You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, it appears that shiny-server wipes most environmental variables, according to this old thread. The thread pointed to a discussion in which the solution was to write the environmental variables (potentially sensitive secrets) in a file in the docker container, which I thought was a big security risk.
For the sake of security when developers deploy shiny apps with shiny-server, it would be great to have specific docs on how to deal with environmental variables and secrets handling. At least, I cannot find an such info in the docs.
The text was updated successfully, but these errors were encountered:
Mount the secret as a volume in the Cloud Run service rather than expose it as an environment variable
Read the mounted secret into my app and use it
So, if I have a secret MY_SECRET, I might mount it to secret/MY_SECRET, and I use R's readLines("/secret/MY_SECRET") to access it from my shiny app.
I also use the {config} R package to facilitate switching between dev and prod environments. I specify the R_CONFIG_ACTIVE variable in a .Renviron file that I copy into the Docker container.
I imagine AWS and Azure can do the same thing, but I'm not familiar with the names of their services.
I'm trying to run shiny-server within a docker container. For example:
However, it appears that shiny-server wipes most environmental variables, according to this old thread. The thread pointed to a discussion in which the solution was to write the environmental variables (potentially sensitive secrets) in a file in the docker container, which I thought was a big security risk.
For the sake of security when developers deploy shiny apps with shiny-server, it would be great to have specific docs on how to deal with environmental variables and secrets handling. At least, I cannot find an such info in the docs.
The text was updated successfully, but these errors were encountered: