How do I manage secrets across environments vs. preview URLs in Workers?
I’m a bit lost with how Cloudflare Workers handles environments and secrets.
- If I define multiple environments in wrangler.toml (e.g. [env.prod], [env.preview], [env.dev]), Wrangler deploys them as separate Worker scripts (my-app-prod, my-app-preview, my-app-dev). Each of these can have its own secrets, which makes sense.
- But when I use the Cloudflare dashboard’s Git integration, I get automatic Preview URLs for each deployment. That part is great, but I can’t figure out how to set different secrets for previews vs. production. It looks like they all share the same secrets because they’re the same Worker, just different versions.
Is there a way to have separate secrets for Preview URLs when using the dashboard Git integration? Or do I need to stick with Wrangler environments if I want isolated secrets per environment?
What’s the recommended best practice if I want both: easy Preview URLs and different secrets for prod vs. preview?
- If I define multiple environments in wrangler.toml (e.g. [env.prod], [env.preview], [env.dev]), Wrangler deploys them as separate Worker scripts (my-app-prod, my-app-preview, my-app-dev). Each of these can have its own secrets, which makes sense.
- But when I use the Cloudflare dashboard’s Git integration, I get automatic Preview URLs for each deployment. That part is great, but I can’t figure out how to set different secrets for previews vs. production. It looks like they all share the same secrets because they’re the same Worker, just different versions.
Is there a way to have separate secrets for Preview URLs when using the dashboard Git integration? Or do I need to stick with Wrangler environments if I want isolated secrets per environment?
What’s the recommended best practice if I want both: easy Preview URLs and different secrets for prod vs. preview?
