'How do I keep ASP.net connection string passwords secure on a git repository?
Up until now I have been using gitignore to ignore my web.congfig and web.release.config files so that my connections strings (including passwords) do not get stored in the git repository.
This has been fine with changes to the web.config being passed around on encrypted removable media.
BUT I have just started to look at using continuous integration and storing my code on Visual Studio Team Services. For this to work (unless you can suggest a fix) I must have the web.config included as part of the project.
I am hosting the application on a windows server (in-house) with MSSQL DB and a connection to an Oracle DB on different server.
I'm not the most advanced developer but holding my own so far. All support greatly welcomed.
Solution 1:[1]
You're right to avoid putting login credentials into the source control repo.
At the same time, even without CI considerations, you've been building a limited history, in that git cannot help you determine what a web.config should look like if you're reproducing the environment of a previous release for some reason (like tracking the origin of a bug).
A typical approach is to store a template for each affected config file. (This is useful not just for values that are sensitive, but also those that might local between environments and/or dev workstations.)
In the simplest case, a developer checks out the code then copies web.config.template (or something like that) to web.config, then edits web.config to insert required values. (You continue telling git to ignore web.config.)
For a CI scenario, you'd like the build process to automate the insertion of values (and error out if it doesn't have appropriate values to insert). For example Maven calls this "resource filtering" - you'd store a "filter" (a file that maps placeholders to actual values) for each environment on the build server, and developers could maintain their own filters for local builds.
(If you don't use a build tool that has this sort of functionality, you could just keep a copy of the web.config available on the build server, but that's error-prone when the web.config should change.)
Solution 2:[2]
Could you simply move your connection string to a new file and ignore that? You could then reference that file using config source?
Outlined here: http://johnatten.com/2014/04/06/asp-net-mvc-keep-private-settings-out-of-source-control/
This keeps your web.config in tact completely, just getting your con string out of the way.
Solution 3:[3]
You can simply move your connection string to a new config file and then reference that file using config source
After that you can publish it to file system -> Go to Visual Studio Tools -> Open Developer Command Prompt in admin mode -> Give command aspnet_regiis -pef "connectionStrings" "Path where your you have published your code" -prov "DataProtectionConfigurationProvider"
You will get encrypted config file from this. That can be read while runtime.
For decryption you can use command: aspnet_regiis -pdf "connectionStrings" "Path where your you have published your code"
Solution 4:[4]
From the docs about Connection Strings, "In ASP.NET Core the configuration system is very flexible, and the connection string could be stored in appsettings.json, an environment variable, the user secret store, or another configuration source."
Configuration in ASP.NET Core details each of these approaches
- Settings files, such as appsettings.json
- Environment variables (my personal favorite)
- Azure Key Vault
- Azure App Configuration
- Command-line arguments
- Custom providers, installed or created
- Directory files
- In-memory .NET objects
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Mark Adelsberger |
| Solution 2 | Night Channels |
| Solution 3 | Abhi |
| Solution 4 | Abel Wenning |