praxis icon indicating copy to clipboard operation
praxis copied to clipboard
verified publisher icon convox

Env design

Open nzoschke opened this issue 8 years ago • 2 comments

I'm seeing different behaviors in local and AWS around how environment is validated and passed to various services.

Here's a proposal for much stricter environment white list and validation. We treat the manifest strictly, and warn a user to set environment variables when expected.

  • cx env warns about setting variables that are not defined in the manifest. You can set them but they will not show up anywhere without a manifest change
  • cx env warns about required variables that are not set
  • cx build errors if expected build args do not define a default and do not have an environment variable set
  • cx build errors if required environment variables are not set

nzoschke avatar Jun 11 '17 18:06 nzoschke

We've found the whitelisting behaviour of convox v1 to sometimes add quite a bit of confusion (especially for new devs that we're onboarding) without necessarily seeing a ton of benefit (that I've seen anyways).

What's the driver behind the whitelist? What sort of problem is it solving? Could the concept of a list of "required" environment variables be better (while allowing flexibility for configuring other env vars without defining them ahead of time)?

mwarkentin avatar Jun 12 '17 00:06 mwarkentin

Yeah it's been confusing. I hope no matter what we get good validation and/or warnings to devs early in the setup or deployment pipeline.

The main benefit I see is security. An api service may have GITHUB_KEY and GITHUB_SECRET for doing oauth, where a worker service doesn't need to know those secrets. So the white lists offer a way to guarantee that the worker won't get access to those values.

nzoschke avatar Jun 12 '17 20:06 nzoschke