-
Notifications
You must be signed in to change notification settings - Fork 160
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merging AUTH0_KEYWORD_REPLACE_MAPPINGS from env and config file #896
Comments
Hi there! As @mutefiRe rightly highlights, it's possible with some custom scripting, but perhaps it could be integrated in the CLI, to reduce the tooling maintenance. |
I'm not sure if this will exactly solve your problems, but we had to do something similar and somewhat out of chance stumbled upon a solution that works for us. We use a single
Then we inject all of these values during our CI deployment (Github Actions) as environment variables, some of which come from Environment Variables, and some which come from Environment Secrets. It seems like merely defining the values in the config mapping, even if they're empty, allows the Deploy CLI to pick them up and anticipate them being present in the env as a fallback |
I have a similar issue, and worked wayyy to long for what this is, trying to find an optimal solution to this. Since the Auth0 servers are ultimately the source of truth, and since it's not possible for two developers to work on the same Auth0 tenant at the same time, we decided that having the tenant.yaml in svc and a simple versioning on the secrets was sufficient. Alternatives we considered:
hopefully this writeout can be of help. |
Checklist
Describe the problem you'd like to have solved
Like recommended, we are using multiple config.json files, say one per environment and having a lot of variables in the AUTH0_KEYWORD_REPLACE_MAPPINGS which are not secret but should be version controlled. On the other hand we have multiple secrets (like aws, google) which need to be injected into the mapping as well, which are not version controlled and come from the CI.
So I'm not sure how to best still define the keyword replace mapping with all the hardcoded values per environment but still be able to inject secrets without doing some additional scripting around this.
Describe the ideal solution
One solution would be to merge the value coming from the ENV and from the config file and prioritize the ENV.
Alternatives and current workarounds
Replacement of ENV variables in the config.json from the environment.
Current workarounds:
Additional context
If this is already somehow possible without scripting it would be nice to see a guide in the docs.
The text was updated successfully, but these errors were encountered: