I’ve got an encrypted value in one of my envs whic...
# esc
I’ve got an encrypted value in one of my envs which is then pulled into the environmentVariables section, when I run
esc open <env>
it shows up properly (the unencrypted value is visible). but when I run
esc env run — env
the environment variable is set to literally “[secret]“. Am I doing something dumb or this a bug
the correct value is also visible when I run
esc open <env> --format=shell
Responded in the issue, but responding here for folks following along: ESC run purposefully elides these secrets to help prevent leaking inadvertently in logs or other output. If you pass the
flag, it will bypass this.
-i, --interactive true to treat the command as interactive and disable output filters
thanks cleve -
is a little unintuitive to me (not sure why interactivity is the thing that lets secrets be visible?)
read through the docs again, for future readers:
esc run
will still pass the un-masked secret as an env var, despite what the
command shows.
esc run
just filters the stdout of any secret values, but the secret is actually there.