fix(cli): secrets set tolerates a malformed config.toml (Go parity)#5796
fix(cli): secrets set tolerates a malformed config.toml (Go parity)#5796Coly010 wants to merge 4 commits into
Conversation
## Current Behavior Go's `secrets set` (`internal/secrets/set/set.go:20-24`) swallows a malformed `supabase/config.toml` parse error to the debug logger and proceeds with empty `EdgeRuntime.Secrets` — env-file and positional-arg secrets still apply. `secrets set` has no `--linked`/`--local`/`--db-url` flag, so the root PreRun never loads the config first either; this is the only load. The TS port instead let the parse error propagate as a fatal `LegacySecretsConfigParseError`, aborting the whole command even when the user only wanted to set a secret via CLI arg or env-file. ## Expected Behavior - Catches `ProjectConfigParseError`, logs it to the debug logger, and continues with no config-declared secrets, matching Go. - The logged message is truncated before any blank-line-separated source snippet: `smol-toml`'s `TomlError` (and some schema-decode errors) embed a codeblock of the surrounding file lines in their message, which for this file's `[edge_runtime.secrets]` section can include literal secret values. Go's equivalent log line (`DecodeError.Error()`) is a short, content-free message — its verbose `.String()` with the snippet is never called by `set.go`. Truncating avoids echoing a user's own secret value into `--debug` output next to an unrelated syntax error. - Deletes the now-unused `LegacySecretsConfigParseError` (no remaining references). - Threads `LegacyDebugLogger` into the shared `legacyManagementApiRuntimeLayer` (used by many legacy commands) since the layer was already building the same instance internally for `cliConfig`/`httpClient`/`credentials` but never exposed it at the top level — the file's own doc comment describes this as the sanctioned way to add a new commonly-needed top-level service. Fixes CLI-1867
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 923815ff72
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…ors (review: #5796) Go's viper+mapstructure decode (pkg/config/config.go:749) mutates the target struct field-by-field, so a type error on an unrelated key (e.g. analytics.port) doesn't stop EdgeRuntime.Secrets from landing on utils.Config — confirmed empirically against pkg/config. Effect Schema.decodeUnknownSync is all-or-nothing, so `secrets set` was silently discarding a valid [edge_runtime.secrets] section whenever any other field in config.toml failed schema decode. ProjectConfigParseError now carries the pre-decode document when the failure is a schema-decode error (not a raw parse error) so secrets set can re-decode just the edge_runtime subtree against the full schema and recover its secrets, without loosening decode semantics for other @supabase/config callers. A genuine parse failure still has no recoverable structure in either implementation.
|
@codex review |
1 similar comment
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 19dc72c044
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
… (review: #5796) Re-decoding the whole edge_runtime subtree still failed recovery when the schema error came from a sibling field in the same table (e.g. edge_runtime.inspector_port), discarding a valid [edge_runtime.secrets] block. Verified against pkg/config directly that Go's mapstructure decode tolerates this case and still populates EdgeRuntime.Secrets, so recoverEdgeRuntimeConfig now re-slices just edge_runtime.secrets instead of the whole edge_runtime table.
The previous commit's cast (`edgeRuntime as Record<string, unknown>`) violates this repo's no-`as`-casts policy; a local `isRecord` type predicate narrows `unknown` without it. Also fixes an oxfmt formatting drift in SIDE_EFFECTS.md left over from an earlier commit in this PR.
|
@codex review |
|
Codex Review: Didn't find any major issues. Hooray! Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
Current Behavior
Go's
secrets set(internal/secrets/set/set.go:20-24) swallows a malformedsupabase/config.tomlparse error to the debug logger and proceeds with emptyEdgeRuntime.Secrets— env-file and positional-arg secrets still apply.secrets sethas no--linked/--local/--db-urlflag, so the root PreRun never loads the config first either; this is the only load. The TS port instead let the parse error propagate as a fatalLegacySecretsConfigParseError, aborting the whole command even when the user only wanted to set a secret via CLI arg or env-file.Expected Behavior
ProjectConfigParseError, logs it to the debug logger, and continues with no config-declared secrets, matching Go.smol-toml'sTomlError(and some schema-decode errors) embed a codeblock of the surrounding file lines in their message, which for this file's[edge_runtime.secrets]section can include literal secret values. Go's equivalent log line (DecodeError.Error()) is a short, content-free message — its verbose.String()with the snippet is never called byset.go. Truncating avoids echoing a user's own secret value into--debugoutput next to an unrelated syntax error.LegacySecretsConfigParseError(no remaining references).LegacyDebugLoggerinto the sharedlegacyManagementApiRuntimeLayer(used by many legacy commands) since the layer was already building the same instance internally forcliConfig/httpClient/credentialsbut never exposed it at the top level — the file's own doc comment describes this as the sanctioned way to add a new commonly-needed top-level service.Fixes CLI-1867