In an Microsoft Azure Web App Service under Application Settings, there are Key-Value pair options within the option App Settings. If a developer has PHP or Python files in multiple directories, which of these directories and (or) files would have access to these key-value pairs.
Example:
Suppose the developer has the following key value pair settings in App Settings:
Key: $variableString | Value: "My first example string."
Key: $variableNumber | Value: 1000
PHP files:
site\wwwroot\index.php
site\wwwroot\folderone\pageone.php
site\wwwroot\folderone\pagetwo.php
site\wwwroot\foldertwo\page.php
Would all these files have access to these variables, or would these files need to have a reference (and where?) to where these key-value pairs would be saved like in each PHP file with an include pointer to the App Settings file (Azure doesn't show this becomes a file)?
Thanks.
They will be available as environment variables so it doesn't matter where the file is.
If you set an app setting with key ITEM_COUNT and value 15, you could use:
$item_count = getenv('ITEM_COUNT');
Or:
$item_count = getenv('APPSETTING_ITEM_COUNT');
And $item_count would contain the string "15".
Anything that can access environment variables can access those, as those are environment variables. So python would be able, not sure about php, since I know nothing about it, but pretty sure it could.
In my code I just use this:
"{0}-{1}".format(os.getenv('LOCATION'), os.getenv('COMPUTERNAME'))
Related
Within our pipeline's we would like to set a variable based on some user defined capabilities. For example, agent-1 may store all python versions under "C:/Python" whereas agent-2 may store all python versions under "C:/Documents/Python" and a script may need to know of all the contents stemming from this folder. So, to fix this, we set some user capabilities of where it's stored.
Agent 1: PYTHON_DIR = C:/Python
Agent 2: PYTHON_DIR = C:/Documents/Python
We would like to extract these from in our azure-pipelines.yml for use in future script steps.
We initially tried using the syntax:
variables:
PYTHON_EXE: $(PYTHON_DIR)\Python38\...\python.exe
but this simply echos out as
$(PYTHON_DIR)\Python38\...\python.exe even after an agent reboot.
Eg.: I have a file mycode.py which contains 2 secrets
myfakesecret : "ANSAJHSAKDKDMKADKAMCKSMKSMCKSCC"
MyOriginalSecret: "H%&&^DBSHDBHBBBS%^&&&DSD2343"
I want to ignore myfakesecret but not MyOriginalSecret in truffleHog scan.
If I use --exclude_paths exclude-patterns.txt where exclude-patterns.txt contains mycode.py then truffle hog scan will ignore both secrets.
Can I specify a secret hash or name or any other way to exclude secret not complete file so that it should ignore a particular secret?
Ideally, your code does not include the sensitive secret at all.
That way, truffleHog scan has nothing to ignore/exclude.
mycode.py should read that secret from a file/source outside the repository, at runtime (when you are executing the program.
The Infra team in my company has provided us with sample overthere.SshHost under 'Infrastructure' in XL-Deploy UI that has a predefined private key file and passphrase which is not shared with us.
We are asked to duplicate this file manually in the UI, rename it and create infra entries for our application.
How can I achieve this with puppet?
Lets say the sample file is placed under: Infrastructure/Project1/COMMONS/Template_SshHost
and I need to create an overthere.SshHost under Infrastructure/Project1/UAT/Uat_SshHost and Infrastructure/Project1/PREPROD/Preprod_SshHost by copying the sample file.
Thanks in advance!
You can sync a target file with another file accessible via the local file system by using a File resource whose source attribute specifies the path to the original. You can produce a modified copy in a variety of ways, such as by applying one or more File_line resources (from stdlib) or by applying an appropriate script via an Exec resource.
But if you go that route then you have to either
accept that the target file will be re-synced on every Puppet run, OR
set the File resource's replace attribute to false, in which case changes to the original file will not be propagated into the customized copy.
The latter is probably the more acceptable choice for most people. Its file-copying part might look something like this:
$project_dir = '/path/to/Infrastructure/Project1'
file { "${project_dir}/UAT/Uat_SshHost/overthere.SshHost":
ensure => 'file',
source => "${project_dir}/COMMONS/Template_SshHost/overthere.SshHost",
replace => false,
}
But you might want to consider instead writing a custom type and provider for the target file. That would allow you to incorporate changes from the original template without re-syncing the file on every run, and it would give you a lot more flexibility with respect to the customizations you need to apply. It would also present a simpler interface for you to use in your manifests, which could make managing these easier. But, of course, that's offset by the cost is that writing and maintaining a custom type and provider. Only you can determine whether that would be a worthwhile trade-off.
I am using the Config crate in Rust, and would like to use environment variables to set keys inside a section of the config. The end goal is to override application settings from a docker compose file, or docker command line, using the environment.
If my config was the following, could I use a specifically crafted environment variable to set database.echo ?
(code blurb below is taken from this example)
debug = true
[database]
echo = true
The example code to configure this using the environment variables illustrates only to set keys at the top level. Wondering how to extend this. The .set() takes a hierarchical key, so I'm hopeful that there's a way to encode the path in the env variable name.
Answering my own question.
I just noticed that the Environment code accepts a custom separator which will get replaced with . (dot).
So one can set the separator to something like _XX_ and that would get mapped to a ".". Setting DATABASE_XX_ECHO=true, for instance would then change the database.echo key.
when configuring https for play framework, I have to use following configuration when running the background task.
play -Dhttps.port=9443 -Dhttps.keyStore=keystore.jks -Dhttps.keyStorePassword=password run
I don't want to display the keystore password on the command line. It shouldn't be visible for all users on that machine.
HTTPS configuration can either be supplied using system properties or in application.conf
I recommend to use a combination of environment variables and the application.conf
Put your sensitive information in environment variables
Reference these environment variables from the application.conf:
Like this:
https.keyStore = defaultvalue
https.keyStore = ${?MY_HTTPS_KEY_STORE_ENV}
The question mark means that if there is no value found for MY_HTTPS_KEY_STORE_ENV then the defaultvalue from above will be used