Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've been reading "The Twelve-Factor App" today, which goes even farther and suggests a strict separation of code and config[1]. In which case, presumably, all of these settings:

    config.action_mailer.smtp_settings = {
      address: "smtp.gmail.com",
      port: 587,
      domain: "example.com",
      authentication: "plain",
      enable_starttls_auto: true,
      user_name: ENV["GMAIL_USERNAME"],
      password: ENV["GMAIL_PASSWORD"]
    }
would be stored outside the codebase, not just the username and password. This seems to be accomplished with a tool like Foreman[2], mentioned at the end of OP under "Other Approaches".

It's more work to set up, but does seem like it would be more reliable than your method. I like the idea of deploying an app anywhere without modifying code (only config details, stored separately). I've yet to work on a large SaaS app, but am studying the 12-factor manifesto to try to implement as much of it as possible when I do.

[1] http://www.12factor.net/config

[2] https://github.com/ddollar/foreman



I read the "Twelve Factor" article you linked to and .. well, I just disagree.

> A litmus test for whether an app has all config correctly factored out of the code is whether the codebase could be made open source at any moment, without compromising any credentials

This to me is a totally arbitrary and kind of silly "test". When was the last time you had to suddenly open-source an app you were working on? Never, right? Me neither. Why would I go to all this work to keep it "instant open-source ready"?

> As the project grows further, developers may add their own special environments like joes-staging, resulting in a combinatorial explosion of config

As a senior rails dev + team leader, the way I'd handle this is to tell "joe" not to commit his local junk to the repo. Otherwise I have never seen this "explosion" happen. I would certainly not go to all this effort - and introduce all this complexity - to work around what I consider to be an educational issue.

The whole 12-factor config thing just comes across as premature optimisation. If you actually find yourself having a problem that putting config in environment variables would fix - then fine, implement it. But no-one should be doing it up front. 99% of the time, you ain't gonna need it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: