I am trying to generate schema for my prisma data model while at the same time using secrets to restrict prisma access. After running prisma delete
and prisma deploy
, I run the command graphql get-schema -p prisma
and get the following error message:
✖ prisma/prisma.yml could not be found.
Is there something wrong I am doing in my .graphqlconfig
or how I am listing my prisma.yml? Thanks.
.graphqlconfig:
{
"projects": {
"prisma": {
"schemaPath": "generated/prisma.graphql",
"extensions": {
"prisma": "prisma/prisma.yml",
"endpoints": {
"default": "http://localhost:4466"
}
}
}
}
}
prisma/prisma.yml:
endpoint: http://localhost:4466
datamodel: datamodel.prisma
secret: 'secretFoo'
index.js:
import http from 'http';
import express from 'express';
import { ApolloServer } from 'apollo-server-express';
import resolvers from './resolvers';
import schema from './generated/prisma.graphql';
import { Prisma } from 'prisma-binding';
const prisma = new Prisma({
endpoint: 'http://localhost:4466',
secret: 'secretFoo',
typeDefs: 'server/generated/prisma.graphql',
});
const server = new ApolloServer({
context: {
prisma,
},
resolvers,
typeDefs: schema,
});
const app = express();
server.applyMiddleware({ app });
const PORT = 5000;
const httpServer = http.createServer(app);
server.installSubscriptionHandlers(httpServer);
httpServer.listen(PORT, () => {
console.log(`Server ready at http://localhost:${PORT}${server.graphqlPath}`);
console.log(`Subscriptions ready at ws://localhost:${PORT}${server.subscriptionsPath}`);
});
if (module.hot) {
module.hot.accept();
module.hot.dispose(() => server.stop());
}
You can generate a schema directly from your
prisma.yml
file, by adding the following to the file:Then you can refer your
.graphqlconfig
to the generated file:You would generally restrict access to the management functionality of your endpoint through the Prisma docker-compose file (
managementApiSecret
inPRISMA_CONFIG
). Then when you run commands likeprisma deploy
you would need to pass the appropriate environment variables through either the--env-file
flag, or by having a dotenv file in the root of your application's directory (you also need thedotenv
package installed inpackage.json
.Another way to secure your endpoint is to disable the GraphQL Playground altogether. I believe Apollo Server does this automatically when
NODE_ENV
is set to production, although you can do it explicitly with:I'm sorry, I don't think this directly answered your question, but it may assist either way.