From 1d1ab263aeb8f161ab08e0644d28c024c218cf69 Mon Sep 17 00:00:00 2001 From: Christian Flothmann Date: Mon, 22 Jul 2024 12:05:17 +0200 Subject: [PATCH] terminate with non-zero exit code when a secret could not be read The fix for #42038 did a bit too much. Not only did it fix the PHP error that wasn't caught before, but also changed the exit code of the command. With this change the PHP error will still be prevented, but the command will terminate with a non-zero exit code to indicate the failure that occurred while reading the stored secrets. --- UPGRADE-7.2.md | 5 +++++ src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md | 2 +- .../Command/SecretsDecryptToLocalCommand.php | 7 +------ 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/UPGRADE-7.2.md b/UPGRADE-7.2.md index a9bb8322d15f3..c6ffc2dc70630 100644 --- a/UPGRADE-7.2.md +++ b/UPGRADE-7.2.md @@ -8,6 +8,11 @@ Read more about this in the [Symfony documentation](https://symfony.com/doc/7.2/ If you're upgrading from a version below 7.1, follow the [7.1 upgrade guide](UPGRADE-7.1.md) first. +FrameworkBundle +--------------- + + * [BC BREAK] The `secrets:decrypt-to-local` command terminates with a non-zero exit code when a secret could not be read + Security -------- diff --git a/src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md b/src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md index 2db5b9674983e..7058a3fb2573f 100644 --- a/src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md +++ b/src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md @@ -8,7 +8,7 @@ CHANGELOG * Derivate `kernel.secret` from the decryption secret when its env var is not defined * Make the `config/` directory optional in `MicroKernelTrait`, add support for service arguments in the invokable Kernel class, and register `FrameworkBundle` by default when the `bundles.php` file is missing - * Add `exit` option for `secrets:decrypt-to-local` command + * [BC BREAK] The `secrets:decrypt-to-local` command terminates with a non-zero exit code when a secret could not be read 7.1 --- diff --git a/src/Symfony/Bundle/FrameworkBundle/Command/SecretsDecryptToLocalCommand.php b/src/Symfony/Bundle/FrameworkBundle/Command/SecretsDecryptToLocalCommand.php index a8892464601b6..c46da963b2ead 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Command/SecretsDecryptToLocalCommand.php +++ b/src/Symfony/Bundle/FrameworkBundle/Command/SecretsDecryptToLocalCommand.php @@ -38,7 +38,6 @@ public function __construct( protected function configure(): void { $this - ->addOption('exit', null, InputOption::VALUE_NONE, 'Returns a non-zero exit code if any errors are encountered') ->addOption('force', 'f', InputOption::VALUE_NONE, 'Force overriding of secrets that already exist in the local vault') ->setHelp(<<<'EOF' The %command.name% command decrypts all secrets and copies them in the local vault. @@ -48,10 +47,6 @@ protected function configure(): void When the --force option is provided, secrets that already exist in the local vault are overridden. %command.full_name% --force - -When the --exit option is provided, the command will return a non-zero exit code if any errors are encountered. - - %command.full_name% --exit EOF ) ; @@ -100,7 +95,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int $io->note($this->localVault->getLastMessage()); } - if ($hadErrors && $input->getOption('exit')) { + if ($hadErrors) { return 1; } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy