Closed LindaLawton closed 3 years ago
Fleker
commented
4 years ago The JSON key downloaded is meant to be named src/smart-home-key.json. When the build command runs, the Typescript is transpiled in Javascript and stored in the dist directory. The build command also ensures that this key is copied to the dist directory.
When the project is uploaded, and dist/index.js runs, it will include ./smart-home-key.json.
LindaLawton
commented
4 years ago I'm referring to uploading this to a Git repository. I am configuring the samples for a customer who has asked me to set up for them. I am wondering why the key file cant live in a directory out side the structure then set with a path to where the file is. Why is it living in the actual structure itself. Why not an env var with a path to the file? In my experience credentials files always live out side of the actual project to prevent them from being mistakenly uploaded to source repositories.
Then the build script could copy it in when its time to deploy
I had to add it to the gitignore file to prevent it from being uploaded.
Fleker
commented
4 years ago The .gitignore already includes src/*.json and dist/. That should prevent the key from being available to source repositories, and should be quick enough to get the developer to run the sample.
The key file could be provided in another way if we use a new version of the google-auth-library, even not being required if running on App Engine, as the association can be made by default. Although the library requires Node 8 as a minimum whereas actions-on-google can support Node 6.
proppy
commented
3 years ago Closing as obsolete.
I am trying to prvent this json key file from being uploaded to the repo.
But when i try and store it outside of the src directory i get
This is becouse the build script has
And then i notice that the file has in fact been moved to that directory.
Isnt there a way to set this up so that your not copying the key file all over the place this should be kept in a key-store out side of the project itself.