I have a config.json file which contains my db credentials. It has local, dev, qa and prod. Something like below:-
{
"production": {
"username": "username",
"password": "password",
"database": "dbname",
"schema": "schema",
"host": "hostname",
"dialect": "postgres",
"port": 5432,
"logging": false,
"EncryptionKey": "ekey"
},
"development": {
"username": "username",
"password": "password",
"database": "dbname",
"schema": "schema",
"host": "hostname",
"dialect": "postgres",
"port": 5432,
"logging": false,
"EncryptionKey": "ekey"
}
}
Having the credentials in plain text is a risk and I want to mitigate it. I don't want to use .gitignore or some credentials manager like AWS secret manager. Is there any other way around?