Cluster secret in env var PRISMA_MANAGEMENT_API_SECRET does not match for cluster default


#1

Hi,

I am trying to implement a managementApiSecret to secure my prisma application.
My problem is the title of this post. When deploying I get this:
“Cluster secret in env var PRISMA_MANAGEMENT_API_SECRET does not match for cluster default”

I have 3 config files one for my test env one for my dev env and one for my prod env.

My prod.env looks like that:

PRISMA_ENDPOINT=hereIsMyEndpont/prod

PRISMA_SECRET=my-secret

PRISMA_MANAGEMENT_API_SECRET=m-management-secret

I am using this command to deploy to prod:

“prisma deploy -e ./config/prod.env”

My docker-compose.yml file does not contain any managementApiSecret or clusterSecret? Is that the problem? is my docker-compose.yml file even still relevant when I have 3 extra config files for test dev and prod env?

I would appreciate any help regarding my problem and the questions I pointed out.

Best Regards,
Hassan


#2

You need to specify the managment secret in docker-compose.yml. obviously do not hardcode it, use an environment variable.

The prisma secret is set during pisma deploy based on the env variable


#3

If you docker-compose file doesn’t contain managementApiSecret then anyone can deploy to it so don’t use it production. Learn more about it here: https://www.prisma.io/docs/prisma-server/authentication-and-security-kke4/#management-api-secret