cpl 2.0.1 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7601f22a541072ea22c5745496d77ee63409d8975903f14582e2681963e9e0ff
-  data.tar.gz: e3a189dbb1506571133924f9640bd144c6c1a7d1a7233096b9fbd13bef8b0a82
+  metadata.gz: 468f47cb0e1cf3cdb710b885949188c68f40fd74ad4236379a5a6c6fd55739c1
+  data.tar.gz: fc83d4ef5ee3ded08d52ca5f2df92e5ee261df6fcefd27f673452d0ba265a650
 SHA512:
-  metadata.gz: f0e2603b1e9d29e2f23deb2620edb94a51e13763a48985064facfd9ce2f9a61731267176766ad037e826430283c253300334e35514c9de60a5cda59a97c8b81a
-  data.tar.gz: 8c97ac2b7d5f349d90a41bf1acb8dea6e72d107cb275361792547ca9faa4b1bca66bc2566558a05fb336e1bee39d577c9c5cc0e3602971037cd2d44d5f975ed8
+  metadata.gz: dac1051680d2b3c69473636a9babd19b8799ea6e2eaadbb26582836641f7a73e843e4a26c32f41206edb0a6b21ab89b9b62cc08087360d75a562c3b6bb40188d
+  data.tar.gz: 52ca1f46ff0d459f450e1a1bd82b6efce780e9b6480ebbda955722eef4bea3a98d71cdaff076691b4cfe93e77c42285f358bfb4ba9adf857c961108302a4f5d6

data/.gitignore

@@ -14,4 +14,5 @@
 # rspec failure tracking
 .rspec_status
 
-spec.log
+/spec.log
+/spec/dummy/.controlplane/controlplane*-tmp-*.yml

data/CHANGELOG.md

@@ -12,194 +12,220 @@ Please follow the recommendations outlined at [keepachangelog.com](https://keepa
 
 Changes since the last non-beta release.
 
-_Please add entries here for your pull requests that are not yet released._
+_Please add entries here for your pull requests that have not yet been released._
 
 ### Fixed
 
-- Fixed issue where `cleanup-stale-apps` command fails to delete apps with volumesets. [PR 175](https://github.com/shakacode/heroku-to-control-plane/pull/175) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where release script was not running from the app image. [PR 183](https://github.com/shakacode/control-plane-flow/pull/183) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where deprecated options were not being warned. [PR 183](https://github.com/shakacode/control-plane-flow/pull/183) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+
+### Added
+
+- Added post-creation hook to `setup-app` command (configurable through `hooks.post_creation` in `controlplane.yml`). [PR 183](https://github.com/shakacode/control-plane-flow/pull/183) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added pre-deletion hook to `delete` command (configurable through `hooks.pre_deletion` in `controlplane.yml`). [PR 183](https://github.com/shakacode/control-plane-flow/pull/183) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `doctor` command to run validations. [PR 185](https://github.com/shakacode/control-plane-flow/pull/185) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+
+### Changed
+
+- `cpl` now sets `CPLN_SKIP_UPDATE_CHECK` to `true` for all internal `cpln` calls, which disables the version check and prevents cluttering the logs. [PR 180](https://github.com/shakacode/control-plane-flow/pull/180) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `setup-app` command now automatically creates a secret, policy, and identity for the app if they do not exist. The `--skip-secrets-setup` option prevents this behavior. [PR 181](https://github.com/shakacode/control-plane-flow/pull/181) by [Rafael Gomes](https://github.com/rafaelgomesxyz). [PR 190](https://github.com/shakacode/control-plane-flow/pull/190) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Specific validations are now run before commands, and the command will exit with a non-zero code if any validation fails. Can be disabled by setting `DISABLE_VALIDATIONS` env var to `true`. [PR 185](https://github.com/shakacode/control-plane-flow/pull/185) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Deprecated the `--skip-secret-access-binding` option in favor of `--skip-secrets-setup`. This can also now be configured through `skip_secrets_setup` in `controlplane.yml` [PR 190](https://github.com/shakacode/control-plane-flow/pull/190) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+
+## [2.0.2] - 2024-05-17
+
+- Fixed issue with improper handling of job statuses. Fixed issue with interactive magic string showing and exit code. [PR 177](https://github.com/shakacode/control-plane-flow/pull/177) by [Sergey Tarasov](https://github.com/dzirtusss).
+
+## [2.0.1] - 2024-05-15
+
+### Fixed
+
+- Fixed issue where `cleanup-stale-apps` command fails to delete apps with volumesets. [PR 175](https://github.com/shakacode/control-plane-flow/pull/175) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [2.0.0] - 2024-05-14
 
 ### BREAKING CHANGES
 
-- Commands that finished with a failure now exit with code `64` instead of `1`. [PR 132](https://github.com/shakacode/heroku-to-control-plane/pull/132) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Bumped minimum `cpln` version to `2.0.1` (`cpln workload cron get` is required). [PR 171](https://github.com/shakacode/heroku-to-control-plane/pull/171) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `run:cleanup` command has been removed. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `deploy-image` command now runs the release script in the context of the `run` command. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Commands that finished with a failure now exit with code `64` instead of `1`. [PR 132](https://github.com/shakacode/control-plane-flow/pull/132) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Bumped minimum `cpln` version to `2.0.1` (`cpln workload cron get` is required). [PR 171](https://github.com/shakacode/control-plane-flow/pull/171) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `run:cleanup` command has been removed. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `deploy-image` command now runs the release script in the context of the `run` command. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Fixed
 
-- Fixed race conditions when using latest image in `run` command. [PR 163](https://github.com/shakacode/heroku-to-control-plane/pull/163) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed race conditions when using latest image in `run` command. [PR 163](https://github.com/shakacode/control-plane-flow/pull/163) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Added
 
-- Added options to `run` command to override the workload container's `--cpu`, `--memory`, and `--entrypoint`. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `--workload` option to `delete` command to delete a specific workload. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `--replica` option to `logs` command to see logs from a specific replica. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `--replica` option to `ps:stop` command to stop a specific replica. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added option to set custom names for secrets and secrets policy, using `secrets_name` and `secrets_policy_name` in `controlplane.yml`. [PR 159](https://github.com/shakacode/heroku-to-control-plane/pull/159) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added options to `run` command to override the workload container's `--cpu`, `--memory`, and `--entrypoint`. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--workload` option to `delete` command to delete a specific workload. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--replica` option to `logs` command to see logs from a specific replica. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--replica` option to `ps:stop` command to stop a specific replica. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added option to set custom names for secrets and secrets policy, using `secrets_name` and `secrets_policy_name` in `controlplane.yml`. [PR 159](https://github.com/shakacode/control-plane-flow/pull/159) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Changed
 
-- An error is now raised if the org does not exist. [PR 167](https://github.com/shakacode/heroku-to-control-plane/pull/167) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Common options are now shown in help. [PR 169](https://github.com/shakacode/heroku-to-control-plane/pull/169) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `run` command now uses a single reusable cron workload and works for both interactive and non-interactive jobs. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `run:detached` command has been deprecated in favor of `run`. [PR 151](https://github.com/shakacode/heroku-to-control-plane/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `deploy-image` command now raises an error if image does not exist. [PR 153](https://github.com/shakacode/heroku-to-control-plane/pull/153) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `delete` command now unbinds identity from policy (if bound) when deleting app. [PR 170](https://github.com/shakacode/heroku-to-control-plane/pull/170) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- An error is now raised if the org does not exist. [PR 167](https://github.com/shakacode/control-plane-flow/pull/167) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Common options are now shown in help. [PR 169](https://github.com/shakacode/control-plane-flow/pull/169) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `run` command now uses a single reusable cron workload and works for both interactive and non-interactive jobs. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `run:detached` command has been deprecated in favor of `run`. [PR 151](https://github.com/shakacode/control-plane-flow/pull/151) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `deploy-image` command now raises an error if image does not exist. [PR 153](https://github.com/shakacode/control-plane-flow/pull/153) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `delete` command now unbinds identity from policy (if bound) when deleting app. [PR 170](https://github.com/shakacode/control-plane-flow/pull/170) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.4.0] - 2024-03-20
 
 ### Added
 
-- Added new template substitution variables (used by `apply-template` and `setup-app` commands): `{{APP_LOCATION_LINK}}`, `{{APP_IMAGE_LINK}}`, `{{APP_IDENTITY}}`, `{{APP_IDENTITY_LINK}}`, `{{APP_SECRETS}}` and `{{APP_SECRETS_POLICY}}`. [PR 146](https://github.com/shakacode/heroku-to-control-plane/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `--run-release-phase` option to `deploy-image` command to run release script before deploying (same step as in `promote-app-from-upstream` command). [PR 146](https://github.com/shakacode/heroku-to-control-plane/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added new template substitution variables (used by `apply-template` and `setup-app` commands): `{{APP_LOCATION_LINK}}`, `{{APP_IMAGE_LINK}}`, `{{APP_IDENTITY}}`, `{{APP_IDENTITY_LINK}}`, `{{APP_SECRETS}}` and `{{APP_SECRETS_POLICY}}`. [PR 146](https://github.com/shakacode/control-plane-flow/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--run-release-phase` option to `deploy-image` command to run release script before deploying (same step as in `promote-app-from-upstream` command). [PR 146](https://github.com/shakacode/control-plane-flow/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Changed
 
-- Template substitution (used by `apply-template` and `setup-app` commands) now uses double braces (e.g., `APP_ORG` -> `{{APP_ORG}}`). This change is backwards compatible. [PR 146](https://github.com/shakacode/heroku-to-control-plane/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Renamed template substitution variable `APP_GVC` to `{{APP_NAME}}` (used by `apply-template` and `setup-app` commands). This change is backwards compatible. [PR 146](https://github.com/shakacode/heroku-to-control-plane/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `setup-app` command now automatically binds the app to the secrets policy, as long as both the identity and the policy exist. Added `--skip-secret-access-binding` option to prevent this behavior. [PR 146](https://github.com/shakacode/heroku-to-control-plane/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Local API token is now refreshed when it is about to expire. [PR 146](https://github.com/shakacode/heroku-to-control-plane/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `apply-template` command now exits with non-zero code if failed to apply any templates. [PR 146](https://github.com/shakacode/heroku-to-control-plane/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Template substitution (used by `apply-template` and `setup-app` commands) now uses double braces (e.g., `APP_ORG` -> `{{APP_ORG}}`). This change is backwards compatible. [PR 146](https://github.com/shakacode/control-plane-flow/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Renamed template substitution variable `APP_GVC` to `{{APP_NAME}}` (used by `apply-template` and `setup-app` commands). This change is backwards compatible. [PR 146](https://github.com/shakacode/control-plane-flow/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `setup-app` command now automatically binds the app to the secrets policy, as long as both the identity and the policy exist. Added `--skip-secret-access-binding` option to prevent this behavior. [PR 146](https://github.com/shakacode/control-plane-flow/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Local API token is now refreshed when it is about to expire. [PR 146](https://github.com/shakacode/control-plane-flow/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `apply-template` command now exits with non-zero code if failed to apply any templates. [PR 146](https://github.com/shakacode/control-plane-flow/pull/146) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.3.0] - 2024-03-19
 
 ### Fixed
 
-- Fixed issue where cpln profile was not switched back to `default` if an error happened while running `copy-image-from-upstream` command. [PR 135](https://github.com/shakacode/heroku-to-control-plane/pull/135) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed issue that didn't allow using upstream with `match_if_app_name_starts_with` set to `true` in `copy-image-from-upstream` command. [PR 136](https://github.com/shakacode/heroku-to-control-plane/pull/136) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where cpln profile was not switched back to `default` if an error happened while running `copy-image-from-upstream` command. [PR 135](https://github.com/shakacode/control-plane-flow/pull/135) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue that didn't allow using upstream with `match_if_app_name_starts_with` set to `true` in `copy-image-from-upstream` command. [PR 136](https://github.com/shakacode/control-plane-flow/pull/136) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Added
 
-- Added `--no-clean-on-failure` option to `run:detached` command to skip deletion of failed workload run. [PR 133](https://github.com/shakacode/heroku-to-control-plane/pull/133) by [Justin Gordon](https://github.com/justin808) and [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `--domain` option to `maintenance`, `maintenance:on` and `maintenance:off` commands. [PR 131](https://github.com/shakacode/heroku-to-control-plane/pull/131) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `default_domain` config to specify domain for `maintenance`, `maintenance:on` and `maintenance:off` commands. [PR 131](https://github.com/shakacode/heroku-to-control-plane/pull/131) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added option to specify upstream for `copy-image-from-upstream` command through `CPLN_UPSTREAM` env var. [PR 138](https://github.com/shakacode/heroku-to-control-plane/pull/138) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--no-clean-on-failure` option to `run:detached` command to skip deletion of failed workload run. [PR 133](https://github.com/shakacode/control-plane-flow/pull/133) by [Justin Gordon](https://github.com/justin808) and [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--domain` option to `maintenance`, `maintenance:on` and `maintenance:off` commands. [PR 131](https://github.com/shakacode/control-plane-flow/pull/131) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `default_domain` config to specify domain for `maintenance`, `maintenance:on` and `maintenance:off` commands. [PR 131](https://github.com/shakacode/control-plane-flow/pull/131) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added option to specify upstream for `copy-image-from-upstream` command through `CPLN_UPSTREAM` env var. [PR 138](https://github.com/shakacode/control-plane-flow/pull/138) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Changed
 
-- `build-image` command now accepts extra options and passes them to `docker build`. [PR 126](https://github.com/shakacode/heroku-to-control-plane/pull/126) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `CPLN_ORG_UPSTREAM` env var now takes precedence over config from `controlplane.yml` in `copy-image-from-upstream` command. [PR 137](https://github.com/shakacode/heroku-to-control-plane/pull/137) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `info` command now works properly for apps with `match_if_app_name_starts_with` set to `true`.[PR 139](https://github.com/shakacode/heroku-to-control-plane/pull/139) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- `info` command now lists workloads in the same order as `controlplane.yml`. [PR 139](https://github.com/shakacode/heroku-to-control-plane/pull/139) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Improved domain workload matching for `maintenance`, `maintenance:on` and `maintenance:off` commands (instead of matching only by workload, it now matches by org + app + workload, which is more accurate). [PR 140](https://github.com/shakacode/heroku-to-control-plane/pull/140) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `build-image` command now accepts extra options and passes them to `docker build`. [PR 126](https://github.com/shakacode/control-plane-flow/pull/126) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `CPLN_ORG_UPSTREAM` env var now takes precedence over config from `controlplane.yml` in `copy-image-from-upstream` command. [PR 137](https://github.com/shakacode/control-plane-flow/pull/137) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `info` command now works properly for apps with `match_if_app_name_starts_with` set to `true`.[PR 139](https://github.com/shakacode/control-plane-flow/pull/139) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- `info` command now lists workloads in the same order as `controlplane.yml`. [PR 139](https://github.com/shakacode/control-plane-flow/pull/139) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Improved domain workload matching for `maintenance`, `maintenance:on` and `maintenance:off` commands (instead of matching only by workload, it now matches by org + app + workload, which is more accurate). [PR 140](https://github.com/shakacode/control-plane-flow/pull/140) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.2.0] - 2024-01-03
 
 ### Fixed
 
-- Fixed issue where `info` command does not respect `CPLN_ORG` env var. [PR 88](https://github.com/shakacode/heroku-to-control-plane/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed issues with running `cpl --version` and `cpl --help` where no configuration file exists. [PR 100](https://github.com/shakacode/heroku-to-control-plane/pull/100) by [Mostafa Ahangarha](https://github.com/ahangarha).
-- Fixed issue where `delete` command fails to delete apps with volumesets. [PR 123](https://github.com/shakacode/heroku-to-control-plane/pull/123) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where `info` command does not respect `CPLN_ORG` env var. [PR 88](https://github.com/shakacode/control-plane-flow/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issues with running `cpl --version` and `cpl --help` where no configuration file exists. [PR 100](https://github.com/shakacode/control-plane-flow/pull/100) by [Mostafa Ahangarha](https://github.com/ahangarha).
+- Fixed issue where `delete` command fails to delete apps with volumesets. [PR 123](https://github.com/shakacode/control-plane-flow/pull/123) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Added
 
-- Added `--org` option to all commands. [PR 88](https://github.com/shakacode/heroku-to-control-plane/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added option to set the app with a `CPLN_APP` env var. [PR 88](https://github.com/shakacode/heroku-to-control-plane/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Show `org` and `app` on every command excluding `info`, `version`, `maintenance`, `env`, `ps`, and `latest_image`. [PR 94](https://github.com/shakacode/heroku-to-control-plane/pull/94) by [Mostafa Ahangarha](https://github.com/ahangarha).
-- Added option to only use `CPLN_ORG` and `CPLN_APP` env vars if `allow_org_override_by_env` and `allow_app_override_by_env` configs are set to `true` in `controlplane.yml`. [PR 109](https://github.com/shakacode/heroku-to-control-plane/pull/109) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `CPLN_LOCATION` env variable and `--location` option for `apply-template`, `ps`, `run`, `run:detached`. [PR 105](https://github.com/shakacode/heroku-to-control-plane/pull/105) by [Mostafa Ahangarha](https://github.com/ahangarha).
-- Added `generate` command for creating basic Control Plane configuration directory. [PR 116](https://github.com/shakacode/heroku-to-control-plane/pull/116) by [Mostafa Ahangarhga](https://github.com/ahangarha).
-- Added `--trace` option to all commands for more detailed logs. [PR 124](https://github.com/shakacode/heroku-to-control-plane/pull/124) by [justin808](https://github.com/justin808)
+- Added `--org` option to all commands. [PR 88](https://github.com/shakacode/control-plane-flow/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added option to set the app with a `CPLN_APP` env var. [PR 88](https://github.com/shakacode/control-plane-flow/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Show `org` and `app` on every command excluding `info`, `version`, `maintenance`, `env`, `ps`, and `latest_image`. [PR 94](https://github.com/shakacode/control-plane-flow/pull/94) by [Mostafa Ahangarha](https://github.com/ahangarha).
+- Added option to only use `CPLN_ORG` and `CPLN_APP` env vars if `allow_org_override_by_env` and `allow_app_override_by_env` configs are set to `true` in `controlplane.yml`. [PR 109](https://github.com/shakacode/control-plane-flow/pull/109) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `CPLN_LOCATION` env variable and `--location` option for `apply-template`, `ps`, `run`, `run:detached`. [PR 105](https://github.com/shakacode/control-plane-flow/pull/105) by [Mostafa Ahangarha](https://github.com/ahangarha).
+- Added `generate` command for creating basic Control Plane configuration directory. [PR 116](https://github.com/shakacode/control-plane-flow/pull/116) by [Mostafa Ahangarhga](https://github.com/ahangarha).
+- Added `--trace` option to all commands for more detailed logs. [PR 124](https://github.com/shakacode/control-plane-flow/pull/124) by [justin808](https://github.com/justin808)
 - Added better error message to check the org name in case of a 403 error. [PR 124](https://github.com/justin808) by [justin808](https://github.com/justin808)
 
 ### Changed
 
-- `--org` option now takes precedence over `CPLN_ORG` env var, which takes precedence over `cpln_org` from `controlplane.yml`. [PR 88](https://github.com/shakacode/heroku-to-control-plane/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Renamed `setup` config into `setup_app_templates`. [PR 112](https://github.com/shakacode/heroku-to-control-plane/pull/112) by [Mostafa Ahangarha](https://github.com/ahangarha).
+- `--org` option now takes precedence over `CPLN_ORG` env var, which takes precedence over `cpln_org` from `controlplane.yml`. [PR 88](https://github.com/shakacode/control-plane-flow/pull/88) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Renamed `setup` config into `setup_app_templates`. [PR 112](https://github.com/shakacode/control-plane-flow/pull/112) by [Mostafa Ahangarha](https://github.com/ahangarha).
 
 ## [1.1.2] - 2023-10-17
 
 ### Fixed
 
-- Fixed failed build on MacOS by adding platform flag and fixed multiple files in yaml document for template. [PR 81](https://github.com/shakacode/heroku-to-control-plane/pull/81) by [justin808](https://github.com/justin808).
+- Fixed failed build on MacOS by adding platform flag and fixed multiple files in yaml document for template. [PR 81](https://github.com/shakacode/control-plane-flow/pull/81) by [justin808](https://github.com/justin808).
 
 ### Added
 
-- Added `open-console` command to open the app console on Control Plane. [PR 83](https://github.com/shakacode/heroku-to-control-plane/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added option to set the org with a `CPLN_ORG`/`CPLN_ORG_UPSTREAM` env var. [PR 83](https://github.com/shakacode/heroku-to-control-plane/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `--verbose` option to all commands for more detailed logs. [PR 83](https://github.com/shakacode/heroku-to-control-plane/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `open-console` command to open the app console on Control Plane. [PR 83](https://github.com/shakacode/control-plane-flow/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added option to set the org with a `CPLN_ORG`/`CPLN_ORG_UPSTREAM` env var. [PR 83](https://github.com/shakacode/control-plane-flow/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--verbose` option to all commands for more detailed logs. [PR 83](https://github.com/shakacode/control-plane-flow/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Changed
 
-- Calling `cpl` with no command now shows the help menu. [PR 83](https://github.com/shakacode/heroku-to-control-plane/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Calling `cpl` with no command now shows the help menu. [PR 83](https://github.com/shakacode/control-plane-flow/pull/83) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.1.1] - 2023-09-23
 
 ### Fixed
 
-- Fixed issue where API token is not reset when switching profile. [PR 77](https://github.com/shakacode/heroku-to-control-plane/pull/77) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where API token is not reset when switching profile. [PR 77](https://github.com/shakacode/control-plane-flow/pull/77) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.1.0] - 2023-09-20
 
 ### Fixed
 
-- Fixed issue where `copy-image-from-upstream` command does not copy commit. [PR 70](https://github.com/shakacode/heroku-to-control-plane/pull/70) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed issue where an error is not raised if the app is not defined. [PR 73](https://github.com/shakacode/heroku-to-control-plane/pull/73) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed issue where `CPLN_ENDPOINT` is not used if available. [PR 75](https://github.com/shakacode/heroku-to-control-plane/pull/75) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where `copy-image-from-upstream` command does not copy commit. [PR 70](https://github.com/shakacode/control-plane-flow/pull/70) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where an error is not raised if the app is not defined. [PR 73](https://github.com/shakacode/control-plane-flow/pull/73) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where `CPLN_ENDPOINT` is not used if available. [PR 75](https://github.com/shakacode/control-plane-flow/pull/75) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Added
 
-- Added `image_retention_max_qty` config to clean up images based on max quantity with `cleanup-images` command. [PR 72](https://github.com/shakacode/heroku-to-control-plane/pull/72) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `image_retention_max_qty` config to clean up images based on max quantity with `cleanup-images` command. [PR 72](https://github.com/shakacode/control-plane-flow/pull/72) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Changed
 
-- Updated docs for `run` commands regarding passing arguments at the end. [PR 71](https://github.com/shakacode/heroku-to-control-plane/pull/71) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Renamed `cleanup-old-images` command to `cleanup-images`. [PR 72](https://github.com/shakacode/heroku-to-control-plane/pull/72) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Renamed `old_image_retention_days` config to `image_retention_days`. [PR 72](https://github.com/shakacode/heroku-to-control-plane/pull/72) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Updated docs for `run` commands regarding passing arguments at the end. [PR 71](https://github.com/shakacode/control-plane-flow/pull/71) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Renamed `cleanup-old-images` command to `cleanup-images`. [PR 72](https://github.com/shakacode/control-plane-flow/pull/72) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Renamed `old_image_retention_days` config to `image_retention_days`. [PR 72](https://github.com/shakacode/control-plane-flow/pull/72) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.0.4] - 2023-07-21
 
 ### Fixed
 
-- Fixed issue where `run` commands fail when not providing image. [PR 68](https://github.com/shakacode/heroku-to-control-plane/pull/68) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed issue where `run` commands fail when not providing image. [PR 68](https://github.com/shakacode/control-plane-flow/pull/68) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.0.3] - 2023-07-07
 
 ### Fixed
 
-- Fixed `run` commands when specifying image. [PR 62](https://github.com/shakacode/heroku-to-control-plane/pull/62) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed `run:cleanup` command for non-interactive workloads. [PR 63](https://github.com/shakacode/heroku-to-control-plane/pull/63) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed `run:cleanup` command for all apps that start with name. [PR 64](https://github.com/shakacode/heroku-to-control-plane/pull/64) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed `cleanup-old-images` command for all apps that start with name. [PR 65](https://github.com/shakacode/heroku-to-control-plane/pull/65) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Fixed `--help` option. [PR 66](https://github.com/shakacode/heroku-to-control-plane/pull/66) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed `run` commands when specifying image. [PR 62](https://github.com/shakacode/control-plane-flow/pull/62) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed `run:cleanup` command for non-interactive workloads. [PR 63](https://github.com/shakacode/control-plane-flow/pull/63) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed `run:cleanup` command for all apps that start with name. [PR 64](https://github.com/shakacode/control-plane-flow/pull/64) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed `cleanup-old-images` command for all apps that start with name. [PR 65](https://github.com/shakacode/control-plane-flow/pull/65) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed `--help` option. [PR 66](https://github.com/shakacode/control-plane-flow/pull/66) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Added
 
-- Added `--use-local-token` option to `run:detached` command. [PR 61](https://github.com/shakacode/heroku-to-control-plane/pull/61) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `--use-local-token` option to `run:detached` command. [PR 61](https://github.com/shakacode/control-plane-flow/pull/61) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.0.2] - 2023-07-02
 
 ### Added
 
-- Added steps to migrate to docs. [PR 57](https://github.com/shakacode/heroku-to-control-plane/pull/57) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
-- Added `ps:wait` command. [PR 58](https://github.com/shakacode/heroku-to-control-plane/pull/58) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added steps to migrate to docs. [PR 57](https://github.com/shakacode/control-plane-flow/pull/57) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Added `ps:wait` command. [PR 58](https://github.com/shakacode/control-plane-flow/pull/58) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.0.1] - 2023-06-28
 
 ### Fixed
 
-- Fixed `cleanup-stale-apps` command when app does not have image. [PR 55](https://github.com/shakacode/heroku-to-control-plane/pull/55) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Fixed `cleanup-stale-apps` command when app does not have image. [PR 55](https://github.com/shakacode/control-plane-flow/pull/55) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ### Changed
 
-- Improved docs. [PR 50](https://github.com/shakacode/heroku-to-control-plane/pull/50) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
+- Improved docs. [PR 50](https://github.com/shakacode/control-plane-flow/pull/50) by [Rafael Gomes](https://github.com/rafaelgomesxyz).
 
 ## [1.0.0] - 2023-05-29
 
 - Initial release
 
-[Unreleased]: https://github.com/shakacode/heroku-to-control-plane/compare/v2.0.0...HEAD
-[2.0.0]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.4.0...v2.0.0
-[1.4.0]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.3.0...v1.4.0
-[1.3.0]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.2.0...v1.3.0
-[1.2.0]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.1.2...v1.2.0
-[1.1.2]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.1.1...v1.1.2
-[1.1.1]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.1.0...v1.1.1
-[1.1.0]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.0.4...v1.1.0
-[1.0.4]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.0.3...v1.0.4
-[1.0.3]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.0.2...v1.0.3
-[1.0.2]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.0.1...v1.0.2
-[1.0.1]: https://github.com/shakacode/heroku-to-control-plane/compare/v1.0.0...v1.0.1
-[1.0.0]: https://github.com/shakacode/heroku-to-control-plane/releases/tag/v1.0.0
+[Unreleased]: https://github.com/shakacode/control-plane-flow/compare/v2.0.2...HEAD
+[2.0.2]: https://github.com/shakacode/control-plane-flow/compare/v2.0.1...v2.0.2
+[2.0.1]: https://github.com/shakacode/control-plane-flow/compare/v2.0.0...v2.0.1
+[2.0.0]: https://github.com/shakacode/control-plane-flow/compare/v1.4.0...v2.0.0
+[1.4.0]: https://github.com/shakacode/control-plane-flow/compare/v1.3.0...v1.4.0
+[1.3.0]: https://github.com/shakacode/control-plane-flow/compare/v1.2.0...v1.3.0
+[1.2.0]: https://github.com/shakacode/control-plane-flow/compare/v1.1.2...v1.2.0
+[1.1.2]: https://github.com/shakacode/control-plane-flow/compare/v1.1.1...v1.1.2
+[1.1.1]: https://github.com/shakacode/control-plane-flow/compare/v1.1.0...v1.1.1
+[1.1.0]: https://github.com/shakacode/control-plane-flow/compare/v1.0.4...v1.1.0
+[1.0.4]: https://github.com/shakacode/control-plane-flow/compare/v1.0.3...v1.0.4
+[1.0.3]: https://github.com/shakacode/control-plane-flow/compare/v1.0.2...v1.0.3
+[1.0.2]: https://github.com/shakacode/control-plane-flow/compare/v1.0.1...v1.0.2
+[1.0.1]: https://github.com/shakacode/control-plane-flow/compare/v1.0.0...v1.0.1
+[1.0.0]: https://github.com/shakacode/control-plane-flow/releases/tag/v1.0.0

data/CONTRIBUTING.md

@@ -6,10 +6,10 @@ Rather than installing `cpl` as a Ruby gem, install this repo locally and alias
 access, e.g.:
 
 ```sh
-git clone https://github.com/shakacode/heroku-to-control-plane
+git clone https://github.com/shakacode/control-plane-flow
 
 # Create an alias in some local shell startup script, e.g., `.profile`, `.bashrc`, etc.
-alias cpl="~/projects/heroku-to-control-plane/bin/cpl"
+alias cpl="~/projects/control-plane-flow/bin/cpl"
 ```
 
 ## Linting

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    cpl (2.0.1)
+    cpl (2.1.0)
       debug (~> 1.7.1)
       dotenv (~> 2.8.1)
       jwt (~> 2.8.1)
@@ -49,7 +49,7 @@ GEM
     racc (1.7.3)
     rainbow (3.1.1)
     rake (13.2.1)
-    rdoc (6.6.3.1)
+    rdoc (6.7.0)
       psych (>= 4.0.0)
     regexp_parser (2.9.0)
     reline (0.5.7)

data/README.md

@@ -6,8 +6,8 @@
 <meta name="keywords" content="Control Plane, Heroku, Kubernetes, K8, Infrastructure">
 <meta name="google-site-verification" content="dIV4nMplcYl6YOKOaZMqgvdKXhLJ4cdYY6pS6e_YrPU" />
 
-[![RSpec](https://github.com/shakacode/heroku-to-control-plane/actions/workflows/rspec.yml/badge.svg)](https://github.com/shakacode/heroku-to-control-plane/actions/workflows/rspec.yml)
-[![Rubocop](https://github.com/shakacode/heroku-to-control-plane/actions/workflows/rubocop.yml/badge.svg)](https://github.com/shakacode/heroku-to-control-plane/actions/workflows/rubocop.yml)
+[![RSpec](https://github.com/shakacode/control-plane-flow/actions/workflows/rspec.yml/badge.svg)](https://github.com/shakacode/control-plane-flow/actions/workflows/rspec.yml)
+[![Rubocop](https://github.com/shakacode/control-plane-flow/actions/workflows/rubocop.yml/badge.svg)](https://github.com/shakacode/control-plane-flow/actions/workflows/rubocop.yml)
 
 [![Gem](https://badge.fury.io/rb/cpl.svg)](https://badge.fury.io/rb/cpl)
 
@@ -196,9 +196,6 @@ aliases:
     # 2. Each file can contain many objects, such as in the case of templates that create a resource, like `postgres`.
     # 3. While the naming often corresponds to a workload or other object name, the naming is arbitrary. 
     #    Naming does not need to match anything other than the file name without the `.yml` extension.
-    #
-    # If you're going to use secrets, you need to apply the `secrets.yml` template separately (one-time setup):
-    # `cpl apply-template secrets -a my-app`
     setup_app_templates:
       - app
       - redis
@@ -207,6 +204,9 @@ aliases:
       - rails
       - sidekiq
 
+    # Skips secrets setup when running `cpl setup-app`.
+    skip_secrets_setup: true
+
     # Only needed if using a custom secrets name.
     # The default is '{APP_PREFIX}-secrets'. For example:
     # - for an app 'my-app-staging' with `match_if_app_name_starts_with` set to `false`,
@@ -273,6 +273,15 @@ apps:
     # e.g., "my-app-review-pr123", "my-app-review-anything-goes", etc.
     match_if_app_name_starts_with: true
 
+    # Hooks can be either a script path that exists in the app image or a command.
+    # They're run in the context of `cpl run` with the latest image.
+    hooks:
+      # Used by the command `cpl setup-app` to run a hook after creating the app.
+      post_creation: bundle exec rake db:prepare
+
+      # Used by the command `cpl delete` to run a hook before deleting the app.
+      pre_deletion: bundle exec rake db:drop
+
   my-app-production:
     <<: *common
 

data/cpl.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
 
   spec.summary     = "Heroku to Control Plane"
   spec.description = "CLI for providing Heroku-like platform-as-a-service on Control Plane"
-  spec.homepage    = "https://github.com/shakacode/heroku-to-control-plane"
+  spec.homepage    = "https://github.com/shakacode/control-plane-flow"
   spec.license     = "MIT"
 
   spec.required_ruby_version = ">= 2.7.0"

data/docs/commands.md

@@ -109,6 +109,9 @@ cpl copy-image-from-upstream -a $APP_NAME --upstream-token $UPSTREAM_TOKEN --ima
 - Deletes the whole app (GVC with all workloads, all volumesets and all images) or a specific workload
 - Also unbinds the app from the secrets policy, as long as both the identity and the policy exist (and are bound)
 - Will ask for explicit user confirmation
+- Runs a pre-deletion hook before the app is deleted if `hooks.pre_deletion` is specified in the `.controlplane/controlplane.yml` file
+- If the hook exits with a non-zero code, the command will stop executing and also exit with a non-zero code
+- Use `--skip-pre-deletion-hook` to skip the hook if specified in `controlplane.yml`
 
 ```sh
 # Deletes the whole app (GVC with all workloads, all volumesets and all images).
@@ -121,14 +124,29 @@ cpl delete -a $APP_NAME -w $WORKLOAD_NAME
 ### `deploy-image`
 
 - Deploys the latest image to app workloads
-- Optionally runs a release script before deploying if specified through `release_script` in the `.controlplane/controlplane.yml` file and `--run-release-phase` is provided
+- Runs a release script before deploying if `release_script` is specified in the `.controlplane/controlplane.yml` file and `--run-release-phase` is provided
 - The release script is run in the context of `cpl run` with the latest image
-- The deploy will fail if the release script exits with a non-zero code or doesn't exist
+- If the release script exits with a non-zero code, the command will stop executing and also exit with a non-zero code
 
 ```sh
 cpl deploy-image -a $APP_NAME
 ```
 
+### `doctor`
+
+- Runs validations
+
+```sh
+# Runs all validations that don't require additional options by default.
+cpl doctor
+
+# Runs config validation.
+cpl doctor --validations config
+
+# Runs templates validation (requires app).
+cpl doctor --validations templates -a $APP_NAME
+```
+
 ### `env`
 
 - Displays app-specific environment variables
@@ -276,7 +294,7 @@ cpl open-console -a $APP_NAME
   - Runs `cpl copy-image-from-upstream` to copy the latest image from upstream
   - Runs `cpl deploy-image` to deploy the image
   - If `.controlplane/controlplane.yml` includes the `release_script`, `cpl deploy-image` will use the `--run-release-phase` option
-  - The deploy will fail if the release script exits with a non-zero code
+  - If the release script exits with a non-zero code, the command will stop executing and also exit with a non-zero code
 
 ```sh
 cpl promote-app-from-upstream -a $APP_NAME -t $UPSTREAM_TOKEN
@@ -407,9 +425,15 @@ cpl run -a $APP_NAME --entrypoint /app/alternative-entrypoint.sh -- rails db:mig
 
 - Creates an app and all its workloads
 - Specify the templates for the app and workloads through `setup_app_templates` in the `.controlplane/controlplane.yml` file
-- This should only be used for temporary apps like review apps, never for persistent apps like production (to update workloads for those, use 'cpl apply-template' instead)
-- Automatically binds the app to the secrets policy, as long as both the identity and the policy exist
-- Use `--skip-secret-access-binding` to prevent the automatic bind
+- This should only be used for temporary apps like review apps, never for persistent apps like production or staging (to update workloads for those, use 'cpl apply-template' instead)
+- Configures app to have org-level secrets with default name "{APP_PREFIX}-secrets"
+  using org-level policy with default name "{APP_PREFIX}-secrets-policy" (names can be customized, see docs)
+- Creates identity for secrets if it does not exist
+- Use `--skip-secrets-setup` to prevent the automatic setup of secrets,
+  or set it through `skip_secrets_setup` in the `.controlplane/controlplane.yml` file
+- Runs a post-creation hook after the app is created if `hooks.post_creation` is specified in the `.controlplane/controlplane.yml` file
+- If the hook exits with a non-zero code, the command will stop executing and also exit with a non-zero code
+- Use `--skip-post-creation-hook` to skip the hook if specified in `controlplane.yml`
 
 ```sh
 cpl setup-app -a $APP_NAME

data/docs/secrets-and-env-values.md

@@ -0,0 +1,42 @@
+# Secrets and ENV Values
+
+You can store ENV values used by a container (within a workload) within Control Plane at the following levels:
+
+1. Workload Container
+2. GVC
+
+For your "review apps," it is convenient to have simple ENVs stored in plain text in your source code. You will want to
+keep some ENVs, like the Rails' `SECRET_KEY_BASE`, out of your source code. For staging and production apps, you will
+set these values directly at the GVC or workload levels, so none of these ENV values are committed to the source code.
+
+For storing ENVs in the source code, we can use a level of indirection so that you can store an ENV value in your source
+code like `cpln://secret/my-app-review-env-secrets.SECRET_KEY_BASE` and then have the secret value stored at the org
+level, which applies to your GVCs mapped to that org.
+
+For setting up secrets, you'll need:
+
+- **Org-level Secret:** This is where the values will be stored.
+- **GVC Identity:** An identity that must be associated with each workload that requires access to the secret.
+- **Org-level Policy:** A policy that binds the identity to the secret, granting the necessary permissions for the workload to access the secret.
+
+You can do this during the initial app setup, like this:
+
+1. Add the template for `app` to `.controlplane/templates`
+2. Ensure that the `app` template is listed in `setup_app_templates` for the app in `.controlplane/controlplane.yml`
+3. Run `cpl setup-app -a $APP_NAME`
+4. The secrets, secrets policy and identity will be automatically created, along with the proper binding
+5. In the Control Plane console, upper left "Manage Org" menu, click on "Secrets"
+6. Find the created secret (it will be in the `$APP_PREFIX-secrets` format) and add the secret env vars there
+7. Use `cpln://secret/...` in the app to access the secret env vars (e.g., `cpln://secret/$APP_PREFIX-secrets.SOME_VAR`)
+
+Here are the manual steps for reference. We recommend that you follow the steps above:
+
+1. In the upper left of the Control Plane console, "Manage Org" menu, click on "Secrets"
+2. Create a secret with `Secret Type: Dictionary` (e.g., `my-secrets`) and add the secret env vars there
+3. In the upper left "Manage GVC" menu, click on "Identities"
+4. Create an identity (e.g., `my-identity`)
+5. Navigate to the workload that you want to associate with the identity created
+6. Click "Identity" on the left menu and select the identity created
+7. In the lower left "Access Control" menu, click on "Policies"
+8. Create a policy with `Target Kind: Secret` and add a binding with the `reveal` permission for the identity created
+9. Use `cpln://secret/...` in the app to access the secret env vars (e.g., `cpln://secret/my-secrets.SOME_VAR`)