Commit 0f2bcd4
Use {{APP_SECRETS}} for renderer + license secret references
{{APP_NAME}}-secrets expanded to a per-app secret name, which would
require a new Control Plane Secret for every review app PR — wrong
per cpflow's own conventions.
cpflow exposes {{APP_SECRETS}} (lib/core/template_parser.rb:49,
lib/core/config.rb:51-52) which expands to `{APP_PREFIX}-secrets`.
Per our controlplane.yml, APP_PREFIX is:
- `react-webpack-rails-tutorial-production` for the prod app
- `react-webpack-rails-tutorial-staging` for the staging app
- `qa-react-webpack-rails-tutorial` for all qa-* review apps
(because match_if_app_name_starts_with: true)
So review apps all share `qa-react-webpack-rails-tutorial-secrets`
instead of each PR needing its own. Three secrets total across two
orgs instead of one per PR.
Matches the `{APP_PREFIX}-secrets` default documented at
shakacode/control-plane-flow/docs/secrets-and-env-values.md.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent 35faa50 commit 0f2bcd4
1 file changed
Lines changed: 7 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
34 | 34 | | |
35 | 35 | | |
36 | 36 | | |
37 | | - | |
38 | | - | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
39 | 42 | | |
40 | | - | |
| 43 | + | |
41 | 44 | | |
42 | | - | |
| 45 | + | |
43 | 46 | | |
44 | 47 | | |
45 | 48 | | |
| |||
0 commit comments