From 82190ef04ef530700e38c456426f33aa08b19805 Mon Sep 17 00:00:00 2001 From: Ariel Santos Date: Thu, 16 Apr 2026 14:54:37 -0300 Subject: [PATCH] chore: add SyncSecretsDry flag to skip secrets sync in prod deployments --- internal/actions/deploy/env.go | 4 +++- internal/actions/deploy/function.go | 9 +++++++-- internal/actions/deploy/service.go | 9 +++++++-- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/internal/actions/deploy/env.go b/internal/actions/deploy/env.go index de86ad4..d1e6bd4 100644 --- a/internal/actions/deploy/env.go +++ b/internal/actions/deploy/env.go @@ -8,6 +8,7 @@ const profilePrefix = "draftea-" type EnvConfig struct { Profile string // e.g. "draftea-dev", "draftea-prod", "draftea-feature" ExtraSLSParams string // non-empty only for feature: --param="stage=feature" + SyncSecretsDry bool // if true, sets SLS_SYNC_SECRETS_DRY=true to skip secrets sync } // Stage derives the stage name from the profile by stripping the profilePrefix. @@ -21,7 +22,8 @@ var ( } ProdEnv = EnvConfig{ - Profile: profilePrefix + "prod", + Profile: profilePrefix + "prod", + SyncSecretsDry: true, } FeatureEnv = EnvConfig{ diff --git a/internal/actions/deploy/function.go b/internal/actions/deploy/function.go index 0c5ba47..f357c28 100644 --- a/internal/actions/deploy/function.go +++ b/internal/actions/deploy/function.go @@ -48,10 +48,15 @@ func DeployFunction(env EnvConfig, serviceArg string, functionNames []string) er } } + syncSecretsDry := "false" + if env.SyncSecretsDry { + syncSecretsDry = "true" + } + log.Info("Packaging service...") packageScript := fmt.Sprintf( - `cd %q && env STAGE=%s AWS_ACCOUNT=%s sls package --stage %s --verbose --aws-profile %s`, - absPath, stage, accountID, stage, env.Profile, + `cd %q && env STAGE=%s AWS_ACCOUNT=%s SLS_SYNC_SECRETS_DRY=%s sls package --stage %s --verbose --aws-profile %s`, + absPath, stage, accountID, syncSecretsDry, stage, env.Profile, ) if _, err := exec.Command(packageScript, exec.WithStdout(os.Stdout), exec.WithStderr(os.Stderr)); err != nil { return fmt.Errorf("sls package failed: %w", err) diff --git a/internal/actions/deploy/service.go b/internal/actions/deploy/service.go index 1ebcff3..0c9298f 100644 --- a/internal/actions/deploy/service.go +++ b/internal/actions/deploy/service.go @@ -63,9 +63,14 @@ func deployServiceToDir(env EnvConfig, absPath, accountID string) error { slsParams = fmt.Sprintf("%s %s", slsParams, env.ExtraSLSParams) } + syncSecretsDry := "false" + if env.SyncSecretsDry { + syncSecretsDry = "true" + } + script := fmt.Sprintf( - `cd %q && npm install && env STAGE=%s AWS_ACCOUNT=%s SLS_PARAMS=%q npm run deploy`, - absPath, stage, accountID, slsParams, + `cd %q && npm install && env STAGE=%s AWS_ACCOUNT=%s SLS_PARAMS=%q SLS_SYNC_SECRETS_DRY=%s npm run deploy`, + absPath, stage, accountID, slsParams, syncSecretsDry, ) _, err = exec.Command(script, exec.WithStdout(os.Stdout), exec.WithStderr(os.Stderr))