Feed
Great Post Shen. Nice breakdown of things. As to your thought here:
Disclaimer: I am not sure how will dotenv and Docker work in a serverless environment (Vercel), maybe it'll retrieve it for every different server?
Checkout the .env.vault file. It is not well documented yet, but it is the future here today. Rather than syncing your secrets and scattering them across multiple 3rd parties, you include an encrypted .env.vault with your deploy, and then set a single DOTENV_KEY on your server/serverless/etc. On boot, your .env.vault file is decrypted just in time and your app runs correctly.
This new approach to security will prevent breaches like the CircleCI breach being effective.
This is an essential difference between dotenv-vault and other SecretOps solutions. It's important to us.
This looks great!!! Could be a project with huge potential.
This looks nice, will try it out for personal projects π, but from the article it seems it still pulls the config value which will reside in the .env file. Look at how Doppler handles it, it doesn't put the value in files. you can see the secret using command but it's mostly abstracted, and it has better integrations with all PaaS providers like vercel, heroku
Furkan Emin Can
A front-end developer who loves reading, writing, and calisthenics.
Thanks Hoh Shen Yien. I had saw it when I researched the dotenv-expand package, but I didn't pay much attention.
With this information, I'd like to try it in my future projects.
(By the way, I like your custom design much.)