Secret Files with Blueprint

Question: Is it possible to setup Secret Files with Blueprint specs in render? I see no mention of this in the documentation

Why: I utilize Prisma and whenever we push a new version, a migration has to apply a new schema to the DB if there is one. This requires us to have access to the DATABASE_URL at build time. From my knowledge this means we must use a Secret File instead of Env Vars in Render. We are currently utilizing Blueprint but must manually configure the Secret Files after the build fails the first time syncing with the Blueprint.

Here is a small snippet of our Dockerfile to help understand how we’re currently going about it. Of course the build fails the first time because when running the first command to copy the secret file, its not present; thus failing the migration.

RUN --mount=type=secret,id=_env,dst=/etc/secrets/.env echo /etc/secrets/.env > apps/api/.env
RUN mv .env apps/api/.env
RUN pnpm api:build
RUN pnpm api:migrate

Hi Rykuno,

You’re exactly right. Since DATABASE_URL is required for you during build time, you must use a Secret File instead of Env Vars. Unfortunately, you’re also right that there’s no way to set up Secret Files, and you must configure Secret Files on the dashboard after the build fails the first time syncing with the Blueprint. Sorry! I understand this is pretty inconvenient.

No issue at all and such a minor inconvenience for this fantastic platform; was just making sure I wasn’t missing anything. I’ll make a feature request and cross my fingers

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.