1 00:00:00,510 --> 00:00:01,940 ‫So enough with the announcements. 2 00:00:01,950 --> 00:00:06,000 ‫I want to get to a topic that I've been working on and focused on from my Node.js course. 3 00:00:06,030 --> 00:00:11,340 ‫And that is environment variables so like raise your hand in chat and you can by the way in chat you 4 00:00:11,340 --> 00:00:19,530 ‫can do a colon wave colon and then it will actually do a little wave hand wave your hand if you're dealing 5 00:00:19,590 --> 00:00:24,660 ‫with environment variables in your apps and you'd like easier ways that you're not exactly sure if you're 6 00:00:24,660 --> 00:00:26,840 ‫doing the best way for environment variables. 7 00:00:27,000 --> 00:00:30,230 ‫Because I struggled with that for quite a while. 8 00:00:30,240 --> 00:00:35,760 ‫I mean not just in containers but in all of distributed computing making sure that all of my apps have 9 00:00:35,760 --> 00:00:39,200 ‫at least some consistent way to do environment variables. 10 00:00:39,210 --> 00:00:46,050 ‫Getting information secrets your you know server your server DNS names you know you name it all that 11 00:00:46,050 --> 00:00:47,790 ‫stuff into your containers 12 00:00:52,700 --> 00:00:53,790 ‫so all right. 13 00:00:53,810 --> 00:00:56,420 ‫So it looks like a few of you are interested in this topic. 14 00:00:56,540 --> 00:00:59,280 ‫So this will be part of my node.js course. 15 00:00:59,300 --> 00:01:05,840 ‫And then I plan to take some of that and figure out how to release that information to the Web. 16 00:01:05,860 --> 00:01:13,400 ‫There's a couple of ways that you can go about it but the basics of this come out of 12 factor apps. 17 00:01:13,400 --> 00:01:18,190 ‫And if you haven't heard about a factor app it's been around for a decade or more and it's a concept 18 00:01:18,200 --> 00:01:26,820 ‫about 12 factors that make a distributed app more successful essentially and it's from a company that 19 00:01:26,820 --> 00:01:32,790 ‫learned early on in cloud and on the Internet how they needed to manage all the different points of 20 00:01:32,790 --> 00:01:39,660 ‫their app and how they needed to know the different concerns they had around best practices essentially 21 00:01:39,660 --> 00:01:41,280 ‫for writing distributed apps. 22 00:01:41,280 --> 00:01:47,670 ‫And chances are if you've got a database on one server and an API over here and a Web site over here 23 00:01:47,670 --> 00:01:52,330 ‫and a worker job over there but lets a distributed app right there's lots of definitions for distributed 24 00:01:52,330 --> 00:01:57,630 ‫that but generally most of us today if you're concerned about containers and you that's part of your 25 00:01:57,630 --> 00:02:01,980 ‫job and you're running them on servers you're probably dealing with some distributed apps. 26 00:02:01,980 --> 00:02:06,840 ‫So the interesting part about this is the config state. 27 00:02:06,870 --> 00:02:11,970 ‫So if you go back to the twelve factor dot net paid to throw this into chat you can definitely skim 28 00:02:11,970 --> 00:02:19,360 ‫through these later and then dive into each topic when you have to deal with that in your app. 29 00:02:19,410 --> 00:02:25,590 ‫But the one that I wanted to talk about today was the config and config was about storing the settings 30 00:02:25,590 --> 00:02:26,400 ‫for your environment. 31 00:02:26,430 --> 00:02:33,950 ‫So as you learn if you're taking my dog or Mastery course you know that you never want your your your 32 00:02:33,950 --> 00:02:40,820 ‫images or your apps themselves to have hard coded settings that would be different for each environment 33 00:02:40,960 --> 00:02:46,280 ‫and the environment might mean you're like a machine that the dev test server or the staging server 34 00:02:46,280 --> 00:02:51,560 ‫or the production server or if you like a lot of us you have multiple levels of production and multiple 35 00:02:51,560 --> 00:02:54,010 ‫copies of production like all these things. 36 00:02:54,020 --> 00:02:59,810 ‫If there's anything that might change in there that might be memory settings in Java that might be different 37 00:03:00,020 --> 00:03:01,480 ‫passwords for an API. 38 00:03:01,490 --> 00:03:05,800 ‫Different keys that might be storage keys for your cloud. 39 00:03:05,800 --> 00:03:12,950 ‫It could be anything from just the word of maybe those in your app is a little flag that indicates which 40 00:03:13,430 --> 00:03:17,940 ‫part of the system you're on and you need that set in a simple little environment variable. 41 00:03:18,110 --> 00:03:25,860 ‫All that stuff needs to be pulled out of your app and one of the rules of twelve factor is if strict 42 00:03:25,860 --> 00:03:28,610 ‫separation of config from code right. 43 00:03:28,620 --> 00:03:33,420 ‫And we've all seen that we've all probably done it putting you know hard hardcoded value like local 44 00:03:33,420 --> 00:03:38,460 ‫host because your app is always running on the same server as your database but that's before containers 45 00:03:38,970 --> 00:03:42,900 ‫then you might see a hardcoded app that says local host in code right. 46 00:03:42,900 --> 00:03:49,170 ‫And that's unfortunate because that makes them data that makes them very rigid and hard to deal with 47 00:03:49,170 --> 00:03:52,290 ‫because now you got to change code just a changed environment so you don't want to do that. 48 00:03:52,290 --> 00:04:00,000 ‫And one of the ideas of this is that twelve factor apps and if you're following the twelve factor principles 49 00:04:00,000 --> 00:04:07,350 ‫you tend to have a very easy time making them into containers the twelve factor apps ideally are using 50 00:04:07,440 --> 00:04:09,510 ‫everything through environment variables. 51 00:04:09,540 --> 00:04:15,130 ‫The reason is is because every OS and every system all supports that right. 52 00:04:15,150 --> 00:04:20,580 ‫If you have a Java app over here and you've got a no GSM over there and then you've got a database app 53 00:04:20,580 --> 00:04:24,420 ‫back here that's storing your databases and you've got a MIM caching all these things. 54 00:04:24,420 --> 00:04:29,830 ‫Every one of those has a different way of consuming its values its environment variables right. 55 00:04:30,060 --> 00:04:32,670 ‫The settings it needs the config it needs to get start up. 56 00:04:32,670 --> 00:04:33,690 ‫Those are all different. 57 00:04:33,810 --> 00:04:35,680 ‫And so that can be quite frustrating. 58 00:04:35,700 --> 00:04:39,840 ‫So the only thing that's consistent between all of them is environment variables. 59 00:04:39,840 --> 00:04:41,250 ‫Every shell supports it. 60 00:04:41,340 --> 00:04:45,160 ‫Windows Mac Linux they all support the same functionality. 61 00:04:45,240 --> 00:04:50,730 ‫It might be slightly different the way you set an environment variable or clear it but the key value 62 00:04:50,730 --> 00:04:52,140 ‫is the same and all of them. 63 00:04:52,140 --> 00:04:53,070 ‫Right. 64 00:04:53,130 --> 00:04:58,190 ‫So that's a core premise and that's what you can see throughout the doctor and the container ecosystem 65 00:04:58,200 --> 00:05:00,750 ‫as we've all adopted that as our standard. 66 00:05:00,750 --> 00:05:06,270 ‫Now what I means is is like if you have for example an application that has a demo file or an I and 67 00:05:06,270 --> 00:05:13,440 ‫I or some other sort of config file that the values need to get to then you have to write a middle layer 68 00:05:13,620 --> 00:05:18,690 ‫between the environment variables and then where they're going to go into the app. 69 00:05:18,800 --> 00:05:19,470 ‫Right. 70 00:05:19,620 --> 00:05:24,460 ‫And I have an example of this in my not so complete BHP app. 71 00:05:24,570 --> 00:05:29,150 ‫So over on GitHub in my PSP app images show you a quick literal example. 72 00:05:29,190 --> 00:05:30,800 ‫And then we're gonna get to your questions. 73 00:05:30,870 --> 00:05:36,330 ‫So in here what I have is a docker file and this sacrifice there's a lot of things but the things I 74 00:05:36,330 --> 00:05:44,040 ‫want to focus on is in this level app I have defaults that I set in the docker file for environment 75 00:05:44,040 --> 00:05:45,090 ‫variables. 76 00:05:45,090 --> 00:05:53,510 ‫Now the reason and the way that I'm setting them here is I prefer that the settings here default to 77 00:05:53,510 --> 00:05:59,510 ‫working in a production environment up to you whether you say hey look these defaults are just gonna 78 00:05:59,540 --> 00:06:04,160 ‫be the average production values or they might you might say hey this is gonna be the average developer 79 00:06:04,160 --> 00:06:12,260 ‫values I prefer to them sort of defaulting a little bit to the production side of things that way I 80 00:06:12,260 --> 00:06:17,240 ‫can override them with a compose file locally in my local machine no problem but it's up to you how 81 00:06:17,240 --> 00:06:23,110 ‫you do that but you definitely want to create consistent ones here that makes sense from the get go. 82 00:06:23,150 --> 00:06:27,830 ‫Now you're gonna overwrite a lot of these with other ways of setting it either through the docker run 83 00:06:27,830 --> 00:06:34,880 ‫command or through deploying a swarm or a Cuban network deployment or in your Ducker compose GMO file 84 00:06:34,910 --> 00:06:35,840 ‫you will overwrite those. 85 00:06:35,840 --> 00:06:36,310 ‫Right. 86 00:06:36,380 --> 00:06:42,710 ‫You can even overwrite these at the shell before you run those commands and it will suck those in. 87 00:06:42,770 --> 00:06:49,280 ‫You can also you using something like Docker compose you can set a dot EMV file that in the PSP world 88 00:06:49,280 --> 00:06:53,910 ‫is actually a standard that it will work in such that in the gamble as well. 89 00:06:54,350 --> 00:06:59,810 ‫So you can see that I have these here but obviously some of these go into the app they might go into 90 00:06:59,810 --> 00:07:03,320 ‫different files and let's back up a second 91 00:07:07,190 --> 00:07:08,510 ‫and I'll show you the next part. 92 00:07:08,540 --> 00:07:13,610 ‫So those are embedded in the doctor file when the image is built right now. 93 00:07:13,700 --> 00:07:21,020 ‫When I want to look at my doctor compose file this is going to be used for local settings right. 94 00:07:21,060 --> 00:07:26,850 ‫When I'm doing development and then I can look through here and you can see that I'm setting them all 95 00:07:26,860 --> 00:07:28,880 ‫and maybe either setting them differently. 96 00:07:28,880 --> 00:07:31,220 ‫I don't have to override them if I don't want to. 97 00:07:31,290 --> 00:07:35,940 ‫But in this case I'm choosing to set similar ones as an example. 98 00:07:35,940 --> 00:07:40,620 ‫If I didn't need to override the ones in the image I might just leave a lot of these alone. 99 00:07:40,620 --> 00:07:41,730 ‫So there's that. 100 00:07:41,730 --> 00:07:41,970 ‫All right. 101 00:07:41,970 --> 00:07:46,410 ‫So I'm setting them here and now these will be used on container startup. 102 00:07:46,410 --> 00:07:49,470 ‫So if I wanted to change them I have to restart the container. 103 00:07:49,470 --> 00:07:51,740 ‫I don't have to delete the container right. 104 00:07:51,750 --> 00:07:53,050 ‫I just had to restart it. 105 00:07:53,100 --> 00:08:02,340 ‫So you can use Dr. composed to do that then the next step is maybe let's see 106 00:08:06,440 --> 00:08:12,550 ‫maybe on my local machine or even in production I need those to be in specific files. 107 00:08:12,590 --> 00:08:12,830 ‫Right. 108 00:08:12,830 --> 00:08:17,320 ‫So when my kid my application starts up those environment variables need to be somewhere else. 109 00:08:17,330 --> 00:08:20,180 ‫They can't just live in environment variables for some apps right. 110 00:08:20,210 --> 00:08:26,060 ‫I would call these legacy apps or traditional apps where they're not looking to environment variables 111 00:08:26,060 --> 00:08:26,600 ‫by default. 112 00:08:26,600 --> 00:08:32,300 ‫Now if I was creating a new app my goal would be that that looks to environment variables and maybe 113 00:08:32,300 --> 00:08:37,700 ‫there's some config file or something that the app uses but I'm overriding those with enviroment variables 114 00:08:37,760 --> 00:08:38,300 ‫automatically. 115 00:08:38,300 --> 00:08:43,070 ‫So the idea is my app is smart enough to say hey if there isn't an environment variable for this I will 116 00:08:43,070 --> 00:08:45,050 ‫use this default from this file. 117 00:08:45,050 --> 00:08:48,710 ‫But if there's already an enviroment variable set I will use that. 118 00:08:48,710 --> 00:08:53,870 ‫Now if you're familiar with swarm and Cuban net is you know that once we get into secrets and configure 119 00:08:54,200 --> 00:09:00,960 ‫we can start overwriting those entire files and providing passwords and secrets as individual files. 120 00:09:01,040 --> 00:09:03,820 ‫So you also might want your app to be aware of those. 121 00:09:03,830 --> 00:09:09,650 ‫But if your app if you're not building your own custom app or you're using maybe stuff from Docker Hub 122 00:09:09,650 --> 00:09:14,970 ‫or official open source then what you need to look at is providing an entry point script. 123 00:09:15,050 --> 00:09:21,350 ‫Now the way that gets run is in your image you set the entry point script you want it to run and it 124 00:09:21,350 --> 00:09:23,180 ‫will run that at startup. 125 00:09:23,180 --> 00:09:31,100 ‫And what you can see here is a very simple example of me writing the violent variables and some other 126 00:09:31,100 --> 00:09:36,960 ‫hard coded data into a specific file on startup simply using a bash script. 127 00:09:36,970 --> 00:09:37,180 ‫Right. 128 00:09:37,220 --> 00:09:38,480 ‫Does have to be fancy. 129 00:09:38,720 --> 00:09:44,360 ‫You can use other methods to do this as well but it tends to be in the docker official images. 130 00:09:44,360 --> 00:09:46,070 ‫This app tends to be the standard. 131 00:09:46,080 --> 00:09:46,690 ‫All right. 132 00:09:46,730 --> 00:09:51,980 ‫So in this case I'm taking environment variables that were set either in the docker file or the compose 133 00:09:51,980 --> 00:09:59,330 ‫file which overrode the image Docker file it'll take those Passim into here and then this will echo 134 00:09:59,330 --> 00:10:01,190 ‫that stuff out to a file. 135 00:10:01,190 --> 00:10:01,850 ‫It's about image. 136 00:10:01,850 --> 00:10:10,070 ‫So this is for a legacy HP app that expects a p HP FP M config file and I need to set certain config 137 00:10:10,070 --> 00:10:14,230 ‫values for NPM that are unique to each environment in this case. 138 00:10:14,240 --> 00:10:21,740 ‫These are actually this how how much I want the FGM system to grow and how much how many sub processes 139 00:10:21,740 --> 00:10:23,000 ‫I want to spawn stuff like that. 140 00:10:23,000 --> 00:10:23,270 ‫Right. 141 00:10:23,270 --> 00:10:28,430 ‫So that would be different on the local development versus production on production I want it to be 142 00:10:28,520 --> 00:10:29,150 ‫to grow a lot. 143 00:10:29,180 --> 00:10:29,390 ‫Right. 144 00:10:29,390 --> 00:10:35,050 ‫So you would change that stuff here and this is how you take those legacy apps and make them work. 145 00:10:35,090 --> 00:10:40,700 ‫Now you can see this stuff in official images because that's how a lot of my stuff I learn from. 146 00:10:40,700 --> 00:10:47,000 ‫So if I just went into the my sequel you can see how they did it which is exactly the same way my sequel 147 00:10:47,000 --> 00:10:49,490 ‫does needs things in a config file. 148 00:10:49,490 --> 00:10:50,050 ‫Right. 149 00:10:50,060 --> 00:10:53,170 ‫It needs settings that are dynamic at runtime. 150 00:10:53,180 --> 00:11:04,650 ‫So if you looked in the docker file for the official my sequel and you scroll down you'll see that yes 151 00:11:04,650 --> 00:11:10,890 ‫it does set some environment variables here but it also has an entry point script that it copies in 152 00:11:11,160 --> 00:11:15,020 ‫it links it to a specific location and then it as it is the entry point. 153 00:11:15,030 --> 00:11:18,610 ‫So the command here is seeing the CMB you can't really see it. 154 00:11:18,630 --> 00:11:25,860 ‫The CMB is for just my sequel the entry point technically runs is before that and then it passes execution 155 00:11:25,860 --> 00:11:26,680 ‫to the CMT. 156 00:11:26,700 --> 00:11:32,100 ‫Once that script is done running now the way that I find that script in here is I just go up one level 157 00:11:32,100 --> 00:11:38,010 ‫and get hub and I click on this eight point so and then I will see an environment variable 158 00:11:41,530 --> 00:11:42,060 ‫see 159 00:11:45,640 --> 00:11:51,300 ‫and now we have the shell script that's run every time my sequel starts all right. 160 00:11:51,340 --> 00:11:59,500 ‫And in here it does things like take environment variables and make them available for the app. 161 00:11:59,500 --> 00:12:05,710 ‫In fact it's smart enough that if you add a little underscore file on the end of an environment variable 162 00:12:05,740 --> 00:12:12,450 ‫it will take whatever is in that file and turn it into the environment variable which is great for all 163 00:12:12,550 --> 00:12:16,240 ‫the applications that still need secrets an API keys and all that stuff. 164 00:12:16,240 --> 00:12:23,200 ‫And if you're using swarm secrets or Cuban entities secrets those things are provided as they can be 165 00:12:23,200 --> 00:12:23,980 ‫provided as files. 166 00:12:23,980 --> 00:12:29,140 ‫Now you can always use stuff like vault and other fancy systems that honestly file based but in containers 167 00:12:29,140 --> 00:12:33,840 ‫we tend to use things as files and Linux in general we then use things as files. 168 00:12:33,880 --> 00:12:36,180 ‫So you're passing these things in as individual files. 169 00:12:36,190 --> 00:12:40,270 ‫And then this little bit of shell script which is open source which means you can copy it and put it 170 00:12:40,270 --> 00:12:47,770 ‫into your app you can use that to copy the environment variables out of the text file and then stick 171 00:12:47,830 --> 00:12:54,190 ‫each one of them in an environment variable named appropriately and that way the app down later can 172 00:12:54,190 --> 00:12:59,890 ‫have environment variables that are written in to config files for the app and everything's wonderful. 173 00:12:59,890 --> 00:13:00,130 ‫Right. 174 00:13:00,130 --> 00:13:04,690 ‫And this would change on every start of the app because the inherent variables might be different. 175 00:13:04,720 --> 00:13:07,360 ‫And then it would rewrite those and that's how that works. 176 00:13:07,360 --> 00:13:09,210 ‫So hopefully understand those steps. 177 00:13:09,210 --> 00:13:11,100 ‫There's a lot more to it. 178 00:13:11,290 --> 00:13:13,750 ‫There's actually a let me get you real quick. 179 00:13:13,780 --> 00:13:20,860 ‫There is a great little summary of dealing more with environment variables inside of compose it's article 180 00:13:20,860 --> 00:13:29,830 ‫I wrote even get the link here. 181 00:13:34,650 --> 00:13:36,950 ‫Yeah this is over on the Riley site. 182 00:13:37,260 --> 00:13:39,780 ‫And I did a nice blog article for them. 183 00:13:39,810 --> 00:13:40,870 ‫Well I think it's nice. 184 00:13:40,890 --> 00:13:45,500 ‫But you know it's up to you to say give us lies. 185 00:13:45,510 --> 00:13:50,640 ‫And it talks about Dr. Campos because a lot of what we're dealing with for developers especially is 186 00:13:50,640 --> 00:13:52,230 ‫the local config. 187 00:13:52,230 --> 00:13:54,450 ‫How do I make my config specific for me. 188 00:13:54,630 --> 00:14:01,170 ‫And one of those things is an override file which I unfortunately don't have in this HP example I don't 189 00:14:01,170 --> 00:14:05,320 ‫think I don't have an override file but I should. 190 00:14:05,320 --> 00:14:07,380 ‫That would be another thing to add into here. 191 00:14:07,690 --> 00:14:10,090 ‫But in here I will put that in check. 192 00:14:10,090 --> 00:14:14,050 ‫Check that O'Reilly link out to talk about three different things and compose that will really help 193 00:14:14,050 --> 00:14:20,440 ‫you up your game on managing configuration and reducing replicated parts right templating means you 194 00:14:20,440 --> 00:14:25,840 ‫can add specific parts in the top your compose file and then repeat without having to repeat those over 195 00:14:25,840 --> 00:14:30,460 ‫and over again so if you have lots of the same environment variables because you're doing micro services 196 00:14:30,730 --> 00:14:34,850 ‫and you have maybe 20 micro services in a compose file templating is for you. 197 00:14:34,870 --> 00:14:39,490 ‫This is another thing that will really save you some time and you can have all the same parts that need 198 00:14:39,490 --> 00:14:43,900 ‫to be repeated over and over again at the very top of your compose file and then it's this is just a 199 00:14:43,900 --> 00:14:49,900 ‫gamble thing really the templating and then you can then insert that on each service at the appropriate 200 00:14:49,900 --> 00:14:50,530 ‫time. 201 00:14:50,680 --> 00:14:55,240 ‫The way that I do here there's other stuff in here as well I encourage you to check that out including 202 00:14:55,240 --> 00:15:01,540 ‫how to use its environment variables inside of composed files not just for setting environment variables 203 00:15:01,570 --> 00:15:08,350 ‫in the image but also anything else you want to change in your config file at runtime so check that 204 00:15:08,350 --> 00:15:08,950 ‫stuff out. 205 00:15:08,950 --> 00:15:13,400 ‫I hope you like it Michael. 206 00:15:14,380 --> 00:15:15,680 ‫What's up Michael. 207 00:15:16,030 --> 00:15:17,470 ‫Michael Ahrens on the call. 208 00:15:17,470 --> 00:15:18,340 ‫Call me. 209 00:15:18,820 --> 00:15:21,240 ‫What is this conference call there. 210 00:15:21,310 --> 00:15:23,180 ‫Dr. Captain. 211 00:15:24,580 --> 00:15:26,830 ‫Often what should not go into environment variables. 212 00:15:26,830 --> 00:15:28,740 ‫Who are you baiting. 213 00:15:28,750 --> 00:15:29,500 ‫The question. 214 00:15:29,500 --> 00:15:32,150 ‫To see what people come up with. 215 00:15:32,920 --> 00:15:35,000 ‫What should not go into environment variables. 216 00:15:35,000 --> 00:15:43,360 ‫Well so the run of the reasons that Docker and Cuban entities and other tools have created these ways 217 00:15:43,360 --> 00:15:48,670 ‫for us to put secrets in the files is so that they don't have to be an environment variables. 218 00:15:48,670 --> 00:15:55,090 ‫So ideally if you're creating your own apps for managing your own apps you're keeping those secrets 219 00:15:55,180 --> 00:16:00,640 ‫out of environment variables not because necessarily environment variables are inherently insecure it's 220 00:16:00,640 --> 00:16:05,100 ‫because we with environment variables we tend to leak them right. 221 00:16:05,110 --> 00:16:09,640 ‫They tend to they tend to show up in logs because maybe we do an environment variable dump somewhere 222 00:16:09,640 --> 00:16:11,890 ‫in our config or we do. 223 00:16:11,890 --> 00:16:18,910 ‫If you don't like a P HP was it there's a p HP test command PSP EMV or I came in what it's called anymore 224 00:16:19,210 --> 00:16:24,160 ‫someone I'm sure on here is and remember and tell me but where it'll dump your configuration to a web 225 00:16:24,160 --> 00:16:29,380 ‫page there's stuff like that and then if there's any secrets in any environment variables they will 226 00:16:29,380 --> 00:16:34,570 ‫be exposed there and you may not intend that especially they leak into logs or in the monitoring system 227 00:16:34,570 --> 00:16:36,320 ‫somehow and you. 228 00:16:36,430 --> 00:16:41,900 ‫If you have errors sometimes you know if you've ever had applications where if you set it to debug and 229 00:16:41,920 --> 00:16:46,480 ‫errors out this is the true thing in dot net where it will then put a whole bunch of variation on the 230 00:16:46,480 --> 00:16:51,070 ‫screen and might leak environment variables on the screen because you forgot to lock it down into production 231 00:16:51,070 --> 00:16:55,870 ‫mode there's all sorts of ways environment variables can end up in the wrong hands. 232 00:16:55,930 --> 00:17:02,410 ‫So a good a good first step on not putting stuff into environment variables would be the secrets and 233 00:17:02,410 --> 00:17:09,670 ‫with swarm and communities you can keep those in files and that way you can teach your app how to just 234 00:17:09,670 --> 00:17:10,890 ‫get them out of the files. 235 00:17:10,960 --> 00:17:19,520 ‫The next step there is you if you can get them from your secrets and config files into the files that 236 00:17:19,520 --> 00:17:20,190 ‫the app needs. 237 00:17:20,210 --> 00:17:26,510 ‫So instead of storing an environment variable that then eventually gets like I should example eventually 238 00:17:26,510 --> 00:17:33,380 ‫gets written to a file you could use can figs and store the configure and secrets and files and then 239 00:17:33,380 --> 00:17:36,980 ‫they go directly to the files that maybe my sequel or your app need. 240 00:17:36,980 --> 00:17:37,190 ‫Right. 241 00:17:37,260 --> 00:17:40,080 ‫So they never technically get into environment variables. 242 00:17:40,220 --> 00:17:42,040 ‫So at least not on the server itself. 243 00:17:42,110 --> 00:17:42,650 ‫Right. 244 00:17:42,680 --> 00:17:45,880 ‫So that's a great topic I'm glad you brought that up. 245 00:17:45,890 --> 00:17:52,380 ‫But the thing is is I could probably write an entire course on config secrets environment variables 246 00:17:52,400 --> 00:17:56,980 ‫but basically all the things you need for an environment and how to deal with them. 247 00:17:57,050 --> 00:17:57,460 ‫Right. 248 00:17:57,530 --> 00:18:02,930 ‫And I think we're even if you go to stuff like vault for you and now you're talking about a secret API 249 00:18:02,960 --> 00:18:05,110 ‫that you're calling it even gets more complicated. 250 00:18:05,120 --> 00:18:07,790 ‫So definitely there's lots to talk about there. 251 00:18:07,790 --> 00:18:13,070 ‫And if anyone has good resources that they like feel free to throw and chat or throw them in the comments 252 00:18:13,070 --> 00:18:15,650 ‫of the YouTube video for later. 253 00:18:15,740 --> 00:18:20,660 ‫All right good question Michael good to see you. 254 00:18:20,680 --> 00:18:22,630 ‫Why would would you. 255 00:18:22,640 --> 00:18:27,290 ‫Stephen says Would you Ducker file not be in source control though I don't favor having production creds 256 00:18:27,290 --> 00:18:29,690 ‫such as user name password and source control. 257 00:18:29,690 --> 00:18:34,140 ‫That's why those values are just defaults inside of your doctor files Steven. 258 00:18:34,400 --> 00:18:37,310 ‫You wouldn't put real secrets in that file. 259 00:18:37,400 --> 00:18:37,710 ‫Right. 260 00:18:37,730 --> 00:18:46,470 ‫As you can see the one in my example it's just over here everything in the dagger file is just examples 261 00:18:46,560 --> 00:18:47,130 ‫or samples. 262 00:18:47,130 --> 00:18:53,580 ‫Now if it's a simple number or something that just needs to be set and there's a default a sort of reasonable 263 00:18:53,580 --> 00:18:59,520 ‫default like these right here these p p p.m. settings then sure put in the production ones that you 264 00:18:59,520 --> 00:19:02,070 ‫prefer and then you can overwrite them as needed. 265 00:19:02,070 --> 00:19:05,030 ‫That way you don't have to set them every single time manually. 266 00:19:05,160 --> 00:19:11,250 ‫But yeah if you go down here to any of these ones that are unique to a specific app or a specific environment 267 00:19:11,280 --> 00:19:13,490 ‫I'm just putting in dummy values here. 268 00:19:13,560 --> 00:19:17,370 ‫I've definitely don't recommend that inside of your code repo. 269 00:19:17,370 --> 00:19:23,280 ‫You put in your secrets and your your URLs and environment you know the domain name settings and stuff 270 00:19:23,280 --> 00:19:23,770 ‫like that. 271 00:19:23,780 --> 00:19:24,640 ‫All right. 272 00:19:24,660 --> 00:19:27,900 ‫I agree but your Ducker file itself would be in with your app. 273 00:19:27,930 --> 00:19:30,560 ‫Yeah that's where you want to keep it. 274 00:19:30,670 --> 00:19:30,970 ‫All right. 275 00:19:30,970 --> 00:19:31,650 ‫Good question. 276 00:19:31,660 --> 00:19:35,130 ‫Good question yeah. 277 00:19:35,140 --> 00:19:39,800 ‫I mean unless they're encrypted right you could do hashing on them if your app accepts that sort of 278 00:19:39,800 --> 00:19:40,090 ‫thing. 279 00:19:40,100 --> 00:19:42,080 ‫But I still wouldn't keep them in there. 280 00:19:42,080 --> 00:19:46,890 ‫I don't I keep environment settings elsewhere but you do need defaults. 281 00:19:46,880 --> 00:19:53,090 ‫And what I tend to do in a compose file with Docker compose is I set defaults that work with a local 282 00:19:53,090 --> 00:19:54,280 ‫developer out of the box. 283 00:19:54,290 --> 00:19:56,780 ‫So Docker compose up would just work for them. 284 00:19:56,810 --> 00:20:01,820 ‫Now it may mean they need to get a dot in V file from somewhere else maybe a secure store where you 285 00:20:01,820 --> 00:20:04,780 ‫have sort of developer secrets you know that sort of thing. 286 00:20:04,790 --> 00:20:10,310 ‫But I really work hard to also not include that like ideally if you're local developer you have everything 287 00:20:10,310 --> 00:20:11,420 ‫you need locally. 288 00:20:11,540 --> 00:20:16,550 ‫You don't require remote api as remote things and you hopefully have sample data and things that can 289 00:20:16,550 --> 00:20:20,780 ‫just be on your local machine and you don't need a lot of secrets that you have to worry about you just 290 00:20:20,780 --> 00:20:23,840 ‫have dummy values for everything and you can just get buy locally. 291 00:20:23,840 --> 00:20:27,550 ‫Obviously not all of our apps can do that as sort of a utopia. 292 00:20:27,590 --> 00:20:30,740 ‫So you're going to come up with a different way to store those secrets and that's why there's so many 293 00:20:30,750 --> 00:20:35,390 ‫these ways to set environment variables at runtime so that you can keep them elsewhere and then just 294 00:20:35,390 --> 00:20:43,110 ‫get them in at the last second through the environment variables all right good questions on environment 295 00:20:43,110 --> 00:20:43,410 ‫verbs. 296 00:20:43,410 --> 00:20:47,960 ‫I'm glad we've got this topic today. 297 00:20:48,140 --> 00:20:48,720 ‫Let's see 298 00:20:51,620 --> 00:20:56,030 ‫what is the simplest way to implement the E and V file. 299 00:20:58,010 --> 00:21:02,130 ‫As well I showed you the example of the my sequel app right. 300 00:21:02,130 --> 00:21:08,340 ‫And in here they take this script and they there is no EMV file. 301 00:21:08,380 --> 00:21:13,180 ‫What this is designed for is this is when you use secrets or config. 302 00:21:13,180 --> 00:21:19,420 ‫So if you're using the native secrets and config features of Docker swarm or config maps and secrets 303 00:21:19,450 --> 00:21:26,800 ‫in communities you would maybe use this as a way to get those the information out of those files specifically 304 00:21:26,800 --> 00:21:29,650 ‫the secrets really and get them into environment variables. 305 00:21:29,650 --> 00:21:35,710 ‫If you need them right you may not need to get them out into environment variables but if you did then 306 00:21:35,740 --> 00:21:39,460 ‫you could use this little bit of shell script to do that. 307 00:21:39,760 --> 00:21:42,730 ‫I hope that answers your question but I wouldn't be. 308 00:21:42,790 --> 00:21:46,460 ‫There's no need to create a specific file. 309 00:21:46,580 --> 00:21:47,150 ‫Exactly. 310 00:21:47,150 --> 00:21:52,340 ‫If you're talking about how to do swarm secrets because swarm secrets create files for you then check 311 00:21:52,340 --> 00:21:54,710 ‫out my Docker mastery course at the URL. 312 00:21:54,710 --> 00:21:58,250 ‫Brett Fisher dot com slash talker which is down in the description. 313 00:21:58,250 --> 00:22:00,500 ‫I talked about that there as well in my swarm course.