feat(test): split env config — .env (prod) vs .env.sandbox (sandbox)
provisionSandbox.ts now loads its own .env.sandbox (via @std/dotenv loadSync) instead of the shared .env, so prod (main.ts → .env) and sandbox (provisionSandbox.ts → .env.sandbox) configs don't collide. .gitignore widened to .env* (keeping .env.example tracked). .env.example rewritten to document the two-file convention + the per-env kubectl secret sources, including the caveat that a prod-seeded sandbox uses PROD's admin password. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
7
test/.gitignore
vendored
7
test/.gitignore
vendored
@@ -1,5 +1,6 @@
|
||||
# Secrets — never commit. The root .gitignore already covers .env and *.key;
|
||||
# this is defense-in-depth for the provisioning POC.
|
||||
.env
|
||||
# Secrets — never commit. Covers .env (prod, main.ts) and .env.sandbox
|
||||
# (sandbox, provisionSandbox.ts), plus any generated *.key.
|
||||
.env*
|
||||
!.env.example
|
||||
.ai_agent_sandbox.key
|
||||
*.key
|
||||
|
||||
Reference in New Issue
Block a user