如何在 Google App Engine 中设置环境变量/应用程序机密 [英] How to set environment variables/app secrets in Google App Engine

问题描述

问题是如何设置应用程序机密以使其在 application.yml 中可用?

The question is how can I set application secrets to make them available in application.yml?

在 heroku 上，我只是简单地通过为 dyno 设置环境变量，并将其访问为:

On heroku I was doing it simply, by setting environment variable for dyno, and acces it as:

server:
  port: ${PORT}
security:
  user:
    password: ${USERPASSWORD}

eureka:
  client:
    register-with-eureka: false
    fetch-registry: false
  instance:
    hostname: localhost
    securePortEnabled: true
  password: ${EUREKAPASSWORD}

如何在 Google App Engine 中实现这一目标?我正在尝试使用 datastore:

How to achieve that in Google App Engine? I was trying with datastore:

不幸的是，我不知道如何将这些值注入到我的 *.yml 文件中.

Unfornately I don't know how to inject those values into my *.yml file.

还要补充一点.我正在使用 maven appengine 插件通过 CI 管道部署我的应用程序，所以我不可能将 app.yaml 文件推送到 App Engine

One more important thing to add. I am using maven appengine plugin to deploy my app via CI pipeline, so there is no possibility for me to push app.yaml file to App Engine

推荐答案

如果您想存储应用程序在运行时可用的机密，将它们保存在数据存储区中并不是一个坏主意.我知道很多应用都可以做到这一点.

If you want to store secrets that are available to the app at runtime, keeping them in the datastore isn't a bad idea. I know of many apps that do that.

这是一个可汗学院使用的应用，这是在数据存储中存储秘密凭证的一个很好的例子.它是在 Python 中编写的，但您可以大致了解一下.请注意，在首次管理员登录时，它会提示您输入机密存储.

Here's an app used by the Khan Academy that's a good example of storing secret credentials in the datastore. It's in Python, but you can get the general idea. Note that on first admin login, it prompts for secrets to store.

这篇关于如何在 Google App Engine 中设置环境变量/应用程序机密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！