I have a solution with three projects that is holding several API keys. These keys are for reasonably sensitive Web API's including OpenWeatherMap, Google TTS and OpenAI. The project I'm working on is a simple Weather report website that uses OpenWeatherMap to retrieve weather data, OpenAI to convert the data into text and Google TTS to make it spoken text. And I want this project to become an open source project, Simple BSD-licensed, hosted on GitHub, for others to enjoy and use.
But the problem is that I cannot share my API keys. So I considered putting them in the Secrets of my project.
But I also want to deploy my applications to my server. There's the web application, which doesn't really have secrets, but it needs to know where the data files are stored. A class library project for some shared classes. But more importantly, there's a console application that does the real magic: Get data from OpenWeatherMap, use OpenAI to convert it to text and finally send it to Google TTS to make an mp3 file. And this will run every day to get the latest weather update.
So, when I publish my console application, will it also publish these secrets? If not, how do I get these secrets to my server? And how to keep these secrets out of GitHub (as in: no one can access them) while still showing the structure of this secret data?
This is just a fun and educational project that I want to share with others.
there are many ways to do it, one of the best ways is: if you're hard-coding the secret keys directly on your controllers or models you should move them to a different file and assign your keys in a single dictionary like this line below:
var myDictionary = new Dictionary<string, string> { { "AWS_SECRET", "MY_XXXX" }
};
so, you can access the values that you defined on your dictionary by the key that you defined for it on your file, and then you should define the file name that you define your secret keys on it in your .gitignore file, then for the next pushes your secret keys will not be pushed to your repository anymore!