Skip Convex env validation when deploy key can't list vars

[stickerdaniel]

Convex deploy keys can deploy but are denied ViewEnvironmentVariables, so scripts/validate-convex-env.ts (which runs convex env list) fails in CI whenever the build authenticates with a deployment-scoped deploy key. A leaked deploy key must not be able to read secret values, so this is by design on Convex's side. The pre-flight check then hard-fails the production build.

This skips the validation when convex env list fails with a permission error, logging the required var names instead of failing the build. The deploy still runs, and a genuinely missing var surfaces at runtime. Validation still works wherever the auth can read env vars (local dev, project-level keys).

bun scripts/static-checks.ts scripts/validate-convex-env.ts passes.

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	saas-starter	fbed1a8	Commit Preview URL Branch Preview URL	Jun 15 2026, 01:12 AM

[Copilot]

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

[stickerdaniel]

• Skip Convex env validation when deploy key can't list vars #563 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.