Skip to content

Add --confidential and --secret deploy flags#286

Open
nadahalli wants to merge 1 commit intomainfrom
tejaswi/confidential-deploy
Open

Add --confidential and --secret deploy flags#286
nadahalli wants to merge 1 commit intomainfrom
tejaswi/confidential-deploy

Conversation

@nadahalli
Copy link
Contributor

@nadahalli nadahalli commented Feb 25, 2026
edited
Loading

Confidential CRE Workflows (implementation plan)

Summary

  • Adds --confidential and --secret flags to cre workflow deploy
  • When --confidential is set, the on-chain Attributes field is populated with {"confidential":true,"vault_don_secrets":[...]} instead of empty bytes
  • --secret is repeatable, accepts KEY or KEY:namespace format
  • Validation: --secret requires --confidential
  • Confidential status and secrets are displayed in the pre-deploy summary

@nadahalli
Add --confidential and --secret flags to workflow deploy
15250f3 
Populate the Attributes field on UpsertWorkflow with a JSON payload
when deploying a confidential workflow. --secret is repeatable and
accepts KEY or KEY:namespace format. Validation enforces that --secret
requires --confidential.
@nadahalli nadahalli requested a review from a team as a code owner February 25, 2026 14:02
@github-actions
Copy link

github-actions bot commented Feb 25, 2026

⚠️ Abigen Fork Check - Update Available

The forked abigen package is outdated and may be missing important updates.

Version Value
Current Fork v1.16.0
Latest Upstream v1.17.0

Action Required

  1. Review abigen changes in upstream (only the accounts/abi/bind directory matters)
  2. Compare with our fork in cmd/generate-bindings/bindings/abigen/
  3. If relevant changes exist, sync them and update FORK_METADATA.md
  4. If no abigen changes, just update the version in FORK_METADATA.md to v1.17.0

Files to Review

  • cmd/generate-bindings/bindings/abigen/bind.go
  • cmd/generate-bindings/bindings/abigen/bindv2.go
  • cmd/generate-bindings/bindings/abigen/template.go

⚠️ Note to PR author: This is not something you need to fix. The Platform Expansion team is responsible for maintaining the abigen fork.

cc @smartcontractkit/bix-framework

@github-actions
Copy link

github-actions bot commented Feb 25, 2026

👋 nadahalli, thanks for creating this pull request!

To help reviewers, please consider creating future PRs as drafts first. This allows you to self-review and make any final changes before notifying the team.

Once you're ready, you can mark it as "Ready for review" to request feedback. Thanks!

@nadahalli
Copy link
Contributor Author

nadahalli commented Feb 25, 2026

Implementation plan: Confidential CRE Workflows (full PR chain and cross-repo dependencies)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timothyF95 timothyF95 Awaiting requested review from timothyF95

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nadahalli