I am trying to hide secret keys (for access to MongoDB and S3) in a script. I would like to make use of Github Secrets or something similar. Does anyone have experience with setting hub Github Secrets / Actions and could you explain me how to do it?
Within VIKTOR apps you can use the environment variable
VIKTOR_APP_SECRET for secrets. At the moment the implementation in the product contains the following limitations you should be aware of:
- there is only one variable. if you need multiple you can concatenate them with a known separator
- it is not possible yet to self-service this secret in a published app. this means you need to communicate the value to us by sending a mail to firstname.lastname@example.org. Please don’t send it plaintext in the body of the email. You can use a service like https://wormhole.app/ to send the secret and make sure it can only be downloaded once.
- during development: you can use the commandline option
--env to provide environment variables
- during publishing: the environment variable are not a part of the deployment
- after publishing: configure on the app by as (as described above)
I hope the above helps