Including my own file as part of a golang GAE deployment

[Mobile Web Dev]

Hello, I want to include a binary file the contains come sensitive AES encrypted info that I do not want included in the go source.  The go server will read it and decrypt it.

How Can I deploy this app and what would the file spec look like to read it in my go server app?  I would assume something ./myfile.dat

Thanks!

[Karl MacMillan]

Can I suggest that it is not really safer to store the encrypted data on the server if the key is there as well. If your main concern is not storing the sensitive information in the source code repository you might as well make the decryption part of the build or a custom deployment script.

Karl

-- 
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-appengi...@googlegroups.com.
To post to this group, send email to google-a...@googlegroups.com.
Visit this group at http://groups.google.com/group/google-appengine.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/b706de27-da84-454e-ad56-ee2f42dd9a68%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Ryan]

Salutations!

As Karl mentioned having files in the app are not safe. One option would be to upload it to GCS bucket and setup the ACL's to protect the file. Store the Key in datastore to keep the separated.

Happy coding!

On Friday, May 15, 2015 at 2:12:11 PM UTC-4, Karl MacMillan wrote:

Can I suggest that it is not really safer to store the encrypted data on the server if the key is there as well. If your main concern is not storing the sensitive information in the source code repository you might as well make the decryption part of the build or a custom deployment script.

Karl

On May 15, 2015, at 2:07 PM, Mobile Web Dev <mmar...@arspremier.com> wrote:

Hello, I want to include a binary file the contains come sensitive AES encrypted info that I do not want included in the go source.  The go server will read it and decrypt it.

How Can I deploy this app and what would the file spec look like to read it in my go server app?  I would assume something ./myfile.dat

Thanks!

-- 
You received this message because you are subscribed to the Google Groups "Google App Engine" group.

To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsub...@googlegroups.com.
To post to this group, send email to google-appengine@googlegroups.com.