Change passwords (datasource and admin) to environment variables and create the .env and .env.example file


When you export settings today, you have plain text datasource passwords and a hashed admin password in the .Config.json file. Instead, the passwords should be changed to environment variables and a .env and .env.example file should be created automatically.

Maybe the datasource name should be used for the password env variable? So if there is a datasource named bleh, the password should be changed to something like

The .env file would have been created with something like...

And the .env.example file would have been created with something like...

This kind of thing should work for all datasource passwords, admin passwords, and maybe even usernames? Most of our projects already have these two files, so maybe you'd need to check if the file exists and append to it if it does. Hmm.


Brad Wood
May 23, 2018, 5:42 PM

I don't think this ticket would need to touch the dotenv library. It's not the remit of the dotenv lib to write file, just read them. Java properties files are a standard and documented format. CFConfig would be responsible for creating the file for the user, which is fine (and easy) since it uses the PropertyFile library I wrote:

Carl Von Stetten
May 23, 2018, 4:21 PM

Just a clarification - this ticket might require modifying the commandbox-dotenv module to write to .env files (currently only reads from them). Then cfconfig could write the placeholder tokens in the .cfconfig.json file and the actual values in the .env file.




Dan Murphy