You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I assumed they all should be kept secret and encountered some problems. Sourcehut CI can secretly write an arbitrary file to an arbitrary location during the CI bootstrap, so I thought let's recreate .wrangler/config/default.toml with all the secrets, then wrangler will detect them. Apparently, not.
# name of your Worker scriptname = "<redacted>"# api_token (env var CF_API_TOKEN) - set by Sourcehut CI writing .wrangler/config/default.toml# account_id (env var CF_ACCOUNT_ID) - same# zone_id (env var CF_ZONE_ID) - same# Specifies how wrangler build will build your project# webpack|javascript|rusttype = "webpack"#worker will be deployed to your workers.devworkers_dev = trueroute = "<redacted>.com/*"
[site]
bucket = "./build"entry-point = "workers-site"
The build failed because wrangler complained:
Error: field `account_id` is required to deploy to workers.dev
I'm wary to commit account_id and zone_id in a publicly-facing wrangler.toml. It would be nice to add some reassurance to the documentation, especially, https://developers.cloudflare.com/workers/cli-wrangler/authentication page — are these two variables, account_id and zone_id public or secret.
Also, Sourcehut CI doesn't allow to programmatically set an arbitrary global secret env vars (like Gitlab does); we can't do:
@KimJ15 it seems really weird that the most definitive statement on this issue appears not within Cloudflare Workers documentation but as a comment on Github by someone who (at least according to their Github profile) doesn't actually work for Cloudflare ? Surely it's written on a Cloudflare page somewhere ?
https://developers.cloudflare.com/workers/cli-wrangler/authentication page doesn't mention, do
account_id
andzone_id
need to be kept secret or not.I assumed they all should be kept secret and encountered some problems. Sourcehut CI can secretly write an arbitrary file to an arbitrary location during the CI bootstrap, so I thought let's recreate
.wrangler/config/default.toml
with all the secrets, thenwrangler
will detect them. Apparently, not..wrangler/config/default.toml
:and
wrangler.toml
:The build failed because
wrangler
complained:I'm wary to commit
account_id
andzone_id
in a publicly-facingwrangler.toml
. It would be nice to add some reassurance to the documentation, especially, https://developers.cloudflare.com/workers/cli-wrangler/authentication page — are these two variables,account_id
andzone_id
public or secret.Also, Sourcehut CI doesn't allow to programmatically set an arbitrary global secret env vars (like Gitlab does); we can't do:
Please consider updating https://developers.cloudflare.com/workers/cli-wrangler/authentication page to mention
account_id
andzone_id
privacy.The text was updated successfully, but these errors were encountered: