Cloud 9 IDE and hiding secrets

I’ve using Cloud 9 IDE and one thing that has cropped up is the need to hide sensitive information in public work spaces.

If you are unsure of what Cloud 9 IDE is, it’s a browser based Integrated Development Environment. It’s great for things like node apps and it has a few templates for things like Ruby on Rails, Node C/C++, etc… Head over to http://c9.io for more details.

The other great thing is that all projects have a terminal that adds a great deal of flexibility when coding.

I was trying to hide the API key and secret to the data store in one of my Node projects and because the projects on C9 are public workspaces other people can potentially see what you have written in your code.node

The first thing I tried was to add an environment variable from the shell. This did add the variable but for some reason it wasn’t exposed in node through ‘process.env’ and the more i searched the less i found.

Not to be disappointed I looked through my C9 project and I found an area called Run & Debug and in there I was able to create different run profiles. Each of these profiles had an option to add command line arguments. After a bit of reading i found that these arguments are exposed in Node through the ‘process.argv’ array. Not ideal but it works.

C9 Cmd Line Arg

demo image

In this example environment the argument was at index 2 in the array but this may vary in other environments. I did get a friend to log into their Cloud 9 account and see if they could see the run profiles and she couldn’t see it.

I’m not sure if this is the best way to do this and I would love to know if anyone else has found a better way to hide sensitive information in Cloud 9 IDE public work spaces.

Enjoy

Edit – Try to be an optimist

After a bit more reading I found a popular node module called optimist. It hashes the options you pass in the command line. So now you can just pass in whatever key & value into the Cmd Line Args.

Have a look at the examples

Advertisements

5 thoughts on “Cloud 9 IDE and hiding secrets

    • Went ahead and tested this myself and it appears that configurations are visible to anyone with Read/Write privileges on a workspace but will not be visible to users who only have Read access to the project.

    • Hi Brian, I haven’t used Cloud 9 in about 3-4 months (working on other projects that i can’t build with Cloud9). You were right in your comments below, those that have privileges on the work space can see those arguments.

      However you mention Cloud9 is supporting environment variables now, thats huge, I’ll have to check it out now. Thanks for the heads up :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s