Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Recommended approach for handling config without checking into git #278

Open
iwaffles opened this issue Jul 19, 2022 · 1 comment
Open

Comments

@iwaffles
Copy link

Hi everyone, love the project!

I'm curious if there's a pattern for using env vars instead of checking in the config.json file with app keys/secrets?

@simov
Copy link
Owner

simov commented Jul 19, 2022

You can load your app secrets dynamically on each request using the state overrides, here are some examples on how to do it. Or maybe query the database once per server instance and cache the secret in-memory.

Another way would be to query the database only once at the beginning and patch your entire Grant instance using the config property.

As for using environment variables I would create an env var containing just the path to the config.json file that can be anywhere on your file system. Or maybe have an env var specifically for the app secret but read it before loading Grant and replace it in your config.json?

Lastly, you can still add your entire configuration into git and into your project as that can be helpful in understanding how your setup works. The secrets can be encrypted and still stored as the secret key of your app in your configuration, but decrypted before use using one of the above methods. Depending on the environment that you use you may even have a fully managed services for that type of stuff like KMS in AWS, Key Vault in Azure and so on. You can even deploy your own, like the HashiCorp Vault for instance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants