Closed oliverturner closed 7 years ago
Unfortunately this approach doesn't work in the common case that one runs serverless decrypt -s {stage} -p pass
on a supplied secrets.{stage}.yml.encrypted
file. My guess is that this is because references in the plugin to serverless.yml
cause it to get parsed and validated in advance of the secrets file being created: any properties dependent on this file will cause an error to be thrown.
./tools/serverless/secrets.dev.yml.encrypted
serverless.yml
containing
custom:
pluginConfig:
secrets:
localPath: "./tools/serverless"
secrets: ${file(${self:custom.pluginConfig.secrets.localPath}/secrets.${opt:stage}.yml)}
Calling serverless decrypt -s dev -p 'mypassword'
results in
Serverless Warning --------------------------------------
A valid file to satisfy the declaration 'file(./tools/serverless/secrets.dev.yml)'
could not be found.
Do I understand correctly that this requirements was covered with https://github.com/serverless/serverless-secrets-plugin/pull/2
btw I released a new version of the plugin on NPM today
I think so... I'll let you know if not!
Thanks for the update 👍
This PR provides a sample pattern for adding extra config for plugins under the
custom
config key:It also consolidates the logic for calculating paths to secrets and encrypted files into a single function for the sake of consistency.