fix(env): fail safely on undecrypted environment ciphertext#4816
Closed
ETdoFresh wants to merge 1 commit into
Closed
fix(env): fail safely on undecrypted environment ciphertext#4816ETdoFresh wants to merge 1 commit into
ETdoFresh wants to merge 1 commit into
Conversation
Author
|
Sorry, didn't mean to put this here, was going to do this locally on my fork first. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
enc:v1:values before they reach dotenv parsingRoot cause and impact
Environment encryption added in #4789 intentionally returns raw ciphertext from the Drizzle custom type when decryption fails. That keeps database reads available, but deployment code then passes the ciphertext to
dotenv.parse().An
enc:v1:...payload is not a valid dotenv assignment, so it parses to an empty object. The Swarm application builder subsequently writesTaskTemplate.ContainerSpec.Env: [], silently removing every configured runtime variable while the deployment can still finish successfully.This was observed on Dokploy Cloud v0.29.12 with a Dockerfile Application targeting a remote single-node Swarm:
application.onereturned all 9 configured environment keys.done.ContainerSpec.Env: []and the container was missing all configured variables.docker service update --env-add ...restored the service, but the next Dokploy deployment removed the variables again.Because Dokploy Cloud dispatches remote deployments to the separate deployment service, the likely trigger is a web/worker version mismatch or inconsistent
ENCRYPTION_KEY/BETTER_AUTH_SECRET. That infrastructure condition still needs to be corrected. This patch provides a safe execution boundary: undecrypted ciphertext can no longer be mistaken for an intentionally empty environment.No secret values are included here.
Validation
pnpm --filter=dokploy exec vitest --config __test__/vitest.config.ts run __test__/env— 79 tests passedpnpm --filter=@dokploy/server typecheckpnpm --filter=dokploy typecheckpnpm exec biome check packages/server/src/utils/docker/utils.ts apps/dokploy/__test__/env/shared.test.tsgit diff --checkRelated context: #4516