I need some pointers / guidance.
As of now, we manage config for Non-Prod [Dev, QA], Prod [Prod] in different folders - one for each of these environments.
Project 1 Dev Config QA Config Prod Config
Project 2 Dev Config QA Config Prod Config
Project 3 Dev Config QA Config Prod Config
..... .....
Issue is, even developers can access details specific to UAT and Production.
Now, imagine 100+ projects doing the same, as an option I can think of is, segregating Non-prod and prod in different hierarchy.
Dev Project 1 Project 2 Project 3 ....
QA Project 1 Project 2 Project 3 ....
Prod Project 1 Project 2 Project 3 ....
Can someone help me strategy to get above executed in GitLab? Feel free to share your thoughts, if you have some other option to go with.
Help is much appreciated. Thanks
I've shared the tried or proposed option as part of the details
There's a few options you have, and it also depends on code language you're using.
Important note: All of these are assuming no sensitive data is going into static code.
If for example you're using python, then you can leverage .env files, or config files with your format of choice. This way you can use local virtual environments for version testing and upgrades. I know Spring has some options available for you as well.
If you're looking to use directly GitLab and your code is also stored there, unless you're using GitLab as Ci/Cd only, then an option is leveraging in combination .gitlab-ci.yml and config or env files and gitlab variables. The reason for combination is based on sensitivity of each variable.
If you're using GitLab as Ci/Cd only, then you always have the option of GitLab environment variables. For each pipeline you create you can then inject and pass whatever variables you like.
Lastly, if you want to pass secrets into the ecosystem, then it's best to use the platform or pipeline dynamically generated variables. That way you never see the secrets, and your code merely becomes a pass through.