New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added an example to show how common secrets can be shared across multiple environments in secrets.yml #19898
Conversation
👍 |
What about to add this to all YAML configurations? For example to |
👍 |
@simi Good point. I think if we agree to add it for secrets.yml then we can also add it for other files. |
What does this offer over using YAML's built-in anchor/reference syntax? |
@matthewd You are right. Same functionality can be achieved using YAML's anchor/reference syntax. This is just another way to do it. |
I'm concerned that providing documented application API to do so would encourage this practice which IMO is an anti-pattern (at least as far as presenting it to new users go), as secrets by their nature are best not to reuse across environments, especially in the most common case of production vs non-production. For someone who went beyond the basics and has a bona fide use case for this (for example, multiple production envs who need to share secret for communicating with each other), as mentioned in comments, this could be done manually using .yaml reference syntax. |
We use the YAML reference syntax already in our |
@senny I agree. What do you mean by |
Add an example for YAML linking in default file generated. On Sunday, April 26, 2015, प्रथमेश notifications@github.com wrote:
Vipul A.M. |
45eba60
to
57c98e3
Compare
@senny Updated the PR. The only issue I think is development and test environments will have same secret_key_base. Or should we add a commented example for showing how secrets can be shared? |
@prathamesh-sonpatki better add a commented example. I don't think |
57c98e3
to
13f620d
Compare
@senny Updated. Please check. |
@senny What do you think about this? |
@prathamesh-sonpatki it's on my list. Please don't make ping comments continuously. We get enough emails as is. |
Looking at the example I don't think we should promote that in the file itself. What about only including the sentence: # You can also share common secrets in multiple environments
# using YAML anchor/reference syntax. Followed by a link to find more details. |
Can we update the example to use |
In my projects I rarely find myself in the situation of sharing secrets with Let's wait for more feedback before we decide. |
Ok. Here is an example of secrets.yml sharing settings - https://github.com/bigbinary/wheel/blob/master/config/secrets.yml. Then all the initializers access these values throguh |
Yes, putting the |
13f620d
to
fe3a896
Compare
I have updated the example to use ENV variables. |
Added an example to show how common secrets can be shared across multiple environments in secrets.yml [ci skip]
This broke the build as the ERB is still interpolated, even though it's inside of a comment. Please re-open once you fix |
they had to be duplicated under each environment in
config/secrets.yml
.common
key such thatthey will be loaded in all environments.
are present under both sections.
Edit
Common secrets is a bit confusing here. I meant to say common configuration options or settings like lets say
default_from_email_address
. It can besupport@example.com
in development, test and in production can be something else.