Improvement on Qovery Template

Hi everybody,

I just want to share with you a small point of view on the Qovery Template.
It concern especially the .env file. As you may know it’ not really cool to have a .env file expose on your Git repository & in your commit/push.

When you use a Qovery Template it push to your repository the .env file in order to inject some default environment variable to Qovery. The bad things is that every time you’ll use a Qovery Template, you’ll have to remove from your git this .env file and then push the modification in order to clean your Git.

You may tell me that it’s not that bad and that it’s just another step, but if you don’t know about this you won’t do it and you’ll - like I did the first time I used a Qovery template - expose your private env variables.

For that it would be great if there was a way to put a config file for each template that tells Qovery what env variables to inject by default (like the .env) but it would not be pushed to the user’s git repository created by the template

I hope this will help :smiling_face_with_three_hearts:

4 Likes

I think this is a good point - it’s a bit disturbing to have each time the .env applied. On the other hand, when the .env file is modified, it would be great to update it because it has changed. There is for sure something to improve here. I keep this thread open to discuss it with @bguyot and see what we can do. Thank you @Stun3R :heart:

1 Like

Hi @Stun3R

Not sure that it will help to solve your problem but what about using .gitignore to filter out the .env file?

Here more information about:
https://git-scm.com/docs/gitignore

Also if your .env is already pushed you need to consider changing all your secrets.
Better explanation here:

Hi,

I already thought about it but the fact is that the Qovery Template can’t have a .gitignore file with the .env file inside because the goal of the template is to create a repository on your git account and push the .env since it needs it to inject in Qovery all the environment variable needed.

The fact is that in this case the .env is already pushed so you’ll have to remove it, push the changes and after that push the .gitignore. Finally you’ll be able to use the .env file without exposing your secrets.

1 Like