Question
Best way to manage private key for Firebase Connection?
- Posted April 11, 2021
- DigitalOcean App PlatformDigitalOcean SpacesSecurity
Hi
I am deploying an app using DigitalOcean Apps (Which was amazingly straightforward by the way!) However I can’t work out how to handle keys for my Firebase Admin connection. The docs specify that a JSON file should hold all the params: https://firebase.google.com/docs/admin/setup
The safest way to handle these creds securely would seem to be to use a build command to pull the JSON file from a store. (I want to use an environment variable to pull the right JSON file according to which environment I am deploying).
I was hoping to use a DO Space, but there appears to be no easy way to pull from it using a Build command as it needs to use the S3 API/ SDK which is not available to a build command for an App. Does anyone know how I might go about pulling this at build time?
Only other thing I can think is to run a shell script that builds my JSON from environment variables, but that seems like a sub-optimal solution!
Any suggestions welcome as I am quite new to this!
Thanks
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
A less well known way to initialize the SDK is to use the cert function. Then you can simply pass the config as a single line JSON string (as an env var):