Skip to content

docs(deploy): document secret/API-key rotation procedure#269

Merged
MinhHaDuong merged 1 commit into
mainfrom
docs/rotate-secrets-howto
Jun 23, 2026
Merged

docs(deploy): document secret/API-key rotation procedure#269
MinhHaDuong merged 1 commit into
mainfrom
docs/rotate-secrets-howto

Conversation

@MinhHaDuong

Copy link
Copy Markdown
Collaborator

Context

During the 2026-06-22 outage recovery, rotating OPENAI_API_KEY took ~1h because docker restart was used to reload the key. docker restart re-reads nothing — it bounces the process with the environment baked in at container creation, so the old (revoked) key kept being served and every query 500'd with a 401. Only docker compose up (via up.sh --remote) re-reads env_file.

Change

Adds a Rotating secrets and API keys section to deploy/HOWTO-deploy.md documenting the correct procedure and three traps from the incident:

  • docker restart does not reload env_file — use up.sh --remote.
  • The key must be a real VAR=value assignment (a bare value leaves it undefined).
  • Verify with a novel query — R2R caches query embeddings, so a repeated query can pass on cache and hide a bad key.

Doc-only; no code paths touched.

Relates to #266.

🤖 Generated with Claude Code

A key rotation on 2026-06-22 took an hour because `docker restart` was used
to pick up a swapped OPENAI_API_KEY. `docker restart` re-reads nothing — it
bounces the process with the environment baked in at container creation, so
the old (revoked) key kept being served. Only `docker compose up` (via
`up.sh --remote`) re-reads env_file.

Document the correct procedure in HOWTO-deploy.md, plus two traps that bit
during the same incident: a key pasted as a bare value with no `VAR=` prefix,
and a repeated query passing on a cached embedding while the new key was
actually broken.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@MinhHaDuong MinhHaDuong merged commit 2410c4b into main Jun 23, 2026
5 checks passed
@MinhHaDuong MinhHaDuong deleted the docs/rotate-secrets-howto branch June 23, 2026 06:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant