In my project, we store DB passwords in an external Global Properties file and the project is there in git. We use jenkins to execute the builds.
In external global properties file, the password is stored in plain text format. I somehow want to encrypt the file or use any other means to secure it. And I should be able to use that password in scripts to access backend db.
could you please help me out with how do I go about it ? What are the ways?
Thanks
Related
I exported my azure SQL Managed instance to a Bacpac file using SQLPackage, Now I want to store it on a azure file storage. Before I want to copy the bacpac to the file storage, I want to encrypt it using a Secret from Azure key vault. SQLPackage does not have any encryption functionality, does anyone know a good tool I can use to encrypt the bacpac file before copying to the file storage? Preferably a tool I can call in my ps1 (powershell) script. I want to use the same tool to decrypt the bacpac file again once downloaded from the file storage.
The official approach is to use client-side encryption. However, there is no existing tools. You may write a program to upload the encrypted content and download the decrypted content.
Here are two official client=side encryption samples:
.NET sample: https://github.com/Azure-Samples/storage-dotnet-client-side-encryption
Java sample: https://github.com/Azure-Samples/storage-java-client-side-encryption
I need a storage system with the following requirements:
1. It should support data/service clustering
2. It should be open-source so that I can extend functionalities later if needed
3. It should support file system because I want to access some files as public url(direct access). So that I can store my scripts in these files and directly refer these files.
4. Supports some kind of authentication
5. I want it to be on premise (Not cloud).
Ceph seems to qualify all the criteria but does it support the public access of files just like a URL(Point 3) ? It has ability to generate temporary URLs though but I want permanent URLs for few files.
You could run Nextcloud and have your data volume (and database, if you feel so inclined) stored on the Ceph cluster. That's open-source, you can setup direct links to files including permanent links, and is authenticated.
Where to store sencitive information like signing configs, api keys etc on Cicrle without adding them to git.
Normaly I dont upload such files to git repositories, but I dont see how can I use Circle without them
You would use private environment variables. This would be loaded into CircleCI via the webapp or API, and then injected into a running build. This way, sensitive information won't have to be stored in your repository.
Here's a doc on Environment Variables in CircleCI 1.0 and CircleCI 2.0.
Use environment variable. If you want to use file, encode it as base 64 string https://support.circleci.com/hc/en-us/articles/360003540393-How-to-insert-files-as-environment-variables-with-Base64
If you need to insert sensitive text-based documents or even small binary files into your project in secret it is possible to insert them as an environment variable by leveraging base64 encoding.
It seems CircleCI does not support sensitive file yet.
Assuming I have an app on iOS that generates a data file, and I would like the user the ability to import/export that file, how is that best done?
Import from email in xcode/objc:
http://www.raywenderlich.com/1980/email-tutorial-for-ios-how-to-import-and-export-app-data-via-email-in-your-ios-app
Is this possible in Delphi? (i.e. register an ios app as file handler for a specifc file type)
(I am planning on handling export through generating an email attaching a file? I suspect this is probably possible although if anyone knows for sure, feel free to share)
It has been asked why import/export across email is useful.
Because legally EU/US law and cloud storage is difficult with personal data
You don't need any desktop computers
You can sync data between ios and android apps if user changes mobile
You are not bound to any specific cloud provider or anything similar
Quote from above article where author explains where the file path is passed to the app:
application:didFinishLaunchingWithOptions, passing the URL in the
UIApplicationLaunchOptionsURLKey, or via application:handleOpenURL.
But since I have not used Delphi for ages (for mobile), I would just like to know for sure if Delphi supports this or not before buying a new version
You can send files using email. I use the email component from D.P.F Delphi iOS Native Components to send file attachments using email. I don't see any reason why you should not be able to send your data file as long as it is not too big. Use a file extension that is unique to your app.
You could also use iTunes filesharing in order to give your users direct access to your data file. Just set the UIFileSharingEnabled key in your info.plist and store you data file inside of the documents folder. This does require a desktop PC, but it is still a very nice addition to sending backups by email.
Depending on your needs,
I would suggest looking at perhaps saving the file to a server using FTP and Indy and then on the other device you can retrieve it?
http://www.delphipages.com/forum/showthread.php?t=208397
Set the TidFTP connection parameters
Do a FTP put : // ftp.Put('testfile.txt');
Perhaps have a Database with a column that you specify a file version etc
Do a simple Get request if you want to retrive the file with the filename
or Alternatively you can save it to a blob field in a DB and have the other device read the blobfield if you don't want to do it via FTP
I'm wondering where's the best place to save some simple insensitive data? Like a few URLs and some settings.
Please advise.
If this is a per-user file, you should save it in the current user's profile. For example, on my Windows 7 system, you should use
C:\Users\Andreas Rejbrand\AppData\Local\Your Company Name\Your Product Name\Version
such as
C:\Users\Andreas Rejbrand\AppData\Local\Rejbrand\AlgoSim\2.0
To get the C:\Users\Andreas Rejbrand\AppData\Local path, you use the SHGetSpecialFolderPath function.
Settings, and specifically user-specific settings, can be stored in the registry. Have a look at the Registry unit and the TRegistry object.
Here's some demo code to get you going:
var
r:TRegistry
begin
r:=TRegistry.Create;
try
r.OpenKey('\Software\MyApplication',true);
r.WriteInteger('Setting1',Setting1);
r.WriteString('Setting2',Setting2);
finally
r.Free;
end;
end;
INI file or JSON file or XML file depending on your needs for local usage.
DB is for net usage.
It all depends on the purpose of those settings! If you want XCopy deployment, I would suggest an XML file next to the exe. But if you also need to write to this, you should find a suitable location in the current user's profile or the "all users" profile. The registry (local machine or current user) would also be a good option for simple settings.
Another question is the type of settings that you need to store. If it's simple settings, I generally start with Altova's XMLSpy to generate an XML schema, defining the structure of the settings. Then I use Delphi's XML import wizard to generate code from this schema and just use that generated code. It allows me to modify the structure in an easy way and also makes sure there's at least some documentation (the schema) telling others about the structure. It might sound complex at first, but once you're used to this, it's perfect! No more manual editing of registry settings or forgetting about the structure of your INI files. And no more thinking about writing code to read and write those settings, since Delphi will do that for you!The Registry would also be a good location for settings but not every user will have proper access rights to read from, or write to, the registry which could crash your application. Besides, the registry has some other limitations which makes it unsuitable if you need to store a lot of settings! It would be okay to store a connection string and maybe username and encrypted password for some user account, but if you need to store 40 settings or more, then the Registry becomes unsuitable.The same is true about INI files, which tend to be limited to a maximum size of 64 kilobytes. Of course, you could also store those settings in a regular text file or just some binary file. In the past, I even stored settings inside a ZIP file, because I needed to store dozens of grid-related settings. So each grid would read and write it's settings to some binary stream which would then be stored in an encrypted ZIP file.
There are many options like XML (structured data storage), ini files (simple data), databases or flat files.
I will go for XML's saved with ClientDatasets. They allow lot of options like searching, sorting, usage of the database controls and many more.