C
C#4w ago
Jiry_XD

✅ Asp .NET Core production settings.json question.

Hi all, As you know you have an appsettings.json file. Which contains some general things such as:
{
"ConnectionStrings": {
"SqlServer": "afakeconnstring, you should not store it here, overridden with usersecrets"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning",
"EntityFrameworkCore.Triggered": "Warning"
}
},
"AllowedHosts": "*"
}
{
"ConnectionStrings": {
"SqlServer": "afakeconnstring, you should not store it here, overridden with usersecrets"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning",
"EntityFrameworkCore.Triggered": "Warning"
}
},
"AllowedHosts": "*"
}
We also have a launchsettings.json file
{
"profiles": {
"https": {
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "swagger",
"inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
"applicationUrl": "https://localhost:5001;http://localhost:5000",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
},
"dotnetRunMessages": true
}
}
}
{
"profiles": {
"https": {
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "swagger",
"inspectUri": "{wsProtocol}://{url.hostname}:{url.port}/_framework/debug/ws-proxy?browser={browserInspectUri}",
"applicationUrl": "https://localhost:5001;http://localhost:5000",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
},
"dotnetRunMessages": true
}
}
}
In production when we publish our app, what is the default running environment? How do I set the ASPNETCORE_ENVIRONMENT to "Production" in production? How do I set a seperate ConnectionString_SqlServer for production? Does the published production build have these .json files or do they rely solely on the HOST environment variables?
26 Replies
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jiry_XD
Jiry_XDOP4w ago
Thanks, So if I get it correctly default with a fresh host system, no set ENV variables, it will default to production as there is none? As for the second question in production what is the best for the appsettings.json file, also make them connectionstring_sqlserver variables or?
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jiry_XD
Jiry_XDOP4w ago
I think configuration is loaded depending on which environment is selected if development: appsettings.development.json if production appsettings.production.json. If there are any ENV variables set with same name it will use that, if there are any usersecrets it will use that
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jiry_XD
Jiry_XDOP4w ago
I will, thankyou
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jiry_XD
Jiry_XDOP4w ago
I see thanks, I will read through the docs. Now that you mention it, I also have a default appsettings.json witouth a .env next to my .development.json. I am guessing that is lowes priority and that is applied to both if not overridden?
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jiry_XD
Jiry_XDOP4w ago
Sorry I meant that haha, I could've formulated it clearer 😅 . I meant I have a appsettings.json (no .env such as .development) and a appsettings.development.json And my question was, what is the purpose of that one witouth the .env? It will just have the lowest priority and will get applied if nothing overrides it? After reading the docs that is the case 😛 Thankyou for the help Then I have one more question. Storing a connection string that gets pushed to the github repo is not a good idea. So what is the best way to pass it this one without giving it in appsettings.Production.json? ENV variable, CLI argument, ... what would you do?
Jimmacle
Jimmacle4w ago
don't commit appsettings.Production.json to git
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jimmacle
Jimmacle4w ago
i commit appsettings.json with defaults or empty values and use user secrets in development, production values only exist on the actual production server
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
greyfox
greyfox4w ago
it's good practice to run the application on a service account, using integrated security to do its thing
Jimmacle
Jimmacle4w ago
connection strings aren't the only secrets i deal with
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jimmacle
Jimmacle4w ago
you can use integrated security as long as you're in a windows environment using sql server, sure
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jimmacle
Jimmacle4w ago
i was responding to greyfox i don't use it either
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
greyfox
greyfox4w ago
There's the likes of Credentials Manager as well if it's a windows server box
Jimmacle
Jimmacle4w ago
i just wrote a custom json configuration provider that encrypts secrets with DPAPI
Jiry_XD
Jiry_XDOP4w ago
Gotcha thanks guys We did push appsettings files but not to worry they don't contain sensitive data
Unknown User
Unknown User4w ago
Message Not Public
Sign In & Join Server To View
Jiry_XD
Jiry_XDOP4w ago
I invoke the 5th 😅
Want results from more Discord servers?
Add your server