Is it possible to save separate Secret keys for production deployments and development environment?
After reading the documentation, I am unable to find a way to save separate Secrets (similar to ENV variables) for dev and production environments.
Each time I stop a production instance and redeploy, there is a new deployment ID. However, it seems that the Secrets and domain settings revert and are re-loaded from the secrets that are stored in the development environment.
Ideally, I would like to have separate secrets stored for the development and production environments. Saving the configuration of a deployment (including Secrets and Domains) seems like an ideal way to do this and would save a lot of manual work at deployment time.
Is there a way to accomplish this?
Replit Profile: https://replit.com/@bill-boulger
Hi @bill-boulger and welcome!
Yes, you should be able to set production-specific secrets separate from development values. Without revealing any sensitive secrets information, would you be able to provide a little more detail on your configuration and deployment workflow so we can try to reproduce the issue?
Hi @SuzyAtReplit, thanks for the reply and offer to help.
In the attached screenshot, you can see that there are two sets of Secrets:
The Secrets used in the production environment (yellow box, labeled as “Deployment secrets” in the Replit UI) should contain different values than those in the development environment (pink box, labeled “Secrets” in the Replit UI). This is ideal to separate credentials and accounts so that webhooks, analytics, and usage data are not mixed between dev and production environments.
What I’m experiencing is that some or all of the development environment Secrets (“Secrets”) automatically populate the production environment (“Deployment secrets”) after I stop a deployment. They do seem to persist during redeployments as long as I do not shut down a deployment.
Ideally, I would be able to do the following:
- Set separate Secrets for the dev and production environments in something similar to an .env file
- Save the production Secrets in a configuration that can be re-used for future deployments so I don’t have to manually input the values before deployment
- Be assured that deployment settings will not change if I re-start a deployment after a shutdown
- (Bonus) Choose from multiple saved Secrets configurations for both the dev and production environments
I understand that .env has been deprecated so there may be another way to do this within Replit. Is this possible?
@bill-boulger Thank you for the excellent details. From what I understand, we automatically populate the Prod secrets with Dev (i.e., mirror them initially) so that users don’t have a broken experience when deploying their Repl. However, once a secret is populated in a deployment, it should be editable so it can be different from Dev.
It sounds like you saying that Prod reverts back to Dev secrets, even after you edit them? And only if you shutdown the deployment and re-start/re-deploy? Do you see a button that shows up to resynchronize secrets on redeploy?
I can try reproduce if this is the scenario. I’d have to verify with the team the current expected behavior and see what their suggestions would be.