New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve UX of flowing API keys/env vars through infrastructure #2739
Comments
Unfortunately, after some thought, I don't think this can be done easily without expanding azd's infrastructure provision to include a KeyVault seeding state. The best short term is likely to source from main.parameters.json "apiSettings": {
"value": {
"settings": [
{
"name": "OPENAI_API_KEY",
"value": "${OPENAI_API_KEY}",
"secret": true
},
{
"name": "OMDB_API_KEY",
"value": "${OMDB_API_KEY}",
"secret": true
}
]
}
} Note: The extra node for But with this change, users can either do |
Looking at that POC, we could generate all but what's in the main.parameters.json right? So then the user only really has to touch that single file or use azd env set to pass the keys? If that's true, that's a big improvement IMO and a great start. |
Correct. User has to provide the value via env set, then wire up in main.parameters.json, but that's it. I think this aligns with what @ellismg mentioned to me as what we can do short-term in passing as well. |
I mean, that's much better than what we have today. Longer term, it'd be nice if we could have a gesture to eliminate having to touch the Bicep at all but this is a start. |
using |
@vhvb1989 There's a direct translation to make this work in The change hasn't been made to switch over, since we currently depend on |
…plified init apps (#2875) Allow app settings to be configured in `main.parameters.json` for simplified init apps. To this end, the bicep files in simplified init apps has been updated to allow flowing of any required app settings to the container app host, which enables configuration to be done simply through `main.parameters.json`. To ease discovery, the generated `main.parameters.json` includes placeholder values and documentation. `next-steps.md` has also been updated to include the information. Fixes #2739
Today, setting API keys as environment variables on infra is pretty convoluted --> e.g. copy the contents of your
.env
into the.azure/<env name>/.env
file, add them tomain.parameters.json
, add params for the keys inmain.bicep
, pass params intoapi.bicep
module and use inapi.bicep
secrets.Talking to @ellismg and @weikanglim about this it seems like we might want to investigate how we leverage Key Vault more heavily here.
Internal link to pain points doc
The text was updated successfully, but these errors were encountered: