0

I am trying to make my deployments more safe by having credentials information in a separate file and not pushing it to GitHub. The problem is that I have synced the repo with Azure enabling continuous development.

Because the config file is ignored, when the Azure App seeks for the code from GitHub, it cannot find the config file and therefore not being able to read the information.

How can I overcome this? Thanks.

Improve this question

1 Answer 1

Reset to default
1

I'll recommend you to look into Azure DevOps. (Free for up to 5 users)

It will give you the opportunity to manage your deployments using pipelines. You don't need to host your code in the Azure DevOps Git. You are free to keep using GitHub for source control.

I'm not a big fan of the built-in "Deployment Center" inside the Azure Services like an "App Service". You will be very limited in customization compared to a Pipeline.

For keeping secrets secure in deployment. You can make use of Key Vault References. https://learn.microsoft.com/en-us/azure/app-service/app-service-key-vault-references

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for your reply. So you are suggesting that by deploying the WebApp through the Azure Devops, I could somehow include the configuration file safely in it without the need to have it in my github repo? Key vault is not applicable in my problem as I need to keep the config in json format.
You will have to ditch the "file" and instead utilize the features of a pipeline, like "App Settings/Configurations/Environmental variables" and if you use a key vault, no one needs to get access to your secrets if they want to deploy. Key vault secrets are fully capable of storing json data. But if you utilize environmental variables to access the credentials at runtime. You will want to take a look at "Configurations" in your azure app service, for linking your secrets.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.