Open euanmillar opened 1 year ago
We do now have validation for deployment time environment variables. Having a process-level validation would still make a lot of sense however, as we have no control over deployment infrastructure of an implementing country
Before starting any service in packages/service, ensure all environment variables are set. If vars such as CHECK_INVALID_TOKEN are missed or set incorrectly in production, it can expose the application.
The impact of this is reduced risk of misconfiguration and significant reduction of time spent debugging in OpenCRVS instances installed either by us or SIs.
This can for instance be done using envalid library. Implement this also for country config.
Dev tasks
Install envalid to all microservices.
Search and remove unused environment variables.
Define environment variables and types as strictly as possible, so that strings like
"true"
never escape to the application code before being converted to boolean[x] Auth
[x] Client
[x]
Commons (?)- No environment variables[x]
Components (?)- No environment variables[x] Config
[x]
Dashboards[x] Data-seeder
[x] Gateway
[x] Login (?)
[ ] Metrics check out Riku's PR
[x] Migration
[ ] Mobile-proxy (??)
[x] Notification
[ ] Scheduler (! ?)
[ ] Search check out Riku's PR
[x] User-mgnt
[x] Webhooks
[ ] Workflow check out Riku's PR
[x] Country config