-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdev.env
More file actions
28 lines (25 loc) · 1.49 KB
/
Copy pathdev.env
File metadata and controls
28 lines (25 loc) · 1.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# Per-stage build/runtime config sourced by Makefile.env and Makefile.k8s.
#
# Secrets convention: any *_KEY / *_DSN_KEY value below is a TEAMVAULT LOOKUP
# KEY (~6-12 alphanumeric chars), NOT a raw secret. The real secret material
# lives in teamvault; the `teamvaultUrl` / `teamvaultPassword` template
# functions in k8s/*-secret.yaml resolve these keys at `kubectl apply` time.
# Convention reference: ~/Documents/workspaces/coding/docs/teamvault-conventions.md
export NAMESPACE=dev
export BRANCH=dev
export STAGE=dev
export SENTRY_PROXY_URL=http://sentry-proxy.dev.svc.cluster.local:9090
export SENTRY_DSN_KEY=xwXZjL
# DRY_RUN=false on dev: dev recurring-task-creator publishes CreateCommands to
# Kafka for end-to-end testing of the controller pipeline. Safe because the
# dev overlay (quant/task/recurring-schedules/overlays/dev/kustomization.yaml)
# carries ONLY the dedicated `idempotency-test-probe` Schedule — disjoint from
# prod's ~45 real schedules — so dev tasks cannot collide with prod-published
# tasks in the shared bborbe/obsidian-personal git remote.
export DRY_RUN=false
# Vault-scanner UUID-injection gate. false on dev = scanner skips UUID-less task
# files; prod handles backfill. Prevents the dev+prod race documented in
# vault [[Dev+prod vault-scanners mint conflicting UUIDs on same task file]].
# REQUIRED env (envconfig:"AUTO_INJECT_TASK_IDENTIFIER,required") — pod refuses
# to start if missing. Pick prod=true / dev=false; never both true.
export AUTO_INJECT_TASK_IDENTIFIER=false