Skip to content

fix: include encrypted value in create --secret payload #84

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jkebinger merged 3 commits into from
Dec 17, 2025
Merged

fix: include encrypted value in create --secret payload #84

jkebinger merged 3 commits into from
Dec 17, 2025

Conversation

@jkebinger
Copy link
Contributor

@jkebinger jkebinger commented Dec 17, 2025
edited
Loading

Summary

  • Fix reforge create --secret not including the encrypted value in the API payload
  • Extract mapConfigValueToDto to shared utility to prevent similar bugs
  • Add set-default --secret to interactive menu for consistency

Problem

When using reforge create --secret, the POST payload was missing the value field:

{
  "value": {
    "type": "string",
    "confidential": true,
    "decryptWith": "reforge.secrets.encryption.key"
  }
}

The value field containing the encrypted string was not being included.

Solution

  • makeConfidentialValue returns {value: encrypted, confidential, decryptWith}
  • mapConfigValueToDto wasn't checking for configValue.value
  • Extracted to shared utility so both create and set-default use the same code path
  • Added test mock validation to catch this in the future

Test plan

  • All 284 tests pass
  • Build passes
  • Lint passes
  • Manual test: reforge create test.secret --type=string --value=test --secret

🤖 Generated with Claude Code

jkebinger and others added 3 commits December 17, 2025 12:39
@jkebinger @claude
fix: include encrypted value in create --secret payload
585af11 
When using `reforge create --secret`, the encrypted value was missing
from the API payload. The `mapConfigValueToDto` function wasn't
handling the `value` property returned by `makeConfidentialValue`.

Changes:
- Extract `mapConfigValueToDto` to shared utility (config-value-dto.ts)
- Add handling for `configValue.value` (used by encrypted values)
- Update both create.ts and set-default.ts to use shared utility
- Add payload validation in create test mock for encrypted values
- Add `set-default --secret` to interactive menu for consistency
- Bump version to 0.0.14

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@jkebinger
Prettier this file
21321c9
@jkebinger
add generated readme update
6006440
jdwyah
jdwyah approved these changes Dec 17, 2025
View reviewed changes
Copy link
Contributor

@jdwyah jdwyah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks

@jkebinger jkebinger merged commit a299cdc into main Dec 17, 2025
6 checks passed
@jkebinger jkebinger deleted the fix/create-secret-value-missing branch December 17, 2025 19:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jdwyah jdwyah jdwyah approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jkebinger @jdwyah