As @nibblebit@programming.dev said you can use multiple configuration providers. We usually have local appsettings.json
files, even per machine appsettings.<HOSTNAME>.json
and then use Environment Variables that are stored in a vault for the production environment. We add the appsettings.<HOSTNAME>.json
files to .gitignore
so that they don't get checked in.
var env = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
configuration.AddJsonFile($"appsettings.{env}.json", optional: true, reloadOnChange: true);
configuration.AddJsonFile($"appsettings.{Environment.MachineName}.json", optional: true, reloadOnChange: true);
configuration.AddEnvironmentVariables();
Then you can provide the secrets as environment variables in the form of DATA__ConnectionString