Symfony, how can I make the credential from an in_memory provider private in a public code base?

Question

I setup a Symfony project to use some credential from an in_memory provider:

providers:
    in_memory:
        memory:
            users:
                user1:
                    password: password1
                    roles: 'ROLE1'

Now the code for this application is going to be released on github and I obviously want to keep the credentials private.

Is there a way to load this configurations from a different (non-versioned) file? I'm looking for a solution that allows me to edit the code as little as possible and, if possible, to avoid changing the security provider used.

score 5 · Accepted Answer · answered Apr 07 '17 at 09:56

5

You can define your password as Parameter

In your security.yml :

providers:
    in_memory:
        memory:
            users:
                user1:
                    password: "%your_parameter_key%"
                    roles: 'ROLE1'

In your parameters.yml :

parameters:
    your_parameter_key: your_secret_password

Usually, parameters.yml should be ignored by GIT.

answered Apr 07 '17 at 09:56

scoolnico

3,055
14
24

And that's it! Thank you very much. – heapOverflow Apr 07 '17 at 10:03

Symfony, how can I make the credential from an in_memory provider private in a public code base?

1 Answers1