Recently while working on a project I needed a way to include secrets in my repo for local development that integrated
with my Make based build setup. I found that a nice way to do this is with the
include command in Make.
include command allows you to include external files to augment your makefile. First I created a
declared variables in it for my API keys.
1# secrets.mk 2github_access_token := 'xxxxxxxxxxxxxxxxx' 3slack_access_token := 'xxxxxxxxxxxxxxxxx'
Then in makefile I added
include secrets.mk. Don’t forget to add
secrets.mk to your
1include secrets.mk 2.PHONY: dev 3 4dev: app 5 GITHUB_ACCESS_TOKEN=$(github_access_token) \ 6 SLACK_ACCESS_TOKEN=$(slack_access_token) \ 7 ./app 8 9app: 10 go build -o app main.go
One issue with this I ran into was in my CI build I didn’t have a
secrets.mk file. Make will fail if it cannot find an
include file on disk or if it Make unable to find a rule to generate one. Luckily you can preprend a dash to the include
statement to make it optional, so the rest of your tasks that don’t require an include will still be usable.
Lastly, another neat thing about using this technique is that if an include isn’t found, Make will look for a task that
can generate it. I added a
secrets.mk task to my makefile that creates a stub include file that can get filled out with
the correct credentials if needed.
1include secrets.mk 2.PHONY: dev 3 4dev: app 5 GITHUB_ACCESS_TOKEN=$(github_access_token) \ 6 SLACK_ACCESS_TOKEN=$(slack_access_token) \ 7 ./app 8 9app: 10 go build -o app main.go 11 12secrets.mk: 13 echo "github_access_token:='xxxxxxxx'" > ./secrets.mk 14 echo "slack_access_token:='xxxxxxxxx'" >> ./secrets.mk