Closed nozomione closed 3 weeks ago
The latest updates on your projects. Learn more about Vercel for Git ↗︎
Name | Status | Preview | Comments | Updated (UTC) |
---|---|---|---|---|
refinebio-web | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Aug 8, 2024 4:24am |
Hey, so we actually want to keep the docker-compose.yml
file. We just want it to contain default values where appropriate and remove it from being tracked from source control.
The docker-compose.yml file should look like this:
# Environment variables for docker-compose.yml
CLIENT_PORT=3002
STORYBOOK_PORT=6006
STAGE_SENTRY_DSN=''
STAGE_SENTRY_ENV=local-refinebio-client
Then we add it to .gitignore
and we can populate it with sensitive values and they wont get tracked in version control.
Let me know if you have any questions.
Hey, so we actually want to keep the
docker-compose.yml
file. We just want it to contain default values where appropriate and remove it from being tracked from source control.The docker-compose.yml file should look like this:
# Environment variables for docker-compose.yml CLIENT_PORT=3002 STORYBOOK_PORT=6006 STAGE_SENTRY_DSN='' STAGE_SENTRY_ENV=local-refinebio-client
Then we add it to
.gitignore
and we can populate it with sensitive values and they wont get tracked in version control.Let me know if you have any questions.
I see. The docker-componse.env
file is required to compose Docker containers in all environments (dev
in localhost, staging
and production
in Vercel preview etc). So if we are going to add it to .gitignore
, we'll probably need some additional setup (the scpca-portal
repo is committing it). Let me know how you want to go about it.
I see. The "docker-componse.env" file is required to compose Docker containers in all environments (
dev
in localhost,staging
andproduction
in Vercel preview etc). So if we are going to add it to.gitignore
, we'll probably need some additional setup (thescpca-portal
repo is committing it). Let me know how you want to go about it.
I don't think this will be a problem as we aren't using docker outside of local development.
Any env var in a deployed environment would be populated by vercel. It passes the env vars that are set in the admin panel to our build step which then get passed into our application context via next.config.js
.
We should be good to make this change.
I see. The "docker-componse.env" file is required to compose Docker containers in all environments (
dev
in localhost,staging
andproduction
in Vercel preview etc). So if we are going to add it to.gitignore
, we'll probably need some additional setup (thescpca-portal
repo is committing it). Let me know how you want to go about it.I don't think this will be a problem as we aren't using docker outside of local development.
Any env var in a deployed environment would be populated by vercel. It passes the env vars that are set in the admin panel to our build step which then get passed into our application context via
next.config.js
.We should be good to make this change.
What if other developers want to run dev
(locahost) for contributions? For example, in thescpca-portal
repo, the docker-componse.env
(includes the ports information and sentry) is currently committed, so that could be easily achieved and any errors can be reported to us promptly to monitor them.
What if other developers want to run
dev
(locahost) for contributions? For example, in thescpca-portal
repo, thedocker-componse.env
(includes the ports information and sentry) is currently committed, so that could be easily achieved and any errors can be reported to us promptly.
Yeah I will be removing that from there as well.
Some points here:
SENTRY_DSN
env var with their own DSN.SENTRY_DSN
should be kept in a secret / env vars to help mitigate spam. Though this hasn't been an issue to date.Just to clarify, the file will be committed but untracked which means when you populate values and do git diff
in the project root and docker-compose.env
wont show up. But the file will exist and ready for use with docker compose.
In terms of security, since we are using the refinebio API, I recommended to monitor the error activity on the local dev
so that we'll be able to properly identity or prevent any risks or faults.
Just to clarify, the file will be committed but untracked which means when you populate values and do
git diff
in the project root anddocker-compose.env
wont show up. But the file will exist and ready for use with docker compose.
As for the untracked files, I was talking about a cloned/forked repository codebase for starting docker containers (with the required ports). So, in this case, we'll need to update the README and add instructions for port setup for contributors.
In terms of security, since we are using the refinebio API, I recommended to monitor the error activity on the local dev so that we'll be able to properly identity or prevent any risks or faults.
Please create an issue on refinebio-admin if you would like to provide more detail about how this would work or benefit us.
As for the untracked files, I was talking about a cloned/forked repository codebase for starting docker containers (with the required ports). So, in this case, we'll need to update the README and add instructions for port setup for contributors.
Please see point number 3 in my earlier comment about this.
Yeah I agree we can add a blurb to the README about populating sentry credentials.
Just to reiterate and clarify, before docker-compose.env
is untracked (not deleted or removed from the project). It should contain all of the env var names with values, sensitive information should be omitted and replaced with just an empty string. Specifically, in this PR it should just be SENTRY_DSN
that has it's value replace with an empty string.
Based on slack chat w/ @davidsmejia, the following changes will be made and this workflow should be documented somewhere (e.g. the egg
repo):
Regarding Sentry:
dev
(localhost) errors to Sentry (only staging
and prod
)
dev
for testing etc:DSN
value (stored in our password manager) to the docker-compose.env
file to their local repository (*but it should never be committed) DSN
(reference the # 4 in comment)Regarding docker-componse.env
:
.gitignore
(ref #comment) so that it won't be trackeddocker-componse.env
in the dev
branch will be treated as a template going forward
.gitignore
to track it in a local repositorydev
).gitignore
to untrack and commit the .gitignore
to the remote repository (dev
)The docker-compose.env
file:
# Environment variables for docker-compose.yml
CLIENT_PORT=3002 // constant unless changed
STORYBOOK_PORT=6006 // constant unless changed
STAGE_SENTRY_DSN='' // always an empty string
STAGE_SENTRY_ENV=local-refinebio-client // constant unless changed
@davidsmejia I applied the feedback and updated docker-componse.env
with new required values (e.g., removed the Sentry DNS
)(d910e5619c5e3aea23c8db025247f840b4b74db3).
This file needs to be commuted to dev
before adding it to .gitignore
in order to use it as a template file (https://github.com/AlexsLemonade/refinebio-web/pull/296#issuecomment-1821804612), since we need this file to start the project for development
.
Please take a look.
This looks good, the only thing missing would be the STAGE_API_HOST
and STAGE_API_VERSION
which should just point to staging and be v1.
the
STAGE_API_HOST
andSTAGE_API_VERSION
which should just point to staging and be v1.
@davidsmejia I've added those env vars and adjusted the fetchAsync
helper. Also updated the implementation section of this PR and it's ready for another look!
🗒️ refinebio staging
API is outdated at the moment, so STAGE_API_HOST
is temporarily pointing to prod
for development purpose until it's updated (the same applies to env value for Vercel for staging).
If you have had this repo cloned before docker-compose.env
was ignored you can run:
git update-index --skip-worktree docker-compose.env
to have git skip tracking changes to this file.
if you need to undo that you can use the same command but with --no-skip-worktree
to make edits.
Issue Number
Closing: #295
Purpose/Implementation Notes
Added the following env variables to
docker-componse.env
and adjusted the codebase accordingly:STAGE_SENTRY_DSN
''
STAGE_SENTRY_ENV
local-refinebio-client
STAGE_API_HOST
STAGE_API_HOST
staging
API host nameSTAGE_API_VERSION
staging
API versionTypes of changes
What types of changes does your code introduce?
Functional tests
Ran all the scripts locally and successfully started/removed the containers for
client
andstorybook
.Checklist