Skip to content

feat(docker): add worker env vars and auto-generate secrets#253

Merged
LuD1161 merged 1 commit into
mainfrom
feat/docker-secrets-and-env
Feb 3, 2026
Merged

feat(docker): add worker env vars and auto-generate secrets#253
LuD1161 merged 1 commit into
mainfrom
feat/docker-secrets-and-env

Conversation

@LuD1161
Copy link
Copy Markdown
Contributor

@LuD1161 LuD1161 commented Feb 3, 2026
edited
Loading

Summary

  • Add missing env vars for worker→backend communication
  • Add just prod-init recipe to auto-generate secrets
  • Auto-run prod-init when running prod start-latest or prod-images if secrets don't exist
  • Update help with all production commands

Changes

Missing Environment Variables (docker-compose.full.yml)

  • INTERNAL_SERVICE_TOKEN: Service-to-service auth between backend/worker
  • STUDIO_API_BASE_URL: Worker→backend API URL (http://backend:3211/api/v1)

New Justfile Recipe

  • just prod-init: Generates secure random secrets and saves to docker/.env

Auto-initialization

  • just prod start-latest and just prod-images now auto-run prod-init if docker/.env doesn't exist

Why This Is Needed

Without these env vars, workflows would fail with:

  • INTERNAL_SERVICE_TOKEN env var must be set
  • Cannot POST /internal/runs (404 errors)

Test Plan

  • Deployed to studio.shipsec.ai and verified workflows complete
  • Tested just prod-init generates valid secrets
  • Verified auto-init triggers on first run
@LuD1161
feat(docker): add worker env vars and secret generation
8619357 
- Add INTERNAL_SERVICE_TOKEN for backend/worker internal auth
- Add STUDIO_API_BASE_URL for worker→backend API calls
- Add prod-init recipe to auto-generate secrets
- Update prod commands to use docker/.env file
- Add documentation header to docker-compose.full.yml
- Add docker/.env to .gitignore

Required for GHCR-based deployments where worker needs to
communicate with backend for MCP registry and run dispatching.

Signed-off-by: Aseem Shrey <LuD1161@users.noreply.github.com>
@LuD1161 LuD1161 merged commit e73fd1b into main Feb 3, 2026
3 checks passed
@LuD1161 LuD1161 deleted the feat/docker-secrets-and-env branch February 3, 2026 02:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant

@LuD1161