0

I'm getting started with angular 2/4/io. I'm using an API and therefore have a secret API key. I wonder what's the best way to hide such sensitive information so it is not tracked by Git anyhow.

As far as I know, there is no such feature in the framework, like a config.local.json or so, that would be ignored by default.

There is the src/environments folder, but it doesn't have a smart/composable set of config files either, and I guess I don't want to mess with the Angular default behavior to load environment files. (seems overkill)

So, I was thinking about either make my own config.local.json file in src/app. Or somehow modify webpack to inject the variables at the right place, but once again it seems to be a lot of work and I don't want to eject webpack for this.

So, what would you recommend? I guess the manual config file is the most straight-forward and simplest way, except if I'm missing something.

Vadorequest
  • 16,593
  • 24
  • 118
  • 215

1 Answers1

0

My solution so far was to create in src/app a config.json, a config.local.json (.gitignored) and a config.interface.ts

export interface Config {
  apiKey: string;
}

Then, simply load the config by merging both files.

const config: Config = Object.assign({}, require('./config.json'), require('./config.local.json'));

I ran into Cannot find name 'require' but this solution helped me.

Vadorequest
  • 16,593
  • 24
  • 118
  • 215