This module allows you to securely manage sensitive data in your Drupal configuration. It automatically replaces placeholder values in your configuration files with actual secrets loaded from a `.env` file, preventing credentials from being hardcoded and allowing different secrets for different environments. This ensures that sensitive information remains separate and secure during configuration imports.
Recipe secrets module allows the use of secrets in configuration files imported from a recipe. It retrieves secret values from a .env file, ensuring sensitive data remains secure and separate from the exported configuration. This improves security and flexibility by preventing hardcoded credentials in configuration management.
Features
- Automatically replaces placeholders in configuration files with values from a .env file.
- Load different secrets for different environments without modifying configuration files.
- Works within the configuration import process to apply secrets dynamically.
Usage
- Enable the Module: Ensure that the Recipe Secrets module is activated before importing configurations by your recipe.
- Define Secrets in the `.env` File: Create or update your `.env` file with the required secret values.
- Reference Secrets in Your Configuration Files
API_KEY=your-api-key-here
DB_PASSWORD=your-secure-passwordUse the `!secret` syntax to reference secrets in your YAML configuration files.
The module will automatically replace these references with values from the `.env` file during the import process.
pi.settings:
api_key: '!secret {{API_KEY}}'
database:
password: '!secret {{DB_PASSWORD}}'