.env
This topic describes the .env
file as it pertains to your application in Optimizely Connect Platform (OCP).
Sensitive secrets and tokens should never be checked into your code repository or submitted as part of your app package. In order to protect your secrets, you can use an optional .env
file that should not be committed into your code repository (add to .gitignore, for example). If your app does not require global sensitive data, you do not have to include this file.
Add your secrets to the .env
file in the root of your app in the following format:
APP_ENV_GLOBAL_SECRET=12345a83hd8blk34jsao2983hlaksd8
APP_ENV_CLIENT_ID=JEdi2hf8vH
Important
All app environment variables MUST start with
APP_ENV_
Then add the same environment variable names to your app.yml
under environment:
environment:
- APP_ENV_GLOBAL_SECRET
- APP_ENV_CLIENT_ID
This indicates these environment variables are required for your app to run so when you upload your app, the OCP CLI will ensure you included the values in your .env
file before uploading the app.
When you upload an app, the OCP CLI reads the environment variable values and uploads them separately and securely to OCP. These values are tied to the current app version you are uploading. After publishing your app, if you want to update the values, you need to prepare a new version of your app with an updated .env
file.
If you want to prepare a new version of your app, but do not have access to the correct .env
values, you can re-use the previous AppVersion's .env
file with: ocp app prepare --use-previous-app-env-values ...
You can access these variables using process.env.APP_ENV_<name>
.
Zone Specific .env
In addition to supplying a .env
file, developers can provide a .env.\<availablity\>
file (for example .env.eu
.) These files are processed in the order of .env -> .env.\<availablity\>
for value overriding.
Any application using all
is not permitted to use an availability specific .env
file.
Updated about 1 year ago