The current setup is:
- our backend API is deployed as an AWS lambda, configured/managed by claudia.js
- dev env vars stored in
dev.jsonand prod env vars in
prod.json, committed to repo
- pushes to dev/master branches trigger circle.ci build and deploy workflow
claudia update --version dev --update-env-from-json env/dev.jsonis called, setting env vars and doing the deployment to AWS
This works ok for now but I’m not that happy with it since secret keys and so on are being stored in dev.json and committed to the repo (insecure).
I’d rather that the env vars are stored in circle.ci and then injected to claudia deployment during the build and deploy workflow. How can this be best achieved?
Another option could be bypassing claudia and using circle.ci to update the lambda env vars straight into AWS