Conversation
alejandroalffer
requested review from
DaniRumpi,
alejandro-nieto-git,
antoniogonzalezs,
irzinfante,
jftavira and
rober12
docs/DEVELOPER_NODE.md
Outdated
| ``` | ||
|
|
||
| ``` | ||
| truffle migrate --network alastriat INT ✘ at 00:09:05 |
There was a problem hiding this comment.
at the end of the line there is some output from the terminal
There was a problem hiding this comment.
Thanks for the feedback: fixed!
|
|
||
| These examples are based on the repository https://github.com/alastria/smart-contract-deployment: | ||
|
|
||
| ``` |
There was a problem hiding this comment.
I think it would be a good idea to put not only the configuration of the environment variables, if not indicate what changes to make in the truffle.js so that when running truffle migrate --network alastriat you get the IP of the node of the environment variable instead of the truffle.js. Don't you think @alejandroalffer ?
There was a problem hiding this comment.
Hello!
Thanks for the feedback. I personally think it's better that sensitive information is always in environment variables (...or some alternative like AWS KMS).
In other words, make sensitive information independent of code: especially when it works in different environments (development/pre-production/production...). This way we also avoid the risk of unintentionally committing sensitive information, or in order the developers do not have access to sensitive company information.
That can be easily consumed from any language, and that is easy to fix in Docker (and alternatives) and establish, for example, automatic access renewal policies, without involving the development teams,
In any case, you can always store sensitive information in a file and retrieve it in this way in truffle-config.js:
const fs = require("fs");
//const keythereum = require('keythereum');
//const HDWalletProvider = require("@truffle/hdwallet-provider");
//...
const wallet_key = fs.readFileSync(".wallet_key").toString().trim();
const node_access = fs.readFileSync(".node_access").toString().trim();
//module.exports = {
//...Where .wallet_key:
https://red-*.alastria.io/v0/94...
And .node_access (64 bytes):
ae0...
But it would be necessary to take great care of the .gitingore ;-)
jftavira
left a comment
jftavira
left a comment
There was a problem hiding this comment.
Deberíamos mencionar que "donde aparece la marca verde es dónde hay que poner el APIKey", parece obvio pero...
6 participants
Quick documentation for the use and deployment of SmartContracts in the AlastriaID development node