From d83b748d3c289f851b7842a12857d60e8792d8c0 Mon Sep 17 00:00:00 2001 From: rostislav Date: Fri, 28 Feb 2025 10:51:19 +0200 Subject: [PATCH 1/3] More information about securely setting up a sensitive configuration via the CLI --- .../cli/set-configuration-values.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/help/configuration/cli/set-configuration-values.md b/help/configuration/cli/set-configuration-values.md index 6464d79cd..a668b2c66 100644 --- a/help/configuration/cli/set-configuration-values.md +++ b/help/configuration/cli/set-configuration-values.md @@ -118,19 +118,19 @@ bin/magento config:set [--scope="..."] [--scope-code="..."] [-le | --lock-env] [ **To set sensitive configuration values**: ```bash -bin/magento config:sensitive:set [--scope="..."] [--scope-code="..."] path value +bin/magento config:sensitive:set [--scope="..."] [--scope-code="..."] path мфдгу ``` The following table describes the `set` command parameters: -| Parameter | Description | -| --- | --- | -| `--scope` | The scope of the configuration. The possible values are `default`, `website`, or `store`. The default is `default`. | -| `--scope-code` | The scope code of configuration (website code or store view code) | -| `-e or --lock-env` | Either locks the value so it cannot be edited in the Admin or changes a setting that is already locked in the Admin. The command writes the value to the `/app/etc/env.php` file. | -| `-c or --lock-config` | Either locks the value so it cannot be edited in the Admin or changes a setting that is already locked in the Admin. The command writes the value to the `/app/etc/config.php` file. The `--lock-config` option overwrites `--lock-env` if you specify both options. | -| `path` | _Required_. The configuration path | -| `value` | _Required_. The value of the configuration | +| Parameter | Description | +| --- |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `--scope` | The scope of the configuration. The possible values are `default`, `website`, or `store`. The default is `default`. | +| `--scope-code` | The scope code of configuration (website code or store view code) | +| `-e or --lock-env` | Either locks the value so it cannot be edited in the Admin or changes a setting that is already locked in the Admin. The command writes the value to the `/app/etc/env.php` file. | +| `-c or --lock-config` | Either locks the value so it cannot be edited in the Admin or changes a setting that is already locked in the Admin. The command writes the value to the `/app/etc/config.php` file. The `--lock-config` option overwrites `--lock-env` if you specify both options. | +| `path` | _Required_. The configuration path | +| `value` | _Required_. The value of the configuration. Can be passed as a separate argument in a CLI command, but it is recommended to enter it via prompt ( without specifying it in the original command ). In this case you will avoid writing sensitive accesses to bash_history, which is the safest way to set the config | >[!INFO] > From e701e5e119720f3111366c0f11c091ec9e7ec7c6 Mon Sep 17 00:00:00 2001 From: Rostislav Sulejmanov <85498741+rostilos@users.noreply.github.com> Date: Mon, 3 Mar 2025 10:22:45 +0200 Subject: [PATCH 2/3] Update set-configuration-values.md --- help/configuration/cli/set-configuration-values.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/help/configuration/cli/set-configuration-values.md b/help/configuration/cli/set-configuration-values.md index a668b2c66..1d91667e8 100644 --- a/help/configuration/cli/set-configuration-values.md +++ b/help/configuration/cli/set-configuration-values.md @@ -118,7 +118,7 @@ bin/magento config:set [--scope="..."] [--scope-code="..."] [-le | --lock-env] [ **To set sensitive configuration values**: ```bash -bin/magento config:sensitive:set [--scope="..."] [--scope-code="..."] path мфдгу +bin/magento config:sensitive:set [--scope="..."] [--scope-code="..."] path ``` The following table describes the `set` command parameters: From bed299c13804812044242ec04e3ecf1147ad30f6 Mon Sep 17 00:00:00 2001 From: Margaret Eker Date: Wed, 12 Nov 2025 17:32:18 -0600 Subject: [PATCH 3/3] Apply suggestions from code review --- help/configuration/cli/set-configuration-values.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/help/configuration/cli/set-configuration-values.md b/help/configuration/cli/set-configuration-values.md index 1d91667e8..8160663c9 100644 --- a/help/configuration/cli/set-configuration-values.md +++ b/help/configuration/cli/set-configuration-values.md @@ -130,7 +130,7 @@ The following table describes the `set` command parameters: | `-e or --lock-env` | Either locks the value so it cannot be edited in the Admin or changes a setting that is already locked in the Admin. The command writes the value to the `/app/etc/env.php` file. | | `-c or --lock-config` | Either locks the value so it cannot be edited in the Admin or changes a setting that is already locked in the Admin. The command writes the value to the `/app/etc/config.php` file. The `--lock-config` option overwrites `--lock-env` if you specify both options. | | `path` | _Required_. The configuration path | -| `value` | _Required_. The value of the configuration. Can be passed as a separate argument in a CLI command, but it is recommended to enter it via prompt ( without specifying it in the original command ). In this case you will avoid writing sensitive accesses to bash_history, which is the safest way to set the config | +| `value` | _Required_. The value of the configuration. Although it can be passed as a separate argument in a CLI command, Adobe recommends that you don't specify it in the original command. Instead, run the command without the value, and then enter the value when prompted. Using this method prevents writing writing sensitive access values to bash_history, which is the safest way to set the config. >[!INFO] >