-
Notifications
You must be signed in to change notification settings - Fork 5
Encrypted variables
Variable values such as prod passwords can be encrypted using AES256.
To create a key file which is used to encrypt and decrypt those values use the command Create-EncryptionKey C:/temp/keyfile.txt in the package manager console. Keep the keyfile save.
To encrypt specific values in your config file add the do-encrypt attribute to your variables:
prod.xml
<?xml version="1.0"?>
<environment description="prod environment">
<variable name="Firstname" value="Jack " />
<variable name="db.password" value="secret-password" do-encrypt="true" />
</environment>Run Encrypt-Environments C:/temp/keyfile.txt to easily perform the encryption using your generated key. Your variables will be replaced in the environment config file:
prod.xml
<?xml version="1.0"?>
<environment description="prod environment">
<variable name="Firstname" value="Jack " />
<variable name="db.password" value="AdwL8p7FFUlzELHJoDKzF6zUbyVYJK3Eq/RPGT3JFOaRlBkPb15tteb0zi3AjScy"
encrypted="true" />
</environment>Both commands Switch-Environment (package manager console inside Visual Studio) and Invoke-DirectoryTransform accept the parameter -PasswordFile. If not specified and the transformation stumbles over an encrypted variable, it won't abord the transformation but print a warning.