undefinedfix
Sign in

How can golang not submit sensitive information to the code warehouse (configuration localization) but also package and build localized configuration?

talatccan edited in Thu, 24 Nov 2022

Sensitive configuration information, such as database account and password, is not suitable to be submitted with the code. So. Env is used, put locally, and. Env is deleted by git ignore, so it won't be submitted to the code warehouse.

The executable program that can be built still depends on the. Env file in the local relative directory when it is running. It will still need to read the configuration information from it, otherwise it will report an error.

In other words, the configuration information is localized, but the localized information is not packaged into the final executable program.

How can we do both at the same time? The desired effect is that the database configuration is not submitted for storage, and each developer has a local configuration file. However, according to the local configuration of each developer, the packaged executable program should also be internally "bound" with its corresponding configuration to generate different executable programs, which are no longer dependent on other external configurations.

4 Replies
Junia
commented on Thu, 24 Nov 2022

Only code or resource files can enter the final package. Before compiling, the configuration information is converted into code or resource file, and then compiled.

For example, the steps are as follows

  1. In the project source directory, create a temporary folder build, and add. Gitignore.
  2. Write a small program, the configuration file into go source file, and then save to the temporary folder build.
  3. Compile the project.

The above process can be implemented by compiler system, such as makefile and ninja.

ThatRandomToast
commented on Thu, 24 Nov 2022

I think we should automatically select an environment variable according to the environment. Before the collection of a small article, the code of sensitive information encryption, you refer to the next https://mp.weixin.qq.com/s/dp...

gafti
commented on Fri, 25 Nov 2022

The configuration is stored in the consumer. You can put one demo.json In the project, modify demo.json Write the content of the query to consult, and then git checkout. Write the local words to cousul before accessing localhost:8500 , modify the configuration inside.

Jordan
commented on Fri, 25 Nov 2022

ojbk