I have my static content based app (DO App Platform) up and running.
I’d like to add one file which contains an API key to the app.
Is it possible to add the file without adding it to my github repo?
Is there some way to add a secret api key to my app which can be read from JavaScript?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

As far as adding a file, you could configure a custom build command to pull down a file during the build process. Outside of that we don’t have any other mechanisms to add an “env” file.

You can however, define a given environment variable as a secret for your application. We store the value encrypted along the entire process until it gets mounted in your container for use.

It’s both available as an option when configuring environment variables in the UI as well as on the app spec.

Here is how you would set it in an example app spec:

name: sample-environment-app-types
services:
- name: web
  ...
  envs:
  - key: TYPE_SECRET
    type: SECRET
    value: secret-value

Note: After submitting, value will always be returned as an encrypted value in your app spec. You can keep re-submitting the encrypted value to leave it unchanged, or specify another plain text value to update it.

Additionally, feel free to reference our spec documentation for more information about all the configuration options available to you:

https://www.digitalocean.com/docs/app-platform/references/app-specification-reference/

  • Wow! Because of your detailed answer I was able to create a work-around and solve it. I used curl to pull the file. I’m shocked I was able to pull it off. Very cool!