Manage Configuration Values with Environment Variables

Share this video with your friends

Send Tweet

Storing configuration in files instead of the environment has many downsides, including mistakenly checking in the wrong configuration in the wrong environment, coupling configuration with code, and scaling issues in larger server architectures.

We’ll learn how to update app code to look at environment variables for configuration values instead of using configuration files, and different approaches for managing environment variables between dev/stage/prod.

Chetan Kantharia
Chetan Kantharia
~ 7 years ago

Is it a good practice to add .env file to a repo, because it may leak credential if the project is open-source.

Michael
Michael
~ 7 years ago
Michael
Michael
~ 7 years ago

Is the .env file not a configuration file? Even if the configuration data is stored in process.env, it is still passed as a file that has to be parsed in the used language. All the disadvantages mentioned apply IMO:

mistakenly checking in the wrong configuration in the wrong environment, coupling configuration with code, and scaling issues in larger server architectures

Mark Shust
Mark Shust(instructor)
~ 7 years ago

environment variables, whether passed by file or set within the environment, i'd consider runtime config. there needs to be a way between dev/stage/prod/whatever to use the same config files but still change specific values of the config on the fly. if things require a higher-level of security, secrets should be used.

fyi there are also situations that aren't present within this tut, such as running swarm or kubernetes. say an api key is set from an env var, and it needs to be immediately changed on my cluster of nodes. i can issue an env var update on the fly without rebuilding my entire artifact/build, and it's immediately updated.

Rajat S
Rajat S
~ 7 years ago

Cannot connect to MongoDB! { MongoNetworkError: failed to connect to server [localhost:27017] on first connect [MongoNetworkError: connect ECONNREFUSED 127.0.0.1:27017] at Pool.<anonymous> (/Users/sahusoft/twelve-factor/foo/node_modules/mongodb-core/lib/topologies/server.js:503:11) at Pool.emit (events.js:127:13) at Connection.<anonymous> (/Users/sahusoft/twelve-factor/foo/node_modules/mongodb-core/lib/connection/pool.js:326:12) at Object.onceWrapper (events.js:219:13) at Connection.emit (events.js:127:13) at Socket.<anonymous> (/Users/sahusoft/twelve-factor/foo/node_modules/mongodb-core/lib/connection/connection.js:245:50) at Object.onceWrapper (events.js:219:13) at Socket.emit (events.js:127:13) at emitErrorNT (internal/streams/destroy.js:64:8) at process._tickCallback (internal/process/next_tick.js:152:19) name: 'MongoNetworkError', message: 'failed to connect to server [localhost:27017] on first connect [MongoNetworkError: connect ECONNREFUSED 127.0.0.1:27017]' }

Michael
Michael
~ 7 years ago

@Rajat Have you startet a MongoDB instance? It is not shown in the video.

Hoang
Hoang
~ 6 years ago

Yeah I was facing the same problem,

$ brew install mongodb

$ brew services start mongodb

Mark Shust
Mark Shust(instructor)
~ 6 years ago

@Rajat Have you startet a MongoDB instance? It is not shown in the video.

Correct, the video assumes you have a locally running mongodb instance.

Mark Shust
Mark Shust(instructor)
~ 6 years ago

Is it a good practice to add .env file to a repo, because it may leak credential if the project is open-source.

No, you don't want to necessarily add this file to your repo unless the environment variables do not need to be secure.

Mark Shust
Mark Shust(instructor)
~ 6 years ago

What about security (see Environment Variables Considered Harmful for Your Secrets)?

This course follows methodologies of the 12-Factor app, and does not necessarily contain opinions on what is considered secure or insecure. Storing credentials within environment variables aren't any less secure than storing them within application files. That said, there could be other methods (such as docker secrets) which are considered more secure depending on your application needs.

These black/white discussions needs to stop as there are many ways do to things, and one way isn't necessarily any more better or worse than all other ways. New methods and techniques are always created, and that doesn't necessarily mean that every single previous approach is no longer "correct". You need to look at your specific application and determine what is appropriate for your own needs.

josh
josh
~ 6 years ago

It's unfortunate you felt the need to demonstrate this concept using mongodb (or any other database). It distracts from the concept and it assumes prior experience with the database in question

Mark Shust
Mark Shust(instructor)
~ 6 years ago

It's unfortunate you felt the need to demonstrate this concept using mongodb (or any other database). It distracts from the concept and it assumes prior experience with the database in question

Using a database is pretty common, it's a very valid use-case for env vars (probably my most-used case). The choice of Mongo vs MySQL vs whatever is pretty irrelevant.

~ 5 years ago

Yeah I was facing the same problem,

$ brew install mongodb

$ brew services start mongodb

This doesn't seem to work. I recommend just following the mongodb installation instructions instead. https://docs.mongodb.com/manual/tutorial/install-mongodb-on-os-x/