Question

How to encrypt log forwarding credentials with App Platform?

I’m using App Platform and I would like to commit my log forwarding configuration to source control. I’m using Logtail, so the configuration looks something like this:

services:
- name: MyService
  log_destinations:
  - logtail:
    token: my-logtail-token
    name: MyAppLogs

I would prefer to encrypt the Logtail token before committing it to source control, however, since I believe it’s basically an API auth token. I tried adding it as an application secret, like below, but I believe these secrets are only available at build and runtime, and cannot be injected into the configuration itself?

envs:
- key: LOGTAIL_TOKEN
  scope: RUN_AND_BUILD_TIME
  type: SECRET
  value: EV[...]

...

services:
- name: MyService
  log_destinations:
  - logtail:
      token: ${LOGTAIL_TOKEN}
    name: MyAppLogs

Certainly, this didn’t seem to work.

Is there a way to accomplish what I’m trying to do? Thanks in advance.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer