I am trying to go deeper with Sequelize and especially using migration. But, I can’t imagine that the documentation requires that we use a json file to put database info. So, my question is, "how can this be possible when I am using Git and GiHub for my project?" If I decide to ignore the file, how can my colleagues get to know about the exact structure I am using? Or am I missing something? Should you share your exact workflow for Sequelize, Postgress and Git?
Question posted in PostgreSQL
The official documentation can be found here.
The official documentation can be found here.
2
Answers
I finally find what I was looking for, so I don't know any other way to share it if not with this answer box.
I got inspiration from this answer
babel-register
as dev dependencyrequire
it in.sequelizerc
cjs
format. It's a commonJS file ext.Yes, it is normal to put your database info in either a json or js file, for better and improved security you should pull your database configurations from a .env file or from ENV Variables on your server. i.e instead of:
You should have something like this in your config file:
Notice that your username and password now come from process.env.
You will then have to create a .env file that will contain all sensitive information like passwords and this file you will have to add to .gitignore and never commit it to git. Read more about env files here.
When sharing your code to github, you include your config.json/config.js file but your colleagues or potential hackers won’t know the username, password or any database configurations and this is done on purpose to avoid having sensitive information like passwords in your code.
The database configuration will then have to be shared with them separately or can only exist on one of your servers as ENV Variables.