Configuration usually involves different application parts (such as infrastructure and security credentials) and different environments (development, production). That's why Symfony recommends that you split the application configuration into three parts.
Semantic Configuration: Don't Do It¶
Don't define a semantic dependency injection configuration for your bundles.
As explained in How to Load Service Configuration inside a Bundle article, Symfony bundles
have two choices on how to handle configuration: normal service configuration
services.yml file and semantic configuration through a special
Although semantic configuration is much more powerful and provides nice features such as configuration validation, the amount of work needed to define that configuration isn't worth it for bundles that aren't meant to be shared as third-party bundles.
Moving Sensitive Options Outside of Symfony Entirely¶
When dealing with sensitive options, like database credentials, we also recommend that you store them outside the Symfony project and make them available through environment variables. Learn how to do it in the following article: How to Set external Parameters in the Service Container.
This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.