DevOps
Being able to securely store database password and API keys in web applications while maintaining full efficiency in terms of debug and testing has always been a challenge for all developers. Mostly we use the appsettings file of the project to store them. Unfortunately, there’s a high risk that we’ll end up accidentally pushing them in a GitHub repository, with all the other developers being able to see and use them. So we should never store passwords or other sensitive data in source code. Secrets shouldn't be deployed with the application. For that very reason, we should follow Secret Manager approach.
The Secret Manager tool stores sensitive data (DB passwords, API Keys, and so on) during the development of an ASP.NET Core project. App secrets are stored in a separate location from the project tree. The app secrets are associated with a specific project or shared across several projects. The app secrets aren't checked into source control. This is good for a number of reasons, including:
- The secrets.json file cannot be accessed from remote users, such as those who could get the project from a GitHub repository, because it will be created in a local folder.
- The secrets.json file cannot be accessed from local users, because it will be created in the developer’s very own personal folder (which is inaccessible for other local users).
- The secrets.json file will work right out of the box, basically extending the appsettings.json file without forcing us to write any secret there.
First of all we need to add Connection Strings in secrets.json file. For that right click on Project API and go to Manage User Secrets and add the ConnectionStrings as given below,
"ConnectionStrings": {
"ApplicationConnectionString": "Server=DESKTOP-H2TCN7P\\SQLEXPRESS;Database=Demo.ApplicationDb;Trusted_Connection=True;TrustServerCertificate=true;",
"IdentityConnectionString": "Server=DESKTOP-H2TCN7P\\SQLEXPRESS;Database=Demo.IdentityDb;Trusted_Connection=True;TrustServerCertificate=true;",
"HealthCheckConnectionString": "Server=DESKTOP-H2TCN7P\\SQLEXPRESS;Database=Demo.HealthCheckDb;Trusted_Connection=True;TrustServerCertificate=true;",
"KeyValue": "MAKV2SPBNI99212"
}NOTE : Change the Server Name with your Server Name. Also you can change the default Database name.
Run below commands in Package manager console,
- To update database for Identity layer,
update-database -Context IdentityDbContext- To update database for Persistance layer,
update-database -Context ApplicationDbContextDemo video to get the clear result view of above implemented module.