Suggestion: Use .env for development environment variables instead of docker-compose.yml
#18
Labels
maintenance
Technical tasks that might make things better
Comments
|
👍 |
rowanmanning
added
maintenance
rowanmanning
added a commit
that referenced
this issue
Apr 7, 2016
This prevents developers from accidentally committing sensitive information to the repo. Addresses #18.
rowanmanning
added a commit
that referenced
this issue
Apr 7, 2016
This prevents developers from accidentally committing sensitive information to the repo. Addresses #18.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently the README advocates storing confidential environment variables inside
docker-compose.ymlfor local development. This becomes a bit messy because that file is included within git but will become personal to each developer's set-up (API keys, auth tokens, database names etc). A developer may accidentally commit their environment variables into the git history (which is a bad thing tm).Have you thought about using
dotenvinstead of placing the environment variables withindocker-compose.yml?docker-compose.ymlis commited into the repo whereas.envcan be ignored in.gitignore. This means confidential env vars can be stored in it safely and because the file is ignored by git it won't be deployed to production.The text was updated successfully, but these errors were encountered: