search

dansiegel / Mobile.BuildTools

The Mobile.BuildTools makes it easier to develop code bases in a clean, consistent, secure, and configurable way. Determine at Build which environment your app needs to run on, and what Client Secrets it should have. Plus many more amazing features!
http://mobilebuildtools.com
MIT License
228 stars 29 forks source link

Allow severity and default handling for missing Secrets #120

Closed dansiegel closed 3 years ago

dansiegel commented 4 years ago

SUMMARY

The current behavior for the Mobile.BuildTools when a property does not exist is to simply not generate the property and generate a build error. Since v2 now defines which properties should exist we have a bit more context to evaluate. We should optionally allow either build time warnings with a default value for the missing property or allow you define a default value.

DETAILS

There are many times a "Secret" isn't really a secret as much as it is a configuration value that may be safe to check into source control. Some of these values such as an App Center Secret only ever matter for an official build and are not really utilized for Dev builds. We will want to introduce a new enum in the configuration. This should be set on both a project level and property level.

Value Behavior
Default We will continue to throw errors unless a default value has been provided or another value was set explicitly on the property
Error This would be the default anyway for the project level. However you may wish to warn at the project level and only generate errors for specific properties. Any default value added will be ignored if this was set at the Property level.
Warn We will log a build warning about the missing property but will use either the type default value or a specified default value
UseDefaultValue Just like with warn we with use the type default value or specified default value, but no logging will occur to tell you that this occurred. 
{
  "$schema": "https://mobilebuildtools.com/schemas/v2/buildtools.schema.json",
  "projectSecrets": {
    "AwesomeApp": {
      "ifMissing": "Default",
      "properties": [
        {
          "name": "AppCenterSecret",
          "type": "String",
          "isArray": false,
          "ifMissing": "UseDefaultValue"
        },
        {
          "name": "BackendApi",
          "type": "Uri",
          "isArray": false,
          "ifMissing": "Warning",
          "defaultValue": "https://dev.api.contoso.com/"
        },
        {
          "name": "SyslogPort",
          "type": "int",
          "isArray": false,
          "ifMissing": "Default",
          "defaultValue": "514"
        },
        {
          "name": "ClientId",
          "type": "Guid",
          "isArray": false,
          "ifMissing": "Default"
        }
      ]
    }
  }

Looking at this sample configuration we would make the following assertions on the properties

Property Assertion
AppCenterSecret This will silently be set to default
BackendApi This will log a warning that no value was provided, but will set the value to https://dev.api.contoso.com/
SyslogPort This will log a warning that no value was provided, but will set the value to 514
ClientId This will log an error failing the build if no value was set in the secrets.json