUTH0_DOMAIN": "<YOUR_TENANT_DOMAIN_HERE>",
    "AUTH0_CLIENT_ID": "<MACHINE_TO_MACHINE_CLIENT_ID_HERE>",
    "AUTH0_CLIENT_SECRET": "<MACHINE_TO_MACHINE_CLIENT_SECRET_HERE>",
    "AUTH0_ALLOW_DELETE": false,
    "AUTH0_EXCLUDED": ["logStreams", "customDomains"]
}

Tested on both 7.24.3 and 8.0.0

philippefutureboy commented 2 weeks ago

Hi @patkub ! Thanks this effectively solves our issue :)