-
-
Notifications
You must be signed in to change notification settings - Fork 641
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support overriding configuration via environment variables / additional config files #6218
Comments
Related #405 |
is that really true? That would already be great, but I didnt test it yet. Does that really work when reading from the unmarshaled config struct or does it require using the viper functions for reading? |
@andig Yup, try setting |
Wow, that's better then I thought. Seems I can remove any calls to For this issue the solution should be within Viper, I'd suggest to add an issue there:
should work for things that are slices. |
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
There are some issues on viper that sound similar: spf13/viper#761 spf13/viper#935 |
@duckfullstop OT, but
doesn't work for me. Update solution:
|
Did you try |
See #6286. |
Also not recent comments like #9363 (reply in thread) |
Es wurde gerade spf13/viper#1429 gemergt. Möglicherweise lässt sich das Problem jetzt lösen. |
Lustig- die Notification hab ich auch bekommen. Steht auf meiner Todoliste :) |
Is your feature request related to a problem? Please describe.
A common problem encountered when running any software in a container is how to handle passing secrets to the container. At present, secrets are stored in the main configuration file, which means that committing the configuration to public repositories (or even private ones) would leak any and all secrets.
At present, thanks to @andig's e220091, there is support for overriding most configuration using the environment (e.g
EVCC_MQTT.PASSWORD
- but it is not possible to override things such as the vehicles entry (i.e you can't doEVCC_VEHICLES[0].PASSWORD
.Describe the solution you'd like
There's a few possible options for alleviating this:
EVCC_VEHICLE_NAME
,EVCC_VEHICLE_PASSWORD
, or maybe something likeEVCC_VEHICLE_superexpensivetesla_PASSWORD
) - this would require specific lookups on each key by handpassword: ENV_VEHICLE_PASSWORD
would checkVEHICLE_PASSWORD
evcc_
space because that's already used for Viper's configuration overloading (as e220091)evcc.yaml
andsecrets.yaml
, then merge them to produce a final in-memory configuration that can be used freelyAll of these methods have their upsides and downsides, hence why I'm raising this as an issue for further discussion instead of going straight to PR.
Describe alternatives you've considered
Treating my entire configuration file as a secret isn't ideal, as it means I'm obscuring a large part of my infrastructure from my public repositories.
Additional context
Discussed in Slack: https://evccgroup.slack.com/archives/C01321PUJAD/p1676019600376789
The text was updated successfully, but these errors were encountered: