BLogic Systems

Deployment Hide App Settings Files

Last updated on 
Hide app settings secret properties

Why need to hide app settings properties

please read these articles - https://www.reddit.com/r/learncsharp/comments/sk1d6i/hiding_settings_in_appsettingsjson_when_pushing/ - https://learn.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-7.0&tabs=windows

Overview Context

This implement specific guide for project that using: - Jenkins for building CI/CD - Docker to build Project image - Project is using C# .NET

Context View: let say we having ASP.NET core project that had been implemented CI/CD using jenkins. Whenever repo is update Jenkins will fetch newest update and using docker to build images, then push into docker hub. After that perform image pull from the hub, then perform docker run (or docker-compose.yaml up).

Implementations

Create .env file in jenkins

  • Go to jenkins Dashboard => Manage Jenkins => Managed files
screenshot_2023-07-17_112743.png
screenshot_2023-07-17_112743.png
  • Add a new config and choose to create a custom file
  • Naming it the best if you naming it with your project name prefix and environment example: data-center-api.staging.env
  • Specify content file contents, Those env properties will override appsettings
# Override appsettings please follow the format prefix BLogicDataCenter_[ParentProperty]__[ChildProperty]
BLogicDataCenter_AWSServices__Credential__AccessKeyID=UIASDYUHIAUHUISDHASUIHDU
BLogicDataCenter_AWSServices__Credential__SecretAccessKey=ALISDJLIASJILDJLASIJDJIQOWEI

Docker Compose file

You must adding property like this, below services section

env_file:
    - .env

This specify that when docker-compose run, apply .env file properties as Environment variables

Jenkin Config build steps

  • Go to jenkin dashboard, choose your project and go to configuration
  • Looking for Build Environment section, choose Provide configuration files and choose your file you just created
screenshot_2023-07-17_113739.png
screenshot_2023-07-17_113739.png
  • Previous step specify that perform copy your env file into your workspace after git pull
  • Now you need to modify build steps a little bit, to copy a env file from your workspace to machine that going to run image
#!/bin/bash

SERVER_IP='192.168.0.194'
IMAGE_NAME='ghcr.io/blogicsystems/data-center-api'
CONTAINER_NAME='data-center-api'
ENV_FILE_NAME='data-center-api.staging.env'

echo "🚀 Deploying via remote SSH"

#! using ssl to Copy a .env file into folder that having docker-compose.yaml, also rename it to .env
scp -i "/var/jenkins_home/.ssh/id_rsa" "./${ENV_FILE_NAME}" "bls@${SERVER_IP}:/home/bls/composes/${CONTAINER_NAME}/.env"

ssh -i "/var/jenkins_home/.ssh/id_rsa" "bls@${SERVER_IP}" \
  "docker pull ${IMAGE_NAME} \
  && docker compose -f composes/${CONTAINER_NAME}/docker-compose.yaml down \
  && docker compose -f composes/${CONTAINER_NAME}/docker-compose.yaml up -d \
  && docker system prune -f"

echo "🎉 Successfully deployed, hooray!"

Make Project loading configs in environment variable

  • Go to program.cs or startup.cs add some lines of codes
builder.Configuration.AddEnvironmentVariables("BLogicDataCenter_");

This will help project to load settings from Environment Variables, every env having prefix BLogicDataCenter_ that will load as appsetting.