Should the installer write connection strings to appsettings.<environment>.json instead of appsettings.json by default?

[JasonElkin]

If you install Umbraco without providing a connection string, Umbraco will write one to appsettings.json *.

When you're running the site in development mode, this is almost never the desired outcome. The correct place in that scenario would always be appsettings.Development.json.

---

As a bit of an aside.

* This is actually not true. Umbraco will write the connection string to the first JsonConfigurationProvider it finds... that's usually appsettings.json, but it doesn't have to be! Consider this:

builder.Configuration.Sources.Insert(0, new JsonConfigurationSource() { Path = "my-custom-config-file.json" });

Now Umbraco's going to write the connection string to my-custom-config-file.json instead.

---

In .NET, configuration sources are processed in order, with latter sources overriding previously defined values. Since connection strings are almost always environment specific it makes more sense for the connection string to exist in the last JsonConfigurationProvider instead.

In a default Umbraco install that would be appsettings.Development.json, when running locally but could easily be appsettings.Local.json, some-other-file.json - this makes sense as it's targeting the most specific config file instead of the least. It also means that not every config file has to provide an overriding value.

When running in production using the last source will still mean connection strings get written to appsettings.json by default (since appsettings.Production.json doesn't exist OOtB). But this makes more sense as changes made in production generally won't make it back into source control anyway.

So, my proposal is that we simply reverse the list of configuration providers when saving connection strings - i.e.configurationRoot.Providers.Reverse() before writing the config.

I'm not sure if other config should also be environment specific, but IConfigManipulator already splits out configuring redirect tracking and global id so that could still target appsettings.json by default.

Also, SaveConfigValueAsync should probably have an overload that lets you pick the specific JsonConfigurationProvider to write to.

EDIT:

There's a PR that goes some way towards fixing this, but not quite all the way: #20321

I would expect my-custom-config.Local.json, i.e. the last in my list of JsonConfigurationProviders to be the most specific environment, so I'd expect the connection string to be written to this.

[glombek]

I like this. This change would encourage better secret-keeping practice and help prevent accidental secret exposure.

[callumbwhyte]

Also + 1 for this. I even have a PR that could use some help from someone to get finished / mergeable... #20321

Great minds all, we should work together or something

[naepalm]

I also like this idea. It's too easy to forget to remove your connection string on install and move it to secrets or Development settings, so I think this just adds a nice extra layer of security to take away one more decision from the decision-making tree we all go through 😉