我们可以使用单个 appsettings.json 文件，而不是为不同的环境维护多个版本的 appsettings.{environmentname}.json 吗？

Question

I'm using .NET 6 and I want to achieve 2 things:

1. Using a single appsettings.json file instead of maintaining multiple versions of appsettings.{environmentname}.json for different environments
2. Remove hard-coding from the appsettings.{environmentname}.json file to allow (1) (Currently I'm hardcoding secrets like DB connection string, key vault configration details etc. for different environments in respective appsettings files which I want to remove and instead read the same secret values from Azure Key Vault where I'm already storing the same)

How can I achieve these?

Below code snippet is how I'm maintaining 2 appsettings.{environmentname}.json files (Development & Release) :

var builder = WebApplication.CreateBuilder(args);
var hostingEnvironment = builder.Environment;

if (hostingEnvironment.IsDevelopment())
{
    builder.Configuration.SetBasePath(Directory.GetCurrentDirectory())
    .AddJsonFile("appsettings.json", false, true) 
    .AddJsonFile($"appsettings.Development.json", false, true) 
    .AddEnvironmentVariables();
}
else
{
    builder.Configuration.SetBasePath(Directory.GetCurrentDirectory())
    .AddJsonFile("appsettings.json", false, true) 
    .AddJsonFile($"appsettings.Release.json", false, true) 
    .AddEnvironmentVariables();
}

Note: I did some research and understood that for (1) we can probably do something like:

 builder.Configuration.SetBasePath(Directory.GetCurrentDirectory())
            .AddJsonFile("appsettings.json", false, true) 
            .AddJsonFile($"appsettings.{Environment.GetEnvironmentVariable(
"ASPNETCORE_ENVIRONMENT")}.json", false, true) 
            .AddEnvironmentVariables();

But then, assuming the fact that the app would be automatically deployed every time leveraging CI/CD, can I set the value of AS.NETCORE_ENVIRONMENT in the pipeline?

As for, (2) , I tried removing hardcoded secrets from appsettings.{environment}.json files and configured key vault like below but it doesn't work:

builder.Services.Configure<KeyVaultConfig>(options => builder.Configuration.GetSection("KeyVaultConfig").Bind(options));
if (!string.IsNullOrEmpty(builder.Configuration["KeyVaultConfig:KeyVaultUrl"]))
{
  var credentials = new ClientSecretCredential(builtConfig["KeyVaultConfig:TenantID"], builtConfig["KeyVaultConfig:ClientID"], builtConfig["KeyVaultConfig:ClientKey"]);
  var secretClient = new SecretClient(new Uri(builtConfig["KeyVaultConfig:KeyVaultUrl"]), credentials);
  //builder.Configuration.AddAzureKeyVault...
 }

Answer 1

If in the end you are going to use CI/CD you can only need 2 files (appsettings.json and appsettings.Development.json) and the default C# handling of these.

In the development one you hardcode all the configuration you need for dev. In the standard one, you put keys that would be replaced during the CI/CD pipelines.

for example

in appsettings.development.json you have

"ConnectionStrings": {
"myDb": "Server=myDbServer;Database=myDb;User Id=userDev;Password=myPassword;"
}

in appsettings.json you have

"ConnectionStrings": {
"myDb": "#{connectionString}#"
}

And then replace "#{connectionString}#" with the environment value in the CI/CD pipelines configuration

If you really want to have only one file, you could try Json variable substitution like documented here documented here during the CI/CD pipelines, but the first approach allows you to handle secrets with vault more easily