Skip to content

feat: auto-generate TYPO3 encryption key for feature branch instances#25

Merged
konradmichalik merged 1 commit intomainfrom
feature/generate-encryption-key
Mar 3, 2026
Merged

feat: auto-generate TYPO3 encryption key for feature branch instances#25
konradmichalik merged 1 commit intomainfrom
feature/generate-encryption-key

Conversation

@konradmichalik
Copy link
Contributor

@konradmichalik konradmichalik commented Mar 3, 2026
edited by coderabbitai bot
Loading

Summary

  • Replace hardcoded TYPO3 encryption key with auto-generated unique key per feature branch instance
  • Each feature branch deployment now receives its own 96-character hex encryption key via bin2hex(random_bytes(48))
  • Key can be overridden via DEPLOYER_CONFIG_ENCRYPTION_KEY environment variable

Changes

  • deployer/feature/task/feature_setup.php - Add DEPLOYER_CONFIG_ENCRYPTION_KEY to default template arguments
  • deployer/typo3/example/deployer/templates/.env.dist - Replace static key with {{DEPLOYER_CONFIG_ENCRYPTION_KEY}} placeholder

Summary by CodeRabbit

  • New Features
    • Encryption keys are now automatically generated and configured during each deployment, replacing hardcoded values with dynamic, deployment-specific keys for improved security and flexibility.

@coderabbitai
Copy link

coderabbitai bot commented Mar 3, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 49a5ff5 and fe8f039.

📒 Files selected for processing (2)
  • deployer/feature/task/feature_setup.php
  • deployer/typo3/example/deployer/templates/.env.dist
📝 Walkthrough

Walkthrough

The pull request introduces dynamic encryption key generation during deployment. A new template variable DEPLOYER_CONFIG_ENCRYPTION_KEY is created in the feature setup task using secure random byte generation and injected into template arguments. The environment configuration template is updated to use this dynamically generated key instead of a hardcoded value.

Changes

Cohort / File(s) Summary
Encryption key generation
deployer/feature/task/feature_setup.php		 Adds DEPLOYER_CONFIG_ENCRYPTION_KEY template variable, generated via bin2hex(random_bytes(48)) and merged into template arguments for template rendering.
Environment template configuration
deployer/typo3/example/deployer/templates/.env.dist		 Replaces hardcoded encryption key with templated variable reference {{DEPLOYER_CONFIG_ENCRYPTION_KEY}} for dynamic key injection at deploy time.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A key is born from random bytes so bright,
✨ No more hardcoded in plain sight,
🔐 Templates dance with variables new,
🚀 Security's built in, fresh and true!

✨ Finishing Touches
  • 📝 Generate docstrings (stacked PR)
  • 📝 Generate docstrings (commit on current branch)
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch feature/generate-encryption-key

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@konradmichalik konradmichalik merged commit 9531595 into main Mar 3, 2026
1 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@konradmichalik