How to deploy ASP.NET Core UserSecrets to production

C#asp.net Coreasp.net Core-Mvc

C# Problem Overview

I followed the Safe storage of app secrets during development guide over on the asp.net docs during development but it does not describe how to use it when publishing to another machine for QA, Production, etc. What I figured it would do was insert them into the appsettings.json during publish but it does not. I ended up having to place my SendGrid keys and other sensitive information directly into the appsettings.json which really defeats the purpose of the app secrets.

Is using app secrets the best way or is there another way to store API keys and SQL user/passwords in my configs?

C# Solutions

Solution 1 - C#

Don't use app secrets in production. Ever. As the article says DURING DEVELOPMENT.

How you publish secrets in production is up to your production environment. Linux, Windows and Azure all support environment variables - that's where your secrets should go, using whatever UI your hosting provider gives you.

The app settings documentation goes into this in greater detail

Solution 2 - C#

Why "don't use app secrets in production". Is it encrypted secrets safe? It's very acceptable for app configuration, for example, your mentioned SendGrid for password recovery. Is it configuration secrets at all in server? Why do I prohibited? Just copy compiled from development to production and it works.

Startup.cs

    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
        var builder = new ConfigurationBuilder().AddUserSecrets<Startup>();
        Konfiguration = builder.Build();
    }

    public IConfiguration Configuration { get; }

    public IConfiguration Konfiguration { get; }

    public void ConfigureServices(IServiceCollection services)
           ....
        services.AddSingleton<IEmailSender, EmailSender>();
        services.Configure<AuthMessageSenderOptions>(Configuration);
        if (Configuration["SendGridKey"] != null)
            return;
        // linux'e secrets.json nenuskaitomas
        services.Configure<AuthMessageSenderOptions>(options => {
            options.SendGridKey = Konfiguration["SendGridKey"];
            options.SendGridUser = Konfiguration["SendGridUser"];
        });
    }

HomeController.cs

    private readonly IOptions<AuthMessageSenderOptions> _optionsAccessor;

    public HomeController(..., IOptions<AuthMessageSenderOptions> optionsAccessor)
    {
        ...
        _optionsAccessor = optionsAccessor;
    }

    public IActionResult Index(...)
    {
        if (_optionsAccessor.Value.SendGridUser != null)
            ModelState.AddModelError("", _optionsAccessor.Value.SendGridUser);
        ....

Go forward with "Enable account confirmation and password recovery" https://docs.microsoft.com/en-us/aspnet/core/security/authentication/accconfirm?view=aspnetcore-2.1&tabs=visual-studio#configure-email-provider

Categories
Recommended C# Solutions
Recommended asp.net Core Solutions
Recommended asp.net Core-Mvc Solutions

Previous Solution:

Save base64 image in django file field

PythonDjangoImageFilefield

Next Solution:

How to combine Celery with asyncio?

PythonPython 3.xAsynchronousCeleryPython Asyncio

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionMitchell SkurnikView Question on Stackoverflow
Solution 1 - C#blowdartView Answer on Stackoverflow
Solution 2 - C#user1855805View Answer on Stackoverflow