Manage User Secrets in a custom config file - xamarin.forms

I have a Xamarin.Forms app. As it does not have built in configuration file, I used a solution found here:
https://www.andrewhoefling.com/Blog/Post/xamarin-app-configuration-control-your-app-settings
and here
https://github.com/HoeflingSoftware/XamarinAppSettings
So now I have a custom appsettings.json file. The secrets in the file are replaced in AzureDevops pipeline. But how can I run the app from Visual Studio (on an emulator)? If it was a web application, I would use Manage User Secrets functionality, which would store the secrets in my file system. So it would be used automatically when the app is running during development. But how can I do it for a Xamarin.Forms app with its custom json file?

You could use the Replace Text in Source Files task on Marketplace to replace text in your source, before you build the project. You can then store the secret as a secure value in the pipeline variables library.
We use a similar approach to update the build versions for Xamarin Apps and for providing access to the Signing files.

Related

How to load configuration dynamically in Next.js deployed app?

I want to have dynamic configuration for my Next.js project.
I want to be able to change it after Next.js is built and deployed.
Right now I'm using .env and .env.production which are part of dotenv repo. But it seems that Next.js or dotenv compile the content and there is no way to change them dynamically.
How can I do that?
You can't change .env after building and deploying. But a workaround is always there.
Put a JSON file separated from the project and host in the server. Read the JSON file from that server and use that variable in the configuration. But there is a security issue if you put secrets and credentials in that JSON. for that, you can write a simple node project with returning JSON configuration using API. Use a token key to access that API. Put this token secret in that node project. So, changing those variables in that node or JSON project will be more cost-effective than rebuilding and deploying again the whole project.
or simply put those configuration in database.

Does Firebase support in command line (CLI) registering new app & downloading configuration files?

We have a build script to generate new APP from templates. Can we also automate the process in Firebase console in the script using CLI? This is for setting up cloud messaging.
So far all instruction I found is through web UI, as in https://support.google.com/firebase/answer/7015592?hl=en.
Thanks!
These is not currently features of the Firebase CLI. There also is no API to create apps (or projects) or download configuration files at the moment. Both would be valid feature requests though, so I'd recommend to file a feature request.

Deployment Variables for Azure .Net Core Web App

I am having trouble getting the desired result from my CI/CD pipeline when deploying a .Net Core 2.0 web app to Azure.
As it stands everything is working when I deploy to my test environment. I have added a setting - ConnectionString:Main - to link to the correct database in the AppSettings section for the development app in the Azure portal.
I now want to deploy to my production environment. The issue is that there are two production databases, only one of which is "live" any any one time. What I would like to do is create two release definitions, one for each database and then have the ability to deploy using either one.
Is it possible to simply add a release variable that will override the local connection string in AppSettings.json as it was with previous .Net versions or is a more complex solution required?
You can use JSON variable substitution feature of Azure App Service Deploy task, for example, replace the value of ConnectionString in the sample below, you can define a release/environment variable as Data.DefaultConnection.ConnectionString in release definition.
{
"Data": {
"DefaultConnection": {
"ConnectionString": "Server=(localdb)\SQLEXPRESS;Database=MyDB;Trusted_Connection=True"
}
}
}
When using ASP.NET Core apps on Azure, the recommended way to store secrets is by using Azure Key Vault. This makes sure that no credentials are stored in version control or in VSTS.
If you really want to update a configuration value during deployment, you can tokenize your parameters and replace them during deployment. You can use this marketplace task for that. Managing Config for .NET Core Web App Deployments with Tokenizer and ReplaceTokens Tasks describes how to use these tasks.
You should be able to accomplish this by creating the deployment via ARM template and creating different parameters files for each environment. Using the template the relevant app settings can be replaced, which will inject them into the Azure portal Application Settings. These settings will override what is checked into your config file in the repo.

Application Insights added ConnectedService.json file to my project, Do I have to deploy it to the production server?

Follow up to this question:
Application Insights added ConnectedService.json file to my project, what does this do?
When I create a deployment package, via "Publish..." option, the package also include the following folder and files:
Service References\Application Insights\ConnectedService.json
I do not want to deploy something that is not required at runtime. Do I have to include the folder and file in my production server deployment?
No. Those files are only used by visual studio for its information, to know what services have been added and give you links back to them inside VS. None of that needs to be deployed. those files can all be set to do not copy/etc.

How can I change a setting in appsettings.json after auto-deploy?

I have an ASP.NET Core application going on an have setup Github auto-deploy on it. But since it's an open repo I obviously don't want to upload my correct configuration file.
What I'd like to do is to replace some strings in the appsettings.json after a github auto deploy.
"AppSettings": {
"Token": "my super duper secret token"
}
How can I change my super duper secret token to my real token after a github deploy on Azure?
As I know we can config token in App Settings on the Azure port.
I do a test on this, it works successfully, the following is my detail steps.
Create an Asp.net core Application.
Add [AppSettings] section in the appsetting.json file (Token vaule: mysecretkey).
Add a public class AppSettings.cs under the created project.
Add the code services.Configure<AppSettings>(Configuration.GetSection("AppSettings")) in the function ConfigureService function in the Startup.cs file (For .net Core 1.0).
Note:The syntax for model binding has changed from RC1 to RC2. Using services.Configure<AppSettings>(Configuration.GetSection("AppSettings")), is no longer availableIn order to bind a settings class to your configuration you need to configure this in the ConfigureServices method of Startup.cs:
services.Configure<AppSettings>(options => Configuration.GetSection("AppSettings").Bind(options));
5. Add code to the HomeController.cs file.
Publish the WebApp to the Azure Portal.
Add [AppSettings: Token] in the Azure Portal.
Browse the WebApp and select the about tab to see the token value is that the value set in the portal.
Assuming the web site already exists as a resource in Azure, you can simply set the App Settings/Connection strings in the portal. These will override the ones in the appsettings.json file at runtime. Ie. your app will first look at the azure app settings/connection strings before looking for them in the local file. This is part of asp.net core's "cloud first" approach to configuration management. These settings wont get overwritten when you deploy code to the app/slot.
Found a blog post here which describes it in a bit more detail, using the .AddEnvironmentVariables() call to add azure slot settings to the configuration.
There is a code editing functionality in developer tools settings (Settings -> Development Tools -> App Service Editor (Preview)). You can go there and change any file you like in there. But you probably will need to restart the web application (by editing web.config or some other way).. You can also use Kudu (Advanced Tools) for that, but it's not as pleasant UI as Visual Studio Code in the first option.
Though the more advanced and correct way of dealing with application secrets is the special secret manager. You can read more about it on asp.net documentation here.
Generally it's a way to load the secrets from a protected data storage and override them with environmental variables in production (can be set in azure web app).
If you are using Azure DevOps Release to deploy, you can easily specify properties for each environment/stage.
You can use the task File Transform and indicate the path to appsettings.json:
Or if you are deploying directly to Azure:
So you just need to create the variables to override the data in the settings:

Resources