Netlify
Netlify copied to clipboard
shailen-naidoo
feat: support env variable substitution
Motivation
We can't store sensitive information like Netlify API keys in .vscode/settings.json for security reasons.
We would like to use environment variables instead.
Changes
Handles env variable substitution for some contributed config variables.
Note: this only handles the ${env:MY_VAR} case, and does not try to handle every type of substitution.
e.g.
{
"netlify.api_token": "${env:MY_NETLIFY_PAT}",
"netlify.build_hook": "${env:MY_NETLIFY_BUILD_HOOK}",
"netlify.site_id": "${env:MY_NETLIFY_SITE_ID}"
}
Alternatives
If upstream VSCode presents a way to handle variables substitution for contributed config, this might not be needed. See: https://github.com/Microsoft/vscode/issues/46471
We could take a more drastic approach and encrypt the settings.json using something like git secret.
Other attempts at patching this: https://github.com/idleberg/node-vscode-get-config https://github.com/DominicVonk/vscode-variables
@altitudems Hey man! I really appreciate your work that you have put in here, I'll have a look at this tonight and get back to you :smile:
@altitudems Can you please add a how-to test so that I have a direction for validating what you have worked on
Sure thing.
- Create a Netlify PAT
- Store the PAT as a env variable
# In your ~/.zshrc or ~/.bashrc file add:
export MY_NETLIFY_PAT=[your-pat-here]
# Repeat for other sensitive values
- Restart VSCode so that it loads in the new env variable
- Modify
settings.json, adding a reference to the environment variables using${env:YOUR_ENV-VAR}
{
"netlify.api_token": "${env:MY_NETLIFY_PAT}",
"netlify.build_hook": "${env:MY_NETLIFY_BUILD_HOOK}",
"netlify.site_id": "${env:MY_NETLIFY_SITE_ID}"
}
- Confirm that the Netlify extension works as expected (it will log the substituted values in the output panel)
@altitudems I am happy with your changes, are you perhaps able to write a unit test for it?