bug fixes.

Author: ljonesfl

src/Cli/Commands/Secrets/EditCommand.php

@@ -56,7 +56,7 @@ public function execute(): int
 	{
 		$configPath = $this->input->getOption( 'config', 'config' );
 		$env = $this->input->getOption( 'env' );
-		$editor = $this->input->getOption( 'editor' ) ?? $_ENV['EDITOR'] ?? 'vi';
+		$editor = $this->input->getOption( 'editor' ) ?? getenv( 'EDITOR' ) ?: 'vi';
 
 		// Determine paths based on environment
 		if( $env )
@@ -94,7 +94,7 @@ public function execute(): int
 					}
 				}
 
-				$key = $this->secretManager->generateKey( $keyPath );
+				$this->secretManager->generateKey( $keyPath );
 				$this->output->success( "Generated new key at: {$keyPath}" );
 				$this->output->warning( "IMPORTANT: Add {$keyPath} to .gitignore!" );
 			}

src/Cli/Commands/Secrets/Key/GenerateCommand.php

@@ -81,6 +81,17 @@ public function execute(): int
 		{
 			$keyPath = $configPath . '/master.key';
 			$keyName = 'master key';
+
+			// Ensure directory exists
+			$dir = dirname( $keyPath );
+			if( !is_dir( $dir ) )
+			{
+				if( !mkdir( $dir, 0755, true ) )
+				{
+					$this->output->error( "Failed to create directory: {$dir}" );
+					return 1;
+				}
+			}
 		}
 
 		// Check if key already exists
@@ -137,7 +148,14 @@ public function execute(): int
 			) . '_KEY';
 			$this->output->newLine();
 			$this->output->info( "Alternative: Set the key as an environment variable:" );
-			$this->output->write( "export {$envVar}={$key}" );
+			if( $show )
+			{
+				$this->output->write( "export {$envVar}={$key}" );
+			}
+			else
+			{
+				$this->output->write( "export {$envVar}=<KEY_FROM_{$keyPath}>" );
+			}
 		}
 		catch( \Exception $e )
 		{

src/Cli/Commands/Secrets/ShowCommand.php

@@ -163,6 +163,6 @@ private function checkEnvironmentKey( string $keyPath ): bool
 			str_replace( ['/', '.', '-'], '_', basename( $keyPath, '.key' ) )
 		) . '_KEY';
 
-		return isset( $_ENV[$envKey] );
+		return getenv( $envKey ) !== false;
 	}
 }

tests/Cli/Commands/Secrets/Key/GenerateCommandTest.php

@@ -121,6 +121,111 @@ public function testExecuteGeneratesEnvironmentKey(): void
 		$this->assertStringContainsString( "Generated production environment key at: {$keyPath}", $outputContent );
 	}
 
+	/**
+	 * Test that config directory is created for master key when missing
+	 */
+	public function testExecuteCreatesMasterKeyDirectory(): void
+	{
+		// Use a non-existent config path
+		$nonExistentPath = sys_get_temp_dir() . '/test_config_' . uniqid() . '/config';
+
+		// Create input with options pointing to non-existent path
+		$input = new Input( [ '--config=' . $nonExistentPath ] );
+		$input->parse( $this->command );
+
+		// Create output
+		$output = new Output( false );
+
+		$this->command->setInput( $input );
+		$this->command->setOutput( $output );
+
+		// Capture output
+		ob_start();
+		$result = $this->command->execute();
+		$outputContent = ob_get_clean();
+
+		// Execute should succeed
+		$this->assertEquals( 0, $result );
+
+		// Directory should be created
+		$this->assertDirectoryExists( $nonExistentPath );
+
+		// Key file should exist
+		$keyPath = $nonExistentPath . '/master.key';
+		$this->assertFileExists( $keyPath );
+
+		// Check output contains success message
+		$this->assertStringContainsString( "Generated master key at: {$keyPath}", $outputContent );
+
+		// Clean up
+		unlink( $keyPath );
+		rmdir( $nonExistentPath );
+		rmdir( dirname( $nonExistentPath ) );
+	}
+
+	/**
+	 * Test that key is only shown when --show flag is used
+	 */
+	public function testKeyOnlyShownWithShowFlag(): void
+	{
+		// Test WITHOUT --show flag (default)
+		$input = new Input( [ '--config=' . $this->testConfigPath ] );
+		$input->parse( $this->command );
+
+		$output = new Output( false );
+
+		$this->command->setInput( $input );
+		$this->command->setOutput( $output );
+
+		ob_start();
+		$result = $this->command->execute();
+		$outputContentNoShow = ob_get_clean();
+
+		$this->assertEquals( 0, $result );
+
+		$keyPath = $this->testConfigPath . '/master.key';
+		$this->assertFileExists( $keyPath );
+
+		// Read the actual key
+		$actualKey = file_get_contents( $keyPath );
+
+		// Key should NOT be in the output (except in the placeholder)
+		$this->assertStringNotContainsString( "export NEURON_MASTER_KEY={$actualKey}", $outputContentNoShow );
+		$this->assertStringContainsString( "export NEURON_MASTER_KEY=<KEY_FROM_{$keyPath}>", $outputContentNoShow );
+		$this->assertStringNotContainsString( "Generated Key", $outputContentNoShow );
+
+		// Clean up before second test
+		unlink( $keyPath );
+
+		// Test WITH --show flag
+		$input2 = new Input( [
+			'--config=' . $this->testConfigPath,
+			'--show'
+		] );
+		$input2->parse( $this->command );
+
+		$output2 = new Output( false );
+
+		$this->command->setInput( $input2 );
+		$this->command->setOutput( $output2 );
+
+		ob_start();
+		$result2 = $this->command->execute();
+		$outputContentWithShow = ob_get_clean();
+
+		$this->assertEquals( 0, $result2 );
+
+		// Read the new key
+		$actualKey2 = file_get_contents( $keyPath );
+
+		// Key SHOULD be in the output
+		$this->assertStringContainsString( "export NEURON_MASTER_KEY={$actualKey2}", $outputContentWithShow );
+		$this->assertStringNotContainsString( "<KEY_FROM_", $outputContentWithShow );
+		$this->assertStringContainsString( "Generated Key", $outputContentWithShow );
+		$this->assertStringContainsString( $actualKey2, $outputContentWithShow );
+		$this->assertStringContainsString( "This key is shown only once", $outputContentWithShow );
+	}
+
 	/**
 	 * Test error when key already exists without force
 	 */

tests/Cli/Commands/Secrets/ShowCommandTest.php

@@ -233,6 +233,55 @@ public function testExecuteProductionConfirmation(): void
 		$this->assertStringContainsString( 'production_secret', $outputContent3 );
 	}
 
+	/**
+	 * Test showing secrets using environment variable for key
+	 */
+	public function testExecuteWithEnvironmentVariable(): void
+	{
+		// Create test secrets
+		$keyPath = $this->testConfigPath . '/master.key';
+		$credentialsPath = $this->testConfigPath . '/secrets.yml.enc';
+
+		// Generate a key and store it
+		$key = $this->secretManager->generateKey( $keyPath );
+
+		// Create encrypted secrets
+		$tempPlaintextPath = $this->testConfigPath . '/temp_plaintext.yml';
+		$testData = "database:\n  host: localhost\n  password: env_secret";
+		file_put_contents( $tempPlaintextPath, $testData );
+		$this->secretManager->encrypt( $tempPlaintextPath, $credentialsPath, $keyPath );
+		unlink( $tempPlaintextPath );
+
+		// Read the key value and delete the key file
+		$keyValue = trim( file_get_contents( $keyPath ) );
+		unlink( $keyPath );
+
+		// Set the key as an environment variable
+		putenv( "NEURON_MASTER_KEY={$keyValue}" );
+
+		// Create input and output
+		$input = new Input( [ '--config=' . $this->testConfigPath ] );
+		$input->parse( $this->command );
+
+		$output = new Output( false );
+
+		$this->command->setInput( $input );
+		$this->command->setOutput( $output );
+
+		// Capture output
+		ob_start();
+		$result = $this->command->execute();
+		$outputContent = ob_get_clean();
+
+		// Should succeed using the environment variable
+		$this->assertEquals( 0, $result );
+		$this->assertStringContainsString( 'Base Secrets', $outputContent );
+		$this->assertStringContainsString( 'env_secret', $outputContent );
+
+		// Clean up environment variable
+		putenv( "NEURON_MASTER_KEY" );
+	}
+
 	/**
 	 * Test error when secrets file not found
 	 */