0 1 00:00:00,510 --> 00:00:01,940 So enough with the announcements. 1 2 00:00:01,950 --> 00:00:06,000 I want to get to a topic that I've been working on and focused on from my Node.js course. 2 3 00:00:06,030 --> 00:00:11,340 And that is environment variables so like raise your hand in chat and you can by the way in chat you 3 4 00:00:11,340 --> 00:00:19,530 can do a colon wave colon and then it will actually do a little wave hand wave your hand if you're dealing 4 5 00:00:19,590 --> 00:00:24,660 with environment variables in your apps and you'd like easier ways that you're not exactly sure if you're 5 6 00:00:24,660 --> 00:00:26,840 doing the best way for environment variables. 6 7 00:00:27,000 --> 00:00:30,230 Because I struggled with that for quite a while. 7 8 00:00:30,240 --> 00:00:35,760 I mean not just in containers but in all of distributed computing making sure that all of my apps have 8 9 00:00:35,760 --> 00:00:39,200 at least some consistent way to do environment variables. 9 10 00:00:39,210 --> 00:00:46,050 Getting information secrets your you know server your server DNS names you know you name it all that 10 11 00:00:46,050 --> 00:00:47,790 stuff into your containers 11 12 00:00:52,700 --> 00:00:53,790 so all right. 12 13 00:00:53,810 --> 00:00:56,420 So it looks like a few of you are interested in this topic. 13 14 00:00:56,540 --> 00:00:59,280 So this will be part of my node.js course. 14 15 00:00:59,300 --> 00:01:05,840 And then I plan to take some of that and figure out how to release that information to the Web. 15 16 00:01:05,860 --> 00:01:13,400 There's a couple of ways that you can go about it but the basics of this come out of 12 factor apps. 16 17 00:01:13,400 --> 00:01:18,190 And if you haven't heard about a factor app it's been around for a decade or more and it's a concept 17 18 00:01:18,200 --> 00:01:26,820 about 12 factors that make a distributed app more successful essentially and it's from a company that 18 19 00:01:26,820 --> 00:01:32,790 learned early on in cloud and on the Internet how they needed to manage all the different points of 19 20 00:01:32,790 --> 00:01:39,660 their app and how they needed to know the different concerns they had around best practices essentially 20 21 00:01:39,660 --> 00:01:41,280 for writing distributed apps. 21 22 00:01:41,280 --> 00:01:47,670 And chances are if you've got a database on one server and an API over here and a Web site over here 22 23 00:01:47,670 --> 00:01:52,330 and a worker job over there but lets a distributed app right there's lots of definitions for distributed 23 24 00:01:52,330 --> 00:01:57,630 that but generally most of us today if you're concerned about containers and you that's part of your 24 25 00:01:57,630 --> 00:02:01,980 job and you're running them on servers you're probably dealing with some distributed apps. 25 26 00:02:01,980 --> 00:02:06,840 So the interesting part about this is the config state. 26 27 00:02:06,870 --> 00:02:11,970 So if you go back to the twelve factor dot net paid to throw this into chat you can definitely skim 27 28 00:02:11,970 --> 00:02:19,360 through these later and then dive into each topic when you have to deal with that in your app. 28 29 00:02:19,410 --> 00:02:25,590 But the one that I wanted to talk about today was the config and config was about storing the settings 29 30 00:02:25,590 --> 00:02:26,400 for your environment. 30 31 00:02:26,430 --> 00:02:33,950 So as you learn if you're taking my dog or Mastery course you know that you never want your your your 31 32 00:02:33,950 --> 00:02:40,820 images or your apps themselves to have hard coded settings that would be different for each environment 32 33 00:02:40,960 --> 00:02:46,280 and the environment might mean you're like a machine that the dev test server or the staging server 33 34 00:02:46,280 --> 00:02:51,560 or the production server or if you like a lot of us you have multiple levels of production and multiple 34 35 00:02:51,560 --> 00:02:54,010 copies of production like all these things. 35 36 00:02:54,020 --> 00:02:59,810 If there's anything that might change in there that might be memory settings in Java that might be different 36 37 00:03:00,020 --> 00:03:01,480 passwords for an API. 37 38 00:03:01,490 --> 00:03:05,800 Different keys that might be storage keys for your cloud. 38 39 00:03:05,800 --> 00:03:12,950 It could be anything from just the word of maybe those in your app is a little flag that indicates which 39 40 00:03:13,430 --> 00:03:17,940 part of the system you're on and you need that set in a simple little environment variable. 40 41 00:03:18,110 --> 00:03:25,860 All that stuff needs to be pulled out of your app and one of the rules of twelve factor is if strict 41 42 00:03:25,860 --> 00:03:28,610 separation of config from code right. 42 43 00:03:28,620 --> 00:03:33,420 And we've all seen that we've all probably done it putting you know hard hardcoded value like local 43 44 00:03:33,420 --> 00:03:38,460 host because your app is always running on the same server as your database but that's before containers 44 45 00:03:38,970 --> 00:03:42,900 then you might see a hardcoded app that says local host in code right. 45 46 00:03:42,900 --> 00:03:49,170 And that's unfortunate because that makes them data that makes them very rigid and hard to deal with 46 47 00:03:49,170 --> 00:03:52,290 because now you got to change code just a changed environment so you don't want to do that. 47 48 00:03:52,290 --> 00:04:00,000 And one of the ideas of this is that twelve factor apps and if you're following the twelve factor principles 48 49 00:04:00,000 --> 00:04:07,350 you tend to have a very easy time making them into containers the twelve factor apps ideally are using 49 50 00:04:07,440 --> 00:04:09,510 everything through environment variables. 50 51 00:04:09,540 --> 00:04:15,130 The reason is is because every OS and every system all supports that right. 51 52 00:04:15,150 --> 00:04:20,580 If you have a Java app over here and you've got a no GSM over there and then you've got a database app 52 53 00:04:20,580 --> 00:04:24,420 back here that's storing your databases and you've got a MIM caching all these things. 53 54 00:04:24,420 --> 00:04:29,830 Every one of those has a different way of consuming its values its environment variables right. 54 55 00:04:30,060 --> 00:04:32,670 The settings it needs the config it needs to get start up. 55 56 00:04:32,670 --> 00:04:33,690 Those are all different. 56 57 00:04:33,810 --> 00:04:35,680 And so that can be quite frustrating. 57 58 00:04:35,700 --> 00:04:39,840 So the only thing that's consistent between all of them is environment variables. 58 59 00:04:39,840 --> 00:04:41,250 Every shell supports it. 59 60 00:04:41,340 --> 00:04:45,160 Windows Mac Linux they all support the same functionality. 60 61 00:04:45,240 --> 00:04:50,730 It might be slightly different the way you set an environment variable or clear it but the key value 61 62 00:04:50,730 --> 00:04:52,140 is the same and all of them. 62 63 00:04:52,140 --> 00:04:53,070 Right. 63 64 00:04:53,130 --> 00:04:58,190 So that's a core premise and that's what you can see throughout the doctor and the container ecosystem 64 65 00:04:58,200 --> 00:05:00,750 as we've all adopted that as our standard. 65 66 00:05:00,750 --> 00:05:06,270 Now what I means is is like if you have for example an application that has a demo file or an I and 66 67 00:05:06,270 --> 00:05:13,440 I or some other sort of config file that the values need to get to then you have to write a middle layer 67 68 00:05:13,620 --> 00:05:18,690 between the environment variables and then where they're going to go into the app. 68 69 00:05:18,800 --> 00:05:19,470 Right. 69 70 00:05:19,620 --> 00:05:24,460 And I have an example of this in my not so complete BHP app. 70 71 00:05:24,570 --> 00:05:29,150 So over on GitHub in my PSP app images show you a quick literal example. 71 72 00:05:29,190 --> 00:05:30,800 And then we're gonna get to your questions. 72 73 00:05:30,870 --> 00:05:36,330 So in here what I have is a docker file and this sacrifice there's a lot of things but the things I 73 74 00:05:36,330 --> 00:05:44,040 want to focus on is in this level app I have defaults that I set in the docker file for environment 74 75 00:05:44,040 --> 00:05:45,090 variables. 75 76 00:05:45,090 --> 00:05:53,510 Now the reason and the way that I'm setting them here is I prefer that the settings here default to 76 77 00:05:53,510 --> 00:05:59,510 working in a production environment up to you whether you say hey look these defaults are just gonna 77 78 00:05:59,540 --> 00:06:04,160 be the average production values or they might you might say hey this is gonna be the average developer 78 79 00:06:04,160 --> 00:06:12,260 values I prefer to them sort of defaulting a little bit to the production side of things that way I 79 80 00:06:12,260 --> 00:06:17,240 can override them with a compose file locally in my local machine no problem but it's up to you how 80 81 00:06:17,240 --> 00:06:23,110 you do that but you definitely want to create consistent ones here that makes sense from the get go. 81 82 00:06:23,150 --> 00:06:27,830 Now you're gonna overwrite a lot of these with other ways of setting it either through the docker run 82 83 00:06:27,830 --> 00:06:34,880 command or through deploying a swarm or a Cuban network deployment or in your Ducker compose GMO file 83 84 00:06:34,910 --> 00:06:35,840 you will overwrite those. 84 85 00:06:35,840 --> 00:06:36,310 Right. 85 86 00:06:36,380 --> 00:06:42,710 You can even overwrite these at the shell before you run those commands and it will suck those in. 86 87 00:06:42,770 --> 00:06:49,280 You can also you using something like Docker compose you can set a dot EMV file that in the PSP world 87 88 00:06:49,280 --> 00:06:53,910 is actually a standard that it will work in such that in the gamble as well. 88 89 00:06:54,350 --> 00:06:59,810 So you can see that I have these here but obviously some of these go into the app they might go into 89 90 00:06:59,810 --> 00:07:03,320 different files and let's back up a second 90 91 00:07:07,190 --> 00:07:08,510 and I'll show you the next part. 91 92 00:07:08,540 --> 00:07:13,610 So those are embedded in the doctor file when the image is built right now. 92 93 00:07:13,700 --> 00:07:21,020 When I want to look at my doctor compose file this is going to be used for local settings right. 93 94 00:07:21,060 --> 00:07:26,850 When I'm doing development and then I can look through here and you can see that I'm setting them all 94 95 00:07:26,860 --> 00:07:28,880 and maybe either setting them differently. 95 96 00:07:28,880 --> 00:07:31,220 I don't have to override them if I don't want to. 96 97 00:07:31,290 --> 00:07:35,940 But in this case I'm choosing to set similar ones as an example. 97 98 00:07:35,940 --> 00:07:40,620 If I didn't need to override the ones in the image I might just leave a lot of these alone. 98 99 00:07:40,620 --> 00:07:41,730 So there's that. 99 100 00:07:41,730 --> 00:07:41,970 All right. 100 101 00:07:41,970 --> 00:07:46,410 So I'm setting them here and now these will be used on container startup. 101 102 00:07:46,410 --> 00:07:49,470 So if I wanted to change them I have to restart the container. 102 103 00:07:49,470 --> 00:07:51,740 I don't have to delete the container right. 103 104 00:07:51,750 --> 00:07:53,050 I just had to restart it. 104 105 00:07:53,100 --> 00:08:02,340 So you can use Dr. composed to do that then the next step is maybe let's see 105 106 00:08:06,440 --> 00:08:12,550 maybe on my local machine or even in production I need those to be in specific files. 106 107 00:08:12,590 --> 00:08:12,830 Right. 107 108 00:08:12,830 --> 00:08:17,320 So when my kid my application starts up those environment variables need to be somewhere else. 108 109 00:08:17,330 --> 00:08:20,180 They can't just live in environment variables for some apps right. 109 110 00:08:20,210 --> 00:08:26,060 I would call these legacy apps or traditional apps where they're not looking to environment variables 110 111 00:08:26,060 --> 00:08:26,600 by default. 111 112 00:08:26,600 --> 00:08:32,300 Now if I was creating a new app my goal would be that that looks to environment variables and maybe 112 113 00:08:32,300 --> 00:08:37,700 there's some config file or something that the app uses but I'm overriding those with enviroment variables 113 114 00:08:37,760 --> 00:08:38,300 automatically. 114 115 00:08:38,300 --> 00:08:43,070 So the idea is my app is smart enough to say hey if there isn't an environment variable for this I will 115 116 00:08:43,070 --> 00:08:45,050 use this default from this file. 116 117 00:08:45,050 --> 00:08:48,710 But if there's already an enviroment variable set I will use that. 117 118 00:08:48,710 --> 00:08:53,870 Now if you're familiar with swarm and Cuban net is you know that once we get into secrets and configure 118 119 00:08:54,200 --> 00:09:00,960 we can start overwriting those entire files and providing passwords and secrets as individual files. 119 120 00:09:01,040 --> 00:09:03,820 So you also might want your app to be aware of those. 120 121 00:09:03,830 --> 00:09:09,650 But if your app if you're not building your own custom app or you're using maybe stuff from Docker Hub 121 122 00:09:09,650 --> 00:09:14,970 or official open source then what you need to look at is providing an entry point script. 122 123 00:09:15,050 --> 00:09:21,350 Now the way that gets run is in your image you set the entry point script you want it to run and it 123 124 00:09:21,350 --> 00:09:23,180 will run that at startup. 124 125 00:09:23,180 --> 00:09:31,100 And what you can see here is a very simple example of me writing the violent variables and some other 125 126 00:09:31,100 --> 00:09:36,960 hard coded data into a specific file on startup simply using a bash script. 126 127 00:09:36,970 --> 00:09:37,180 Right. 127 128 00:09:37,220 --> 00:09:38,480 Does have to be fancy. 128 129 00:09:38,720 --> 00:09:44,360 You can use other methods to do this as well but it tends to be in the docker official images. 129 130 00:09:44,360 --> 00:09:46,070 This app tends to be the standard. 130 131 00:09:46,080 --> 00:09:46,690 All right. 131 132 00:09:46,730 --> 00:09:51,980 So in this case I'm taking environment variables that were set either in the docker file or the compose 132 133 00:09:51,980 --> 00:09:59,330 file which overrode the image Docker file it'll take those Passim into here and then this will echo 133 134 00:09:59,330 --> 00:10:01,190 that stuff out to a file. 134 135 00:10:01,190 --> 00:10:01,850 It's about image. 135 136 00:10:01,850 --> 00:10:10,070 So this is for a legacy HP app that expects a p HP FP M config file and I need to set certain config 136 137 00:10:10,070 --> 00:10:14,230 values for NPM that are unique to each environment in this case. 137 138 00:10:14,240 --> 00:10:21,740 These are actually this how how much I want the FGM system to grow and how much how many sub processes 138 139 00:10:21,740 --> 00:10:23,000 I want to spawn stuff like that. 139 140 00:10:23,000 --> 00:10:23,270 Right. 140 141 00:10:23,270 --> 00:10:28,430 So that would be different on the local development versus production on production I want it to be 141 142 00:10:28,520 --> 00:10:29,150 to grow a lot. 142 143 00:10:29,180 --> 00:10:29,390 Right. 143 144 00:10:29,390 --> 00:10:35,050 So you would change that stuff here and this is how you take those legacy apps and make them work. 144 145 00:10:35,090 --> 00:10:40,700 Now you can see this stuff in official images because that's how a lot of my stuff I learn from. 145 146 00:10:40,700 --> 00:10:47,000 So if I just went into the my sequel you can see how they did it which is exactly the same way my sequel 146 147 00:10:47,000 --> 00:10:49,490 does needs things in a config file. 147 148 00:10:49,490 --> 00:10:50,050 Right. 148 149 00:10:50,060 --> 00:10:53,170 It needs settings that are dynamic at runtime. 149 150 00:10:53,180 --> 00:11:04,650 So if you looked in the docker file for the official my sequel and you scroll down you'll see that yes 150 151 00:11:04,650 --> 00:11:10,890 it does set some environment variables here but it also has an entry point script that it copies in 151 152 00:11:11,160 --> 00:11:15,020 it links it to a specific location and then it as it is the entry point. 152 153 00:11:15,030 --> 00:11:18,610 So the command here is seeing the CMB you can't really see it. 153 154 00:11:18,630 --> 00:11:25,860 The CMB is for just my sequel the entry point technically runs is before that and then it passes execution 154 155 00:11:25,860 --> 00:11:26,680 to the CMT. 155 156 00:11:26,700 --> 00:11:32,100 Once that script is done running now the way that I find that script in here is I just go up one level 156 157 00:11:32,100 --> 00:11:38,010 and get hub and I click on this eight point so and then I will see an environment variable 157 158 00:11:41,530 --> 00:11:42,060 see 158 159 00:11:45,640 --> 00:11:51,300 and now we have the shell script that's run every time my sequel starts all right. 159 160 00:11:51,340 --> 00:11:59,500 And in here it does things like take environment variables and make them available for the app. 160 161 00:11:59,500 --> 00:12:05,710 In fact it's smart enough that if you add a little underscore file on the end of an environment variable 161 162 00:12:05,740 --> 00:12:12,450 it will take whatever is in that file and turn it into the environment variable which is great for all 162 163 00:12:12,550 --> 00:12:16,240 the applications that still need secrets an API keys and all that stuff. 163 164 00:12:16,240 --> 00:12:23,200 And if you're using swarm secrets or Cuban entities secrets those things are provided as they can be 164 165 00:12:23,200 --> 00:12:23,980 provided as files. 165 166 00:12:23,980 --> 00:12:29,140 Now you can always use stuff like vault and other fancy systems that honestly file based but in containers 166 167 00:12:29,140 --> 00:12:33,840 we tend to use things as files and Linux in general we then use things as files. 167 168 00:12:33,880 --> 00:12:36,180 So you're passing these things in as individual files. 168 169 00:12:36,190 --> 00:12:40,270 And then this little bit of shell script which is open source which means you can copy it and put it 169 170 00:12:40,270 --> 00:12:47,770 into your app you can use that to copy the environment variables out of the text file and then stick 170 171 00:12:47,830 --> 00:12:54,190 each one of them in an environment variable named appropriately and that way the app down later can 171 172 00:12:54,190 --> 00:12:59,890 have environment variables that are written in to config files for the app and everything's wonderful. 172 173 00:12:59,890 --> 00:13:00,130 Right. 173 174 00:13:00,130 --> 00:13:04,690 And this would change on every start of the app because the inherent variables might be different. 174 175 00:13:04,720 --> 00:13:07,360 And then it would rewrite those and that's how that works. 175 176 00:13:07,360 --> 00:13:09,210 So hopefully understand those steps. 176 177 00:13:09,210 --> 00:13:11,100 There's a lot more to it. 177 178 00:13:11,290 --> 00:13:13,750 There's actually a let me get you real quick. 178 179 00:13:13,780 --> 00:13:20,860 There is a great little summary of dealing more with environment variables inside of compose it's article 179 180 00:13:20,860 --> 00:13:29,830 I wrote even get the link here. 180 181 00:13:34,650 --> 00:13:36,950 Yeah this is over on the Riley site. 181 182 00:13:37,260 --> 00:13:39,780 And I did a nice blog article for them. 182 183 00:13:39,810 --> 00:13:40,870 Well I think it's nice. 183 184 00:13:40,890 --> 00:13:45,500 But you know it's up to you to say give us lies. 184 185 00:13:45,510 --> 00:13:50,640 And it talks about Dr. Campos because a lot of what we're dealing with for developers especially is 185 186 00:13:50,640 --> 00:13:52,230 the local config. 186 187 00:13:52,230 --> 00:13:54,450 How do I make my config specific for me. 187 188 00:13:54,630 --> 00:14:01,170 And one of those things is an override file which I unfortunately don't have in this HP example I don't 188 189 00:14:01,170 --> 00:14:05,320 think I don't have an override file but I should. 189 190 00:14:05,320 --> 00:14:07,380 That would be another thing to add into here. 190 191 00:14:07,690 --> 00:14:10,090 But in here I will put that in check. 191 192 00:14:10,090 --> 00:14:14,050 Check that O'Reilly link out to talk about three different things and compose that will really help 192 193 00:14:14,050 --> 00:14:20,440 you up your game on managing configuration and reducing replicated parts right templating means you 193 194 00:14:20,440 --> 00:14:25,840 can add specific parts in the top your compose file and then repeat without having to repeat those over 194 195 00:14:25,840 --> 00:14:30,460 and over again so if you have lots of the same environment variables because you're doing micro services 195 196 00:14:30,730 --> 00:14:34,850 and you have maybe 20 micro services in a compose file templating is for you. 196 197 00:14:34,870 --> 00:14:39,490 This is another thing that will really save you some time and you can have all the same parts that need 197 198 00:14:39,490 --> 00:14:43,900 to be repeated over and over again at the very top of your compose file and then it's this is just a 198 199 00:14:43,900 --> 00:14:49,900 gamble thing really the templating and then you can then insert that on each service at the appropriate 199 200 00:14:49,900 --> 00:14:50,530 time. 200 201 00:14:50,680 --> 00:14:55,240 The way that I do here there's other stuff in here as well I encourage you to check that out including 201 202 00:14:55,240 --> 00:15:01,540 how to use its environment variables inside of composed files not just for setting environment variables 202 203 00:15:01,570 --> 00:15:08,350 in the image but also anything else you want to change in your config file at runtime so check that 203 204 00:15:08,350 --> 00:15:08,950 stuff out. 204 205 00:15:08,950 --> 00:15:13,400 I hope you like it Michael. 205 206 00:15:14,380 --> 00:15:15,680 What's up Michael. 206 207 00:15:16,030 --> 00:15:17,470 Michael Ahrens on the call. 207 208 00:15:17,470 --> 00:15:18,340 Call me. 208 209 00:15:18,820 --> 00:15:21,240 What is this conference call there. 209 210 00:15:21,310 --> 00:15:23,180 Dr. Captain. 210 211 00:15:24,580 --> 00:15:26,830 Often what should not go into environment variables. 211 212 00:15:26,830 --> 00:15:28,740 Who are you baiting. 212 213 00:15:28,750 --> 00:15:29,500 The question. 213 214 00:15:29,500 --> 00:15:32,150 To see what people come up with. 214 215 00:15:32,920 --> 00:15:35,000 What should not go into environment variables. 215 216 00:15:35,000 --> 00:15:43,360 Well so the run of the reasons that Docker and Cuban entities and other tools have created these ways 216 217 00:15:43,360 --> 00:15:48,670 for us to put secrets in the files is so that they don't have to be an environment variables. 217 218 00:15:48,670 --> 00:15:55,090 So ideally if you're creating your own apps for managing your own apps you're keeping those secrets 218 219 00:15:55,180 --> 00:16:00,640 out of environment variables not because necessarily environment variables are inherently insecure it's 219 220 00:16:00,640 --> 00:16:05,100 because we with environment variables we tend to leak them right. 220 221 00:16:05,110 --> 00:16:09,640 They tend to they tend to show up in logs because maybe we do an environment variable dump somewhere 221 222 00:16:09,640 --> 00:16:11,890 in our config or we do. 222 223 00:16:11,890 --> 00:16:18,910 If you don't like a P HP was it there's a p HP test command PSP EMV or I came in what it's called anymore 223 224 00:16:19,210 --> 00:16:24,160 someone I'm sure on here is and remember and tell me but where it'll dump your configuration to a web 224 225 00:16:24,160 --> 00:16:29,380 page there's stuff like that and then if there's any secrets in any environment variables they will 225 226 00:16:29,380 --> 00:16:34,570 be exposed there and you may not intend that especially they leak into logs or in the monitoring system 226 227 00:16:34,570 --> 00:16:36,320 somehow and you. 227 228 00:16:36,430 --> 00:16:41,900 If you have errors sometimes you know if you've ever had applications where if you set it to debug and 228 229 00:16:41,920 --> 00:16:46,480 errors out this is the true thing in dot net where it will then put a whole bunch of variation on the 229 230 00:16:46,480 --> 00:16:51,070 screen and might leak environment variables on the screen because you forgot to lock it down into production 230 231 00:16:51,070 --> 00:16:55,870 mode there's all sorts of ways environment variables can end up in the wrong hands. 231 232 00:16:55,930 --> 00:17:02,410 So a good a good first step on not putting stuff into environment variables would be the secrets and 232 233 00:17:02,410 --> 00:17:09,670 with swarm and communities you can keep those in files and that way you can teach your app how to just 233 234 00:17:09,670 --> 00:17:10,890 get them out of the files. 234 235 00:17:10,960 --> 00:17:19,520 The next step there is you if you can get them from your secrets and config files into the files that 235 236 00:17:19,520 --> 00:17:20,190 the app needs. 236 237 00:17:20,210 --> 00:17:26,510 So instead of storing an environment variable that then eventually gets like I should example eventually 237 238 00:17:26,510 --> 00:17:33,380 gets written to a file you could use can figs and store the configure and secrets and files and then 238 239 00:17:33,380 --> 00:17:36,980 they go directly to the files that maybe my sequel or your app need. 239 240 00:17:36,980 --> 00:17:37,190 Right. 240 241 00:17:37,260 --> 00:17:40,080 So they never technically get into environment variables. 241 242 00:17:40,220 --> 00:17:42,040 So at least not on the server itself. 242 243 00:17:42,110 --> 00:17:42,650 Right. 243 244 00:17:42,680 --> 00:17:45,880 So that's a great topic I'm glad you brought that up. 244 245 00:17:45,890 --> 00:17:52,380 But the thing is is I could probably write an entire course on config secrets environment variables 245 246 00:17:52,400 --> 00:17:56,980 but basically all the things you need for an environment and how to deal with them. 246 247 00:17:57,050 --> 00:17:57,460 Right. 247 248 00:17:57,530 --> 00:18:02,930 And I think we're even if you go to stuff like vault for you and now you're talking about a secret API 248 249 00:18:02,960 --> 00:18:05,110 that you're calling it even gets more complicated. 249 250 00:18:05,120 --> 00:18:07,790 So definitely there's lots to talk about there. 250 251 00:18:07,790 --> 00:18:13,070 And if anyone has good resources that they like feel free to throw and chat or throw them in the comments 251 252 00:18:13,070 --> 00:18:15,650 of the YouTube video for later. 252 253 00:18:15,740 --> 00:18:20,660 All right good question Michael good to see you. 253 254 00:18:20,680 --> 00:18:22,630 Why would would you. 254 255 00:18:22,640 --> 00:18:27,290 Stephen says Would you Ducker file not be in source control though I don't favor having production creds 255 256 00:18:27,290 --> 00:18:29,690 such as user name password and source control. 256 257 00:18:29,690 --> 00:18:34,140 That's why those values are just defaults inside of your doctor files Steven. 257 258 00:18:34,400 --> 00:18:37,310 You wouldn't put real secrets in that file. 258 259 00:18:37,400 --> 00:18:37,710 Right. 259 260 00:18:37,730 --> 00:18:46,470 As you can see the one in my example it's just over here everything in the dagger file is just examples 260 261 00:18:46,560 --> 00:18:47,130 or samples. 261 262 00:18:47,130 --> 00:18:53,580 Now if it's a simple number or something that just needs to be set and there's a default a sort of reasonable 262 263 00:18:53,580 --> 00:18:59,520 default like these right here these p p p.m. settings then sure put in the production ones that you 263 264 00:18:59,520 --> 00:19:02,070 prefer and then you can overwrite them as needed. 264 265 00:19:02,070 --> 00:19:05,030 That way you don't have to set them every single time manually. 265 266 00:19:05,160 --> 00:19:11,250 But yeah if you go down here to any of these ones that are unique to a specific app or a specific environment 266 267 00:19:11,280 --> 00:19:13,490 I'm just putting in dummy values here. 267 268 00:19:13,560 --> 00:19:17,370 I've definitely don't recommend that inside of your code repo. 268 269 00:19:17,370 --> 00:19:23,280 You put in your secrets and your your URLs and environment you know the domain name settings and stuff 269 270 00:19:23,280 --> 00:19:23,770 like that. 270 271 00:19:23,780 --> 00:19:24,640 All right. 271 272 00:19:24,660 --> 00:19:27,900 I agree but your Ducker file itself would be in with your app. 272 273 00:19:27,930 --> 00:19:30,560 Yeah that's where you want to keep it. 273 274 00:19:30,670 --> 00:19:30,970 All right. 274 275 00:19:30,970 --> 00:19:31,650 Good question. 275 276 00:19:31,660 --> 00:19:35,130 Good question yeah. 276 277 00:19:35,140 --> 00:19:39,800 I mean unless they're encrypted right you could do hashing on them if your app accepts that sort of 277 278 00:19:39,800 --> 00:19:40,090 thing. 278 279 00:19:40,100 --> 00:19:42,080 But I still wouldn't keep them in there. 279 280 00:19:42,080 --> 00:19:46,890 I don't I keep environment settings elsewhere but you do need defaults. 280 281 00:19:46,880 --> 00:19:53,090 And what I tend to do in a compose file with Docker compose is I set defaults that work with a local 281 282 00:19:53,090 --> 00:19:54,280 developer out of the box. 282 283 00:19:54,290 --> 00:19:56,780 So Docker compose up would just work for them. 283 284 00:19:56,810 --> 00:20:01,820 Now it may mean they need to get a dot in V file from somewhere else maybe a secure store where you 284 285 00:20:01,820 --> 00:20:04,780 have sort of developer secrets you know that sort of thing. 285 286 00:20:04,790 --> 00:20:10,310 But I really work hard to also not include that like ideally if you're local developer you have everything 286 287 00:20:10,310 --> 00:20:11,420 you need locally. 287 288 00:20:11,540 --> 00:20:16,550 You don't require remote api as remote things and you hopefully have sample data and things that can 288 289 00:20:16,550 --> 00:20:20,780 just be on your local machine and you don't need a lot of secrets that you have to worry about you just 289 290 00:20:20,780 --> 00:20:23,840 have dummy values for everything and you can just get buy locally. 290 291 00:20:23,840 --> 00:20:27,550 Obviously not all of our apps can do that as sort of a utopia. 291 292 00:20:27,590 --> 00:20:30,740 So you're going to come up with a different way to store those secrets and that's why there's so many 292 293 00:20:30,750 --> 00:20:35,390 these ways to set environment variables at runtime so that you can keep them elsewhere and then just 293 294 00:20:35,390 --> 00:20:43,110 get them in at the last second through the environment variables all right good questions on environment 294 295 00:20:43,110 --> 00:20:43,410 verbs. 295 296 00:20:43,410 --> 00:20:47,960 I'm glad we've got this topic today. 296 297 00:20:48,140 --> 00:20:48,720 Let's see 297 298 00:20:51,620 --> 00:20:56,030 what is the simplest way to implement the E and V file. 298 299 00:20:58,010 --> 00:21:02,130 As well I showed you the example of the my sequel app right. 299 300 00:21:02,130 --> 00:21:08,340 And in here they take this script and they there is no EMV file. 300 301 00:21:08,380 --> 00:21:13,180 What this is designed for is this is when you use secrets or config. 301 302 00:21:13,180 --> 00:21:19,420 So if you're using the native secrets and config features of Docker swarm or config maps and secrets 302 303 00:21:19,450 --> 00:21:26,800 in communities you would maybe use this as a way to get those the information out of those files specifically 303 304 00:21:26,800 --> 00:21:29,650 the secrets really and get them into environment variables. 304 305 00:21:29,650 --> 00:21:35,710 If you need them right you may not need to get them out into environment variables but if you did then 305 306 00:21:35,740 --> 00:21:39,460 you could use this little bit of shell script to do that. 306 307 00:21:39,760 --> 00:21:42,730 I hope that answers your question but I wouldn't be. 307 308 00:21:42,790 --> 00:21:46,460 There's no need to create a specific file. 308 309 00:21:46,580 --> 00:21:47,150 Exactly. 309 310 00:21:47,150 --> 00:21:52,340 If you're talking about how to do swarm secrets because swarm secrets create files for you then check 310 311 00:21:52,340 --> 00:21:54,710 out my Docker mastery course at the URL. 311 312 00:21:54,710 --> 00:21:58,250 Brett Fisher dot com slash talker which is down in the description. 312 313 00:21:58,250 --> 00:22:00,500 I talked about that there as well in my swarm course.