I’ve using Cloud 9 IDE and one thing that has cropped up is the need to hide sensitive information in public work spaces.
If you are unsure of what Cloud 9 IDE is, it’s a browser based Integrated Development Environment. It’s great for things like node apps and it has a few templates for things like Ruby on Rails, Node C/C++, etc… Head over to http://c9.io for more details.
The other great thing is that all projects have a terminal that adds a great deal of flexibility when coding.
I was trying to hide the API key and secret to the data store in one of my Node projects and because the projects on C9 are public workspaces other people can potentially see what you have written in your code.
The first thing I tried was to add an environment variable from the shell. This did add the variable but for some reason it wasn’t exposed in node through ‘process.env’ and the more i searched the less i found.
Not to be disappointed I looked through my C9 project and I found an area called Run & Debug and in there I was able to create different run profiles. Each of these profiles had an option to add command line arguments. After a bit of reading i found that these arguments are exposed in Node through the ‘process.argv’ array. Not ideal but it works.
In this example environment the argument was at index 2 in the array but this may vary in other environments. I did get a friend to log into their Cloud 9 account and see if they could see the run profiles and she couldn’t see it.
I’m not sure if this is the best way to do this and I would love to know if anyone else has found a better way to hide sensitive information in Cloud 9 IDE public work spaces.
Edit – Try to be an optimist
After a bit more reading I found a popular node module called optimist. It hashes the options you pass in the command line. So now you can just pass in whatever key & value into the Cmd Line Args.
Have a look at the examples
Are you still using Cloud9 and if so do you know if these are still effectively secret in the new beta version of run configurations?
Went ahead and tested this myself and it appears that configurations are visible to anyone with Read/Write privileges on a workspace but will not be visible to users who only have Read access to the project.
One last update: It looks like they are actually directly supporting environment variables in run configurations now! There’s a little tab to the side of the command line specification where you can enter them.
How good is Cloud9 IDE now :)
Hi Brian, I haven’t used Cloud 9 in about 3-4 months (working on other projects that i can’t build with Cloud9). You were right in your comments below, those that have privileges on the work space can see those arguments.
However you mention Cloud9 is supporting environment variables now, thats huge, I’ll have to check it out now. Thanks for the heads up :)