In order to deploy an app to Heroku or other PaaS, an app must be implemented using the twelve-factor methodology, which among other things, says that we shouldn't store credentials or sensitive information in our code repositories (III. Config). Instead, this kind of information should be stored in environment variables.
Currently, there's no way to read the private key content from an environment variable and pass it directly to node-apple-signin. Although we could copy the environment variable to a file during the app startup and pass the path to it, a better solution would be to pass the string directly.
Passing a string directly also avoids unnecessary disk reads, which are currently synchronous (fs.readFileSync is used) and can block the event loop.
In order to deploy an app to Heroku or other PaaS, an app must be implemented using the twelve-factor methodology, which among other things, says that we shouldn't store credentials or sensitive information in our code repositories (III. Config). Instead, this kind of information should be stored in environment variables.
Currently, there's no way to read the private key content from an environment variable and pass it directly to
node-apple-signin
. Although we could copy the environment variable to a file during the app startup and pass the path to it, a better solution would be to pass the string directly.Passing a string directly also avoids unnecessary disk reads, which are currently synchronous (
fs.readFileSync
is used) and can block the event loop.