FR - export the placeholders for user/password

Hi ,

Background :- We have multiple environments and we are developing flows and once the development finishes - we send them for QA. We are using ENV variables to set the config of MSSQL node - so that the DB connection can be defined per environment without having to touch the flow itself.

While deploying to each environment , while the process of deployment is automated - what we are finding is - every time someone needs to manually insert the user/password to the mssql contrib config node. This is even if the person needs to type in {{{user}}} and {{{pass}}} - variables defined in environment.

This then creates a situation

  1. The process is not automated. A manual intervention is required before the flow becomes usable.
  2. A person who knows the flow is needed. (Deployment folks do not know the details of the flows).
  3. If now the person makes an error then a new issue arises.... making the process error prone.

We would like - if the existing node - can be enhanced - where in if the user/pass is defined to take it from env - then during export these placeholders be maintained.

So if user was defined as {{{ENV_USER}}} and password as {{{ENV_PASS}}} - the export of that flow should contain {{{ ENV_USER}}} and {{{ENV_PASS}}}.

We do not want to export the actual credential/value of those variables as that would be a security breach and also against NR principles thereby defeating the concept of credential file.

Please suggest if this can be considered. Thanks.

@SandeepA this is not a node specific thing - it is built into the core of node-red. Any node (built in or contrib) that has a field marked as a credential is currently NOT exported (for security reasons).

As far as I'm aware nodes do not accept {{{password}}} mustache style... maybe you mean ${password} environment variable style ? Or are you proposing a new style ?

The MSSQL-PLUS node has special powers permitting things like server-{{servernumber}}

but it still adheres to the credentials methods (so still wont be exported)

1 Like

Thanks Steve & @dceejay . I will try the suggestion by Nick on the original thread. That may help my case.
Original Thread -
MSSQL Plus Node - encrypt password when its an env variable - security pov?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.