如何将 ASP.NET Core UserSecrets 部署到生产环境
[英]How to deploy ASP.NET Core UserSecrets to production
问题描述
I followed the Safe storage of app secrets during development guide over on the asp.net docs during development but it does not describe how to use it when publishing to another machine for QA, Production, etc. What I figured it would do was insert them into the appsettings.json during publish but it does not.
我在开发过程中遵循了 asp.net 文档的开发指南中的安全存储应用程序机密,但它没有描述在发布到另一台机器进行 QA、生产等时如何使用它。我认为它会做的是插入它们在发布期间进入 appsettings.json 但它没有。 I ended up having to place my SendGrid keys and other sensitive information directly into the appsettings.json which really defeats the purpose of the app secrets.我最终不得不将我的 SendGrid 密钥和其他敏感信息直接放入 appsettings.json 中,这确实违背了应用程序机密的目的。
Is using app secrets the best way or is there another way to store API keys and SQL user/passwords in my configs?使用应用程序机密是最好的方法,还是有另一种方法可以在我的配置中存储 API 密钥和 SQL 用户/密码?
2 个解决方案
解决方案1
27 已采纳 2016-09-23 20:43:57
Don't use app secrets in production.不要在生产中使用应用程序机密。 Ever.曾经。 As the article says DURING DEVELOPMENT.正如文章在开发期间所说。
How you publish secrets in production is up to your production environment.如何在生产中发布机密取决于您的生产环境。 Linux, Windows and Azure all support environment variables - that's where your secrets should go, using whatever UI your hosting provider gives you. Linux、Windows 和 Azure 都支持环境变量 - 这就是你的秘密应该去的地方,使用你的托管服务提供商给你的任何 UI。
The app settings documentation goes into this in greater detail 应用程序设置文档对此进行了更详细的介绍
解决方案2
0 2018-09-20 07:31:17
Why "don't use app secrets in production".为什么“不要在生产中使用应用程序机密”。 Is it encrypted secrets safe?加密的秘密安全吗? It's very acceptable for app configuration, for example, your mentioned SendGrid for password recovery.对于应用程序配置来说,这是非常可以接受的,例如,您提到的用于密码恢复的 SendGrid。 Is it configuration secrets at all in server?它是服务器中的配置秘密吗? Why do I prohibited?为什么我禁止? Just copy compiled from development to production and it works.只需将编译从开发复制到生产,它就可以工作。
Startup.cs启动文件
public Startup(IConfiguration configuration)
{
Configuration = configuration;
var builder = new ConfigurationBuilder().AddUserSecrets<Startup>();
Konfiguration = builder.Build();
}
public IConfiguration Configuration { get; }
public IConfiguration Konfiguration { get; }
public void ConfigureServices(IServiceCollection services)
....
services.AddSingleton<IEmailSender, EmailSender>();
services.Configure<AuthMessageSenderOptions>(Configuration);
if (Configuration["SendGridKey"] != null)
return;
// linux'e secrets.json nenuskaitomas
services.Configure<AuthMessageSenderOptions>(options => {
options.SendGridKey = Konfiguration["SendGridKey"];
options.SendGridUser = Konfiguration["SendGridUser"];
});
}
HomeController.cs家庭控制器.cs
private readonly IOptions<AuthMessageSenderOptions> _optionsAccessor;
public HomeController(..., IOptions<AuthMessageSenderOptions> optionsAccessor)
{
...
_optionsAccessor = optionsAccessor;
}
public IActionResult Index(...)
{
if (_optionsAccessor.Value.SendGridUser != null)
ModelState.AddModelError("", _optionsAccessor.Value.SendGridUser);
....
Go forward with "Enable account confirmation and password recovery" https://docs.microsoft.com/en-us/aspnet/core/security/authentication/accconfirm?view=aspnetcore-2.1&tabs=visual-studio#configure-email-provider继续“启用帐户确认和密码恢复” https://docs.microsoft.com/en-us/aspnet/core/security/authentication/accconfirm?view=aspnetcore-2.1&tabs=visual-studio#configure-email-提供者
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.