W
Wasp-lang•4d ago
CamBlackwood

Issue deploying with secrets

wasp deploy fly deploy cmd --context server secrets set $SECRETS This is giving me an error - error: unknown option '--context' The secrets are correct for sure - I am following this guide https://wasp-lang.dev/docs/advanced/deployment/cli
Deploying with the Wasp CLI | Wasp
Wasp CLI can deploy your full-stack application with only a single command.
22 Replies
kapa.ai
kapa.ai•4d ago
Hi @CamBlackwood. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave: ---------------------- It seems like there's a slight misunderstanding in the command you're trying to run. The --context option is used with the wasp deploy fly cmd command, not with wasp deploy fly deploy. If you want to set secrets for your server app, you should use the wasp deploy fly cmd command like this: 
wasp deploy fly cmd secrets set YOUR_SECRET_KEY=your_secret_value --context server
wasp deploy fly cmd secrets set YOUR_SECRET_KEY=your_secret_value --context server
After setting the secrets, you can deploy your app with the wasp deploy fly deploy command: 
wasp deploy fly deploy
wasp deploy fly deploy
If you want to check if you've added your secrets correctly, you can list them by running wasp deploy fly cmd secrets list --context server. Remember, the --context option is used to specify whether the command should be run for the 'server' or 'client' part of your application. For more details, you can refer to the Wasp CLI documentation (https://wasp-lang.dev/docs/advanced/deployment/cli#cmd). ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
CamBlackwood
CamBlackwood•4d ago
@kapa.ai once i've done all this, how can I verify what the env variables are in produciton?
kapa.ai
kapa.ai•4d ago
Let me check the knowledge base for you. One moment! :books: ---------------------- To verify the environment variables in production, you can use the flyctl secrets list command. This command will list all the secrets (environment variables) that you have set for your application. However, for security reasons, the actual values of the secrets will be hashed to protect your sensitive data. Here is how you can run the command: 
wasp deploy fly cmd secrets list --context server
wasp deploy fly cmd secrets list --context server
This command will list all the secrets set for the server part of your application. Please note that this command will only list the secrets that you have set using the flyctl secrets set command. It will not list environment variables that are set in other ways. For more details, you can refer to the Wasp documentation (https://wasp-lang.dev/docs/advanced/deployment/manually#set-up-a-flyio-app). ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
CamBlackwood
CamBlackwood•4d ago
@kapa.ai that only gives me the "digest" -what's the way to see the actual value (if possible)
kapa.ai
kapa.ai•4d ago
Let me check the knowledge base for you. One moment! :books: ---------------------- For security reasons, you cannot directly view the actual values of environment variables (secrets) in a production environment once they have been set. This is a standard security measure to protect sensitive data. The flyctl secrets list command only provides a digest or a hash of the secret, not the actual value. This is done to prevent unauthorized access to sensitive information. If you need to know the value of a secret, you should keep a secure record of it when you set it. If you've lost a secret value, the best practice is to generate a new value, update it in your production environment, and update any places in your code that use it. For more details, you can refer to the Wasp documentation (https://wasp-lang.dev/docs/advanced/deployment/manually#set-up-a-flyio-app). ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
CamBlackwood
CamBlackwood•4d ago
@kapa.ai I've followed the instructions fully but when I try and use my app in production, I get "Invalid API Key provided" error, with a masked value that is not the value I set in the secrets set stage (the last characters are not the same). I've done a hard reload and multiple deployments and it doesn't seem to change. I also regenerated my secret key in the stripe dashboard and have deployed the new one.
kapa.ai
kapa.ai•4d ago
Let me check the knowledge base for you. One moment! :books: ---------------------- It seems like the issue might be related to how the environment variables are being used in your application. Here are a few things you can check: 1. Correct Variable Name: Ensure that the environment variable name in your code matches exactly with the name you used when setting the secret. Environment variable names are case-sensitive. 2. Client vs Server Variables: If the API key is being used in the client-side code, make sure you're setting it as a client environment variable. Client environment variables are embedded into the client code during the build process. They should be provided to the build command like this: 
REACT_APP_SOME_VAR_NAME=somevalue npm run build
REACT_APP_SOME_VAR_NAME=somevalue npm run build
Remember, you should never store secrets like API keys in client environment variables as they are public and readable by anyone. If the API key is being used in the server-side code, make sure you're setting it as a server environment variable. 3. Deployment: Make sure you're deploying your application after setting the environment variables. The new environment variables won't take effect until the application is redeployed. 4. Regenerating API Key: If you regenerated your API key in the Stripe dashboard, make sure you updated the environment variable in your production environment and redeployed your application. If you've checked all of these and the issue persists, it might be a good idea to ask for help in the Wasp Discord community (https://discord.com/channels/686873244791210014/1217941277979574315) or open an issue in the Wasp Github repository (https://github.com/wasp-lang/wasp/issues). For more details on how to manage environment variables in Wasp, you can refer to the Wasp documentation (https://wasp-lang.dev/docs/project/env-vars#defining-env-vars-in-production). ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
CamBlackwood
CamBlackwood•4d ago
@kapa.ai do I need to have any stripe keys in the client code?
kapa.ai
kapa.ai•4d ago
Let me check the knowledge base for you. One moment! :books: ---------------------- No, you should not store Stripe keys or any other sensitive information in the client-side code. As per the Wasp documentation (https://wasp-lang.dev/docs/project/env-vars), client environment variables are embedded into the client code during the build and shipping process, making them public and readable by anyone. Therefore, you should never store secrets in them, such as secret API keys. If you need to use Stripe keys or other sensitive information, you should use them in the server-side code and store them as server environment variables. These are not publicly readable, so it's safe to store secret values in them. Remember, always be careful when handling sensitive information like API keys. Exposing these keys can lead to serious security issues. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
CamBlackwood
CamBlackwood•4d ago
@kapa.ai sorry, I meant in the client environment variables
kapa.ai
kapa.ai•4d ago
Let me check the knowledge base for you. One moment! :books: ---------------------- In the client-side environment variables, you should not store any sensitive information such as Stripe keys. As per the Wasp documentation (https://wasp-lang.dev/docs/project/env-vars), client environment variables are embedded into the client code during the build and shipping process, making them public and readable by anyone. Therefore, you should never store secrets in them. If you need to use non-sensitive configuration data in your client-side code, you can use client environment variables. These variables must be prefixed with REACT_APP_, for example: REACT_APP_SOME_VAR_NAME=.... You can provide them to the build command like this: 
REACT_APP_SOME_VAR_NAME=somevalue npm run build
REACT_APP_SOME_VAR_NAME=somevalue npm run build
However, remember to never store any sensitive information in these variables. If you need to use sensitive information like Stripe keys, use them in the server-side code and store them as server environment variables. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
CamBlackwood
CamBlackwood•4d ago
@kapa.ai if I try and redeploy just the stripe key via cmd secrets set will I delete other environment variables? eg running wasp deploy fly cmd secrets set STRIPE_KEY=sk_live... by itself when I have 10-12 other env variables?
kapa.ai
kapa.ai•4d ago
Let me check the knowledge base for you. One moment! :books: ---------------------- No, running the secrets set command with a specific key will not delete or affect other environment variables. This command will only set or update the specific secret you've mentioned. So, if you run: 
wasp deploy fly cmd secrets set STRIPE_KEY=sk_live... --context server
wasp deploy fly cmd secrets set STRIPE_KEY=sk_live... --context server
It will only set or update the STRIPE_KEY secret and will not touch any of your other environment variables. For more details, you can refer to the Wasp documentation (https://wasp-lang.dev/docs/advanced/deployment/cli#cmd). ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
CamBlackwood
CamBlackwood•4d ago
@kapa.ai I think it's updated now as I'm getting this error - You must provide either price or price_data for each line item when using prices.
kapa.ai
kapa.ai•4d ago
Let me check the knowledge base for you. One moment! :books: ---------------------- This error message is typically shown when you're trying to create a Stripe Checkout Session and you haven't provided a price or price_data for each line item. In Stripe, a line item represents a product or service that you're selling. Each line item must have a price or price_data associated with it. The price is a reference to a Stripe Price object, and price_data is an object that contains information about the price of the line item. Here's an example of how you might create a Checkout Session with a line item: 
const session = await stripe.checkout.sessions.create({
  payment_method_types: ['card'],
  line_items: [
    {
      price_data: {
        currency: 'usd',
        product_data: {
          name: 'My Product',
        },
        unit_amount: 2000,
      },
      quantity: 1,
    },
  ],
  mode: 'payment',
  success_url: '<https://example.com/success',>
  cancel_url: '<https://example.com/cancel',>
});
const session = await stripe.checkout.sessions.create({
  payment_method_types: ['card'],
  line_items: [
    {
      price_data: {
        currency: 'usd',
        product_data: {
          name: 'My Product',
        },
        unit_amount: 2000,
      },
      quantity: 1,
    },
  ],
  mode: 'payment',
  success_url: '<https://example.com/success',>
  cancel_url: '<https://example.com/cancel',>
});
In this example, price_data is used to specify the price of the line item. If you have a predefined Price object in Stripe, you can reference it by its ID: 
const session = await stripe.checkout.sessions.create({
  payment_method_types: ['card'],
  line_items: [
    {
      price: 'price_1JH2C2CZ6qsJgndJaS9fZpH4',
      quantity: 1,
    },
  ],
  mode: 'payment',
  success_url: '<https://example.com/success',>
  cancel_url: '<https://example.com/cancel',>
});
const session = await stripe.checkout.sessions.create({
  payment_method_types: ['card'],
  line_items: [
    {
      price: 'price_1JH2C2CZ6qsJgndJaS9fZpH4',
      quantity: 1,
    },
  ],
  mode: 'payment',
  success_url: '<https://example.com/success',>
  cancel_url: '<https://example.com/cancel',>
});
In this case, price is the ID of a Price object in Stripe. If you're still having trouble, it might be a good idea to ask for help in the Wasp Discord community (https://discord.com/channels/686873244791210014/1217941277979574315) or open an issue in the Wasp Github repository (https://github.com/wasp-lang/wasp/issues). ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @CamBlackwood, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
Want results from more Discord servers?
Add your server