- Deployment to production is from CircleCI.
- The deployment command is configured in
circle.yml
, which is checked into the repo and cannot contain any secrets. - CircleCI can have env vars configured
circle.yml
is passed throughERB
[check], so we can add secret parameters to the deployment command using erb, e.g.foreplay deploy production -u <%= ENV['DEPLOYMENT_USERNAME'] %> -p <%= ENV['DEPLOYMENT_PASSWORD'] %>
- The secret credentials can be used to connect to a remote service and download the remainder of the production secrets.
- The secrets can be included in the
.env
file created by Foreplay and become part of the production runtime environment.
Last active
August 29, 2015 14:19
-
-
Save dominicsayers/82d24afa05f92b02e3f4 to your computer and use it in GitHub Desktop.
Production credentials
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Need to choose a default remote service: SFTP? S3? Postgresql?
Need to hack Foreplay to connect and download from the service.