Connection string data should always be removed of obfuscated in source control. There are many approaches to accommodating this. Scott Hanselmann has a great post on this. Azure makes this even easier if you’re hosting a web app that’s referencing a database somewhere.
To enable simply click on the web app in question through the Azure dashboard. Click on the “Configure” tab and look for the “Connection Strings” section about 3 quarters down. In the “NAME” enter the name of your connection and in the “VALUE” enter the connection string. So for example in my web.config I have the following:
<connectionStrings> <add name="DB_Dev" connectionString="Server=tcp:mydbserver.database.windows.net,1433;Database=mydatabase;User Id=Bob;Password=mysecretpassword;Encrypt=True;TrustServerCertificate=False;" /> </connectionStrings>
This then appears in Azure config as follows:
I can then change my local dev config settings to whatever local dev instance I’m working on.