Configuration management
Handle sensitive configurations
- Configuration values containing passwords or secrets should not be passed with the normal configuration.
- Sensitive data can be passed to runtime using a different TOML file, and we can prioritize it higher than the normal configuration by prefixing the file path in the
BAL_CONFIG_FILESenvironment variable. - If
Config.tomlhas sensitive configs, addConfig.tomlfile into.gitignoreto avoid accidental commits of those. - Avoid having default values for sensitive configurable values.
Have default values
When the project grows, there can be a large number of configurable variables. Without default values, it will be hard to deal with all. So have sensible default values for all non-security sensitive variables.
Bad Code
configurable int maxActiveConnections = ?;
configurable int maxIdleConnections = ?;
Good Code
configurable int maxActiveConnections = -1;
configurable int maxIdleConnections = 100;
Use descriptive names
Since the configuration variables are used to customize the program behavior, they should have unambiguous and descriptive names.
Bad Code
configurable int maxActive = -1;
configurable int maxIdle = 100;
Good Code
configurable int maxActiveConnections = -1;
configurable int maxIdleConnections = 100;