From fa572ee1d7fd2cea6717ab3a52a93d30d536c04b Mon Sep 17 00:00:00 2001 From: Petrisor Ciprian Daniel Date: Fri, 19 Jul 2024 23:31:27 +0300 Subject: [PATCH] [Config] Secrets decrypt exit option --- configuration/secrets.rst | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/configuration/secrets.rst b/configuration/secrets.rst index f717456a22c..b16c36643aa 100644 --- a/configuration/secrets.rst +++ b/configuration/secrets.rst @@ -271,11 +271,20 @@ manually store this file somewhere and deploy it. There are 2 ways to do that: .. code-block:: terminal - $ APP_RUNTIME_ENV=prod php bin/console secrets:decrypt-to-local --force + $ APP_RUNTIME_ENV=prod php bin/console secrets:decrypt-to-local --force --exit This will write all the decrypted secrets into the ``.env.prod.local`` file. After doing this, the decryption key does *not* need to remain on the server(s). + Note the usage of the ``--exit`` option: this forces all secrets to be successfully + decrypted, otherwise a non-zero exit code is returned. + + If you wish to continue regardless of errors occurring during decryption, you may omit this option. + + .. versionadded:: 7.2 + + The ``--exit`` option was introduced in Symfony 7.2. + Rotating Secrets ----------------