Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PDE-5660] feat(cli): Require --force flag when updating production integration version environment variables via env:set or env:unset #942

Merged
merged 4 commits into from
Jan 14, 2025

Conversation

rnegron
Copy link
Member

@rnegron rnegron commented Jan 3, 2025

The idea here is to provide a bit of a warning for a potentially dangerous operation for live app versions. In fact, UI integrations can't update env vars for production versions at all, so it makes sense to add a buffer here for CLI integrations.

Since is_production is a backend check, let's react to a specific HTTP status and let the user know how to override via --force. I'm not using this.confirm (similar to user:add) since having users re-write the command with the added flag is even stricter.

See related backend MR: https://gitlab.com/zapier/zapier/-/merge_requests/60723

@rnegron rnegron marked this pull request as ready for review January 7, 2025 20:26
@rnegron rnegron requested a review from a team as a code owner January 7, 2025 20:26

if (this.flags.force) {
requestOptions.extraHeaders = {
'X-Force-Env-Var-Update': 'true',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmmm I don't see this header referenced in the /multi-environment/ endpoint 🤔 or the Mixin classes it's a child of, are the headers directly passed to the lambda pools or am I looking at the wrong place?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this MR is the corresponding backend change.

Copy link
Member

@eliangcs eliangcs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the developer experience change is good. But I have some suggestions on the code. Let me know what you think. Thanks!

char: 'f',
description:
'Force the update of environment variables regardless if the app version is production or not. Use with caution.',
hidden: true,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it'd be more clear if --force is visible in the help text. Any reason to hide it?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right; I think in my head I was hoping to discourage folks from modifying live variables by "hiding" the option. But ultimately, they will see how to override via the error shown on 409. So let's not complicate their lives and just show the option 😆

packages/cli/src/oclif/commands/env/unset.js Show resolved Hide resolved
packages/cli/src/utils/api.js Outdated Show resolved Hide resolved

if (this.flags.force) {
requestOptions.extraHeaders = {
'X-Force-Env-Var-Update': 'true',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this MR is the corresponding backend change.

@rnegron rnegron requested a review from eliangcs January 8, 2025 18:25
Copy link
Member

@eliangcs eliangcs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thanks!

@rnegron rnegron merged commit 44d599e into main Jan 14, 2025
14 checks passed
@rnegron rnegron deleted the PDE-5660 branch January 14, 2025 15:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants