Cloud 9 IDE and hiding secrets

I’ve using Cloud 9 IDE and one thing that has cropped up is the need to hide sensitive information in public work spaces.

If you are unsure of what Cloud 9 IDE is, it’s a browser based Integrated Development Environment. It’s great for things like node apps and it has a few templates for things like Ruby on Rails, Node C/C++, etc… Head over to http://c9.io for more details.

The other great thing is that all projects have a terminal that adds a great deal of flexibility when coding.

I was trying to hide the API key and secret to the data store in one of my Node projects and because the projects on C9 are public workspaces other people can potentially see what you have written in your code.node

The first thing I tried was to add an environment variable from the shell. This did add the variable but for some reason it wasn’t exposed in node through ‘process.env’ and the more i searched the less i found.

Not to be disappointed I looked through my C9 project and I found an area called Run & Debug and in there I was able to create different run profiles. Each of these profiles had an option to add command line arguments. After a bit of reading i found that these arguments are exposed in Node through the ‘process.argv’ array. Not ideal but it works.

C9 Cmd Line Arg

demo image

In this example environment the argument was at index 2 in the array but this may vary in other environments. I did get a friend to log into their Cloud 9 account and see if they could see the run profiles and she couldn’t see it.

I’m not sure if this is the best way to do this and I would love to know if anyone else has found a better way to hide sensitive information in Cloud 9 IDE public work spaces.

Enjoy

Edit – Try to be an optimist

After a bit more reading I found a popular node module called optimist. It hashes the options you pass in the command line. So now you can just pass in whatever key & value into the Cmd Line Args.

Have a look at the examples

Advertisements

Single Page Apps

I mentioned in a previous post about single page apps and how Mikito Takada put the idea of views being objects and not templates in my head. Well I thought I would share the link that very briefly mentions this and a few other concepts. The video is called Adventures in Single Page Apps.

Takada explains how the traditional world of MVC based applications doesn’t entirely fit the bill for the single page app world when it comes to code reuse and testing. He introduces a few concepts here that are very interesting and make sense to me but I need to read a bit more into this to see if it’s practical.

I might also add this video is in the realm of ajax based web applications with heavy use of Javascript and Javascript based frameworks like node.js and backbone.js.

Its an interesting video and some of what is talked about make sense, just some more investigation on practicality needs to done in my view.

Anyhoo enjoy.