I use .env files in my node.js code to handles secrets in my dev environment configuration. I add .env to my project's .gitignore, to prevent secrets be committed to the git repository.
I found node.js's .env approach quite simple and productive.
What the equivalent of .env files in C#?
With this question I am not looking for a library to do the same in C# like (https://github.com/tonerdo/dotnet-env)
I like to know the c# way of handling the same thing with an emphasis on not committing secrets in config files to git repositories.
This is not an Azure question, so Azure Key Vault Azure App Services are out of scope here.
CodePudding user response:
If you are taking about .Net applications, then you could use User secrets
in your local. This will not be checked in as the file is not part of the solution and no need to even keep it in gitignore
Usage : In Visual Studio, right-click the project in Solution Explorer, and select Manage User Secrets from the context menu.
Refer https://learn.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-6.0&tabs=windows for more details
CodePudding user response:
I'll give you what I consider a solid answer, but at the same time acknowledging that there are other options.
What dotenv
does is basically create environment variables for the NodeJS process. Then those are accessed through process.env
. That's all.
If you want the equivalent in C#, that's already available out of the .Net Configuration box.
Speaking in terms of ASP.net, it comes with pre-defined configuration sources. One of them is the non-prefixed environment variables source. This one picks up data from environment variables that follow a standardized name convention.
Say you have appsettings.json
like this:
{
"SecretSection": {
"Username": "myUsername",
"Password": "CatOnKeyboard"
}
If you were to have that JSON config file, you probably have a class declared in C# (named, say, MySecretSection
) with the properties Username
and Password
that you configure in your services like this:
var cfgSection = builder.Configuration.GetSection("SecretSection");
builder.Services.Configure<MySecretSection>(cfgSection);
This would allow you to obtain access to the section's data using the Options pattern:
public class SomeService
{
public SomeService(IOptions<MySecretSection> secretOptions)
{
// Now you can use the username and password:
var opts = secretOptions.Value;
System.Diagnostics.Debug.Print($"{opts.Username} : {opts.Password}");
}
}
Ok, but the secret data definitely should not be there, in appsettings.json
, exposed to the public.
If you want, you can do what dotenv
does and simply create environment variables for each of the secrets.
- SECRETSECTION__USERNAME with a value of
myUsername
. - SECRETSECTION__PASSWORD with a value of
CatOnKeyboard
.
And that's it. Asp.Net will automatically pick up those environment variables that, according to the naming convention, represent the hierarchical key SecretSection:Username
and SecretSection:Password
.