Skip to content

Instantly share code, notes, and snippets.

@ryanj

ryanj/gist:4446113

Last active June 12, 2016 09:41
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save ryanj/4446113 to your computer and use it in GitHub Desktop.
Save ryanj/4446113 to your computer and use it in GitHub Desktop.
Download ZIP
How to keep secrets out of your public source by using OpenShift ENV variables
Raw
gistfile1.md

Keep secrets out of your source when working with OpenShift

These steps assume that you already have a working app on OpenShift. If you need help, you can get started here!

1. Find your app's ssh address

rhc app show YOUR_APP_NAME

2. ssh into your gear to set your environment variables:

ssh YOUR_APP_SSH_URL

3. Add your environment variables to your ~/app-root/data/.bash_profile

echo "export SECRET_PASS=12345678910" >> ~/app-root/data/.bash_profile

4. Make sure that your .bash_profile is sourced during your app's start up

cd YOUR_LOCAL_REPO
echo "source ~/app-root/data/.bash_profile" >> .openshift/action_hooks/pre_start_nodejs-0.6
git add .openshift/action_hooks/pre_start_nodejs-0.6
git commit -m 'importing bash profile during app init'
git push

Once you have completed these steps, you should be able to reference these variables in node.js via process.env.* Specifically, the above example should make process.env.SECRET_PASS available in your code.

PHP users should be able to access the same variable as getenv('SECRET_PASS'). If you are not using node.js, then the name of the action hook start script (in line 2-3 of step 4) will be different, and will need to be adjusted accordingly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment