How to still be able to read files from .gitignore? - javascript

Hi I'm trying to create a Discord bot using Discord.js and deploy it to Heroku.
I have successfully deploy it to Heroku, but the logs shows an error. Here is where I think the problem is:
app[worker.1]: Error: Cannot find module './config.json'
config.json cant be found because i put the config.json file inside a .gitignore file. This is because i have some credentials (bot token) that i need to protect inside that file. However, the main file needs access to the config.json in order to run.
Is there any way to still protect the contents of the config.json file while still being able to run the program? The GitHub repository is set to private, so should i exclude config.json from .gitignore instead?

If it's just a small side project, and your GitHub repository is private, there should be no issue in leaving the config.json out of your .gitignore. However, for larger or open-source projects, you can use Heroku's config vars, and that should do the trick. I recommend using config vars but if you just want to throw your code up on Heroku, leaving it out of .gitignore should be fine. I would recommend config vars though, they work reliably.
Thanks,
Jackson

You should use environmental variables to save tokens. Then you change your config.json to point to those environmental variables, and not the actual token.
More info on how Heroku does env variables here:
https://devcenter.heroku.com/articles/config-vars
(I'm assuming it's not having issues finding your config because it's looking for config.json when the file is actually named config.js or vice versa)

Related

Azure Web Static Apps can't read .env with NEXT_PUBLIC prefix

let say I have .env like this
NEXT_PUBLIC_API_BASE_PATH = value1
this .env is working as expected in my local, but after I deployed to Azure Web Static Apps and also added this .env in configuration
my application seems can't read this .env as I debug it through console it returns the value of undefined.
I already know the mitigation by adding the value through my .yml file and next.config.js, but as I know this solutions is not really good to be implemented in real production scenarion. Is there any answer for this issue yet?

vercel read-only file system, chmod

Hi everyone,
I use vercel to deploy my project. One of my NextJS project dependencies, located inside node_modules, reads and writes files in its own folder. When I import this dependency, I get the following error:
"errorType":"Runtime.UnhandledPromiseRejection","errorMessage":"Error: EROFS: read-only file system, chmod '/var/task/node_modules/MY_DEPENDENCY/src/FILE'"
Is there a solution?
Check out following thread - https://github.com/vercel/community/discussions/314?sort=new
If you need to store something temporarily, you may try to use /tmp directory.
Limit 512 MB + no guaranty - https://github.com/vercel/vercel/discussions/5320
You did not mention what the project dependency does, however its generally an anti-pattern to use serverless functions to write files as there is no guarantee of existence on the next invocation
Potential directional Solves
It might be better for you depending on the type of file written (assets or flat files ) to a bucket like S3 OR to a database - There are multiple ways to accomplish writing of shared state between functions.

How to share code between client and cloud functions [duplicate]

I have a Node server and multiple controllers that perform DB operations and helpers (For e-mail, for example) within that directory.
I'd like to use source from that directory within my functions. Assuming the following directory structure:
src/
server/
/app/controllers/email_helper.js
fns/
send-confirm/
What's the best way to use email_helper within the send-confirm function?
I've tried:
Symbolically linking the 'server' directory
Adding a local repo to send-confirm/package.json
Neither of the above work.
In principle, your Cloud Functions can use any other Node.js module, the same way any standard Node.js server would. However, since Cloud Functions needs to build your module in the cloud, it needs to be able to locate those dependency modules from the cloud. This is where the issue lies.
Cloud Functions can load modules from any one of these places:
Any public npm repository.
Any web-visible URL.
Anywhere in the functions/ directory that firebase init generates for you, and which gets uploaded on firebase deploy.
In your case, from the perspective of functions/package.json, the ../server/ directory doesn't fall under any of those categories, and so Cloud Functions can't use your module. Unfortunately, firebase deploy doesn't follow symlinks, which is why that solution doesn't work.
I see two possible immediate fixes:
Move your server/ directory to be under functions/. I realize this isn't the prettiest directory layout, but it's the easiest fix while hacking. In functions/package.json you can then have a local dependency on ./server.
Expose your code behind a URL somewhere. For example, you could package up a .tar and put that on Google Drive, or on Firebase Cloud Storage. Alternatively, you can use a public git repository.
In the future, I'd love it if firebase deploy followed symlinks. I've filed a feature request for that in Firebase's internal bug tracker.

Is it best practice to hide API keys in .env file in React

I am new to React and was learning how to hide API keys gotten from GitHub API and from other APIs. I found out that it is possible to hide keys in .env files and get access to those keys by using REACT_APP and ensure that .env file is added into .gitignore file in order not to be submitted to a server. `The question is Is it considered best practice the way of hiding keys I described above. Secondly, is .env file added to a server even if we add .env file into .gitignore file.
If you are going to be passing the contents of the environment data file to React, which is client-side code, then it isn't likely to be very useful for keeping things secret.
Mostly this will be useful for keeping your various environments separate (e.g. so you don't accidentally use the URL for your test API server in the production deployment of your app).
If you were using this for server-side code, then it would be useful to keep your secrets secret and not publishing them in a git repository (that you might want to allow other people access to).
Whether or not the environment data file would be deployed to your server would depend on your deployment process. If your deployment process consisted of nothing more than checking out your git repository to the live server, then no, it wouldn't be deployed.

How do I deploy to heroku from git when my API key is in a .gitignore file?

I have my API key set to a variable in an apikey.js file, and I reference the variable in another javascript file where the API key is supposed to be.
I added apikey.js to .gitignore so that people wouldn't see it when I pushed it to my (public) github account.
However, when I try to deploy, the app doesn't work because of the .gitignore.
How can I continue to push up files omitting the API key to my repo on git while deploying on heroku?
use https://github.com/ddollar/heroku-config, and you can keep your secrets in a file called .env and ignore that in .gitignore
Install it with heroku plugins:install git://github.com/ddollar/heroku-config.git
You can run heroku config:pull --overwrite --interactive to generate an initial .env file that includes your service secrets, etc, and heroku config:push to save it, remotely.
I am assuming that you are using node, since your config file is javascript. To get the values in your .env file in node use process.env. For example to connect to your mongolab in mongoose:
mongoose.connect(process.env.MONGOLAB_URI);
There is more about all this here: https://devcenter.heroku.com/articles/config-vars#local-setup

Categories