New api keys disabled a way to fetch them in CLI #4775
Description
Describe the bug
When we create a new preview environment for a PR, we create a new supabase branch, we get the keys from supabase projects api-keys CLI call and put them into the env variables, so all the services have access to the preview specific branch. It works well with the legacy keys but now for some reason it was decided that the secret api key returned by supabase projects api-keys will be redacted without any flag to override that decision. This makes it impossible to use the new keys and we're slowly getting forced to make the switch. The key is accessible in the UI dashboard anyway. The new keys are marketed as drop-in replacement but they are not in a way that's very crucial for our setup.
To Reproduce
Steps to reproduce the behavior:
- Call
supabase projects api-keys - Compare legacy
service_rolekey that's accessible in full withdefaultkey that starts withsb_secret_prefix and it's mostly redacted.
Expected behavior
There should be a flag that makes the secret key accessible in full, especially for the json output format that we use to get that information in a format that's easy to process.