Feature Request: Cloak env variables in Docker definition .yaml files

[akulmehta]

Very nice extension. It would be great if the extension could also cloak the environment variables in .yaml files.

[motdotla]

Interesting. @akulmehta, can you share an example .yaml file like that?

[akulmehta]

Below is an example of the .yaml file:

runtime: php
env: flex
  document_root: public
skip_files:
  - .env
env_variables: # the values for fields under this heading would be sensitive information like the DB information
  APP_ENV: local
  APP_DEBUG : true
  DB_CONNECTION: mysql
  DB_HOST: localhost
  DB_DATABASE: instance_id
  DB_USERNAME: database_user_name
  DB_PASSWORD: database_password
beta_settings:
  setting1: project:cloud-instance

The nested fields are indicated by indentation and the environment variables are put under the heading of env_variables for this case, however it can be different for different applications/pipelines.

[motdotla]

What frameworks or languages use this .yaml approach? I'm just curious before we start work on this. Why not just use a .env file?

[akulmehta]

@motdotla .yaml is used in Docker for containerized apps and serverless apps. Docker in turn is used by several frameworks and apps for deployment.

[motdotla]

I see. You're using environment variables inside a docker yaml definition file.

Optionally, you could reference a .env file from there instead. We recommend this because it is safer and also more flexible (you can now swap in different .env files and manage them from a secrets manager like dotenv-vault or others)

version: '3.8'
services:
  my-service:
    image: your-image
    env_file:
      - .env

BUT I acknowledge this is also a common and convenient way to define them. I've done it myself many times.

We'll consider this feature as others request it as well. It would be nice to have.