How to add a secret file in a secure location on a Vercel deployment server?
I am deploying a Next.js project to Vercel. The project is an uploader connected to Google Cloud Platform. It uploads files to a storage bucket.
Locally the file works fine. Credentials for GCP are stored in a local JSON file, as supplied by GPC (created automatically when the credentials are created). I am using the .env file to store environment variables, including the path to this local file.
On Vercel, I will need to supply an environment variable as well that supplies a path to this json file. Where can I store this JSON file on the Vercel deployment server?
Using the cli I have tried:
vercel secrets add GOOGLE_CLOUD_KEY_FILE --json path/to/file.json
and
vercel secrets add GOOGLE_CLOUD_KEY_FILE --local-file path/to/file.json
Which don't work. The cli returns an error about too many arguments. In any case these options are not documented.
Also I checked the docs and the dashboard for a way to add a secret, without success.
One way to get around this is to pass in a string to env variable and then parse it in your code as JSON.
Remove line breaks (except any that are inside "". maybe part of a key.) from the json file. I've used textfiler in the past.
Create a new Vercel environment variable. To do this via the command line, run vercel env add SECRET_JSON. It will prompt you ? What’s the value of SECRET_JSON?. You can paste the json content from step 1. You can also do this via the Vercel web ui. If you are developing locally, you can add it like this SECRET_JSON='JSON file content without line breaks' to your .env.local
Use the new env variable by parsing it as json. const secretJSON = JSON.parse( process.env.SECRET_JSON);