Hi, we notice that the appsettings.secrets.json gets publish too - and deleting it cause a "ABP-LIC-0020". How to we prevent this sensitive information from deploying to our clients ? ( microsoft states that you should not use any secrets file outside the development process )
Beside, is there any documentation about how to publish abp correctly ? well the process is pretty much straight forward but the secret should not be contained in output. some advice about how to publish the migration project within the blazor project ( to prevent duplication of dll's ) and run it automaticly on blazor start would be great :)
Thanks
- ABP Framework version: v6.0.2
- UI type: Blazor
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): no
10 Answer(s)
-
0
Hi,
You can safely delete files, We don't check licenses in production
See: https://support.abp.io/QA/Questions/3999/license-error#answer-2481de64-16f7-6ff5-1166-3a077416ec17
You can see the document to know how to avoid publishing the
appsettings.secrets.json: https://learn.microsoft.com/en-us/dotnet/core/project-sdk/msbuild-props#copytopublishdirectorysome advice about how to publish the migration project within the blazor project ( to prevent duplication of dll's ) and run it automaticly on blazor start would be great :)
Are you talking about database migrations?
You can use the execute database migrations on production environments: https://docs.abp.io/en/commercial/latest/startup-templates/application/solution-structure#dbmigrator-project
-
0
the application does NOT start if you delete appsettings.secrets.json
2023-02-16 09:33:12.136 +01:00 [ERR] ABP-LIC-0020 - License code not found! Ensure that your appsettings.json or appsettings.secrets.json has "AbpLicenseCode" key with your license code. 2023-02-16 09:33:12.136 +01:00 [ERR] ABP-LIC-ERROR - License check failed for 'Volo.Abp.Identity.Pro.Domain-v6.0.2.0'.
-
0
the application does NOT start if you delete appsettings.secrets.json
We don't check licenses in production but but development
-
0
can you provide some advice what went wrong if the published release version still require the appsettings.secrets.json ? double checked our publishing routine but everything looks good.
-
0
Hi,
I think you are still running in the development environment.
You can check the Microsoft document:https://learn.microsoft.com/en-us/aspnet/core/blazor/fundamentals/environments?view=aspnetcore-7.0
-
0
AbpLicenseCode must be in your appsettings (even on production)
-
0
so you do check the license even in production - you stated you dont do this a couple of times. so this is a bug isnt it ?
-
0
Hi,
I misunderstood the message earlier.
And I ask the ABP team:
- In the development environment we will check the license online (remote license server)
- In the Production environment we will check the license offline(local)
So, the
AbpLicenseCodeneed always exists -
0
if you don't want to write the AbpLicenseCode to appsettings.secret.json there are several other ways to store this data. We are using ASP.NET Configuration so you can set it as environment variable https://learn.microsoft.com/en-us/aspnet/core/fundamentals/configuration/?view=aspnetcore-7.0
