1. About the environment
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/environments?view=aspnetcore-5.0
TLDR; You can get the environment from an environment variable or the launch settings file. The latter is only used for local development.
To determine the runtime environment, ASP.NET Core reads from the following environment variables:
DOTNET_ENVIRONMENT
ASPNETCORE_ENVIRONMENT when ConfigureWebHostDefaults is called. The default ASP.NET Core web app templates call ConfigureWebHostDefaults. The ASPNETCORE_ENVIRONMENT value overrides DOTNET_ENVIRONMENT.
IHostEnvironment.EnvironmentName can be set to any value, but the following values are provided by the framework:Development : The launchSettings.json file sets ASPNETCORE_ENVIRONMENT to Development on the local machine
Staging
Production : The default if DOTNET_ENVIRONMENT and ASPNETCORE_ENVIRONMENT have not been set.
2. Settings filled
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/configuration/?view=aspnetcore-5.0
TLDR; You set the defaults and non changing values in the plain json and the overrides in the environment json, as you described.
The default JsonConfigurationProvider loads configuration in the following order:
- appsettings.json
- appsettings.Environment.json : For example, the appsettings.Production.json and appsettings.Development.json files.
The environment version of the file is loaded based on the IHostingEnvironment.EnvironmentName.
appsettings.Environment.json values override keys in appsettings.json.
3. Keep in mind
Secrets and passwords should not be stored for production environments in the configuration files.
Consider using services like key vault on azure or database encrypted configurations or build server variables that will override the environment specific secrets.