undefined | Better HN

0 pointszdw2y ago0 comments

This is fundamentally an interface problem. As you called out Env vars are a pretty common and well supported interface, across multiple platforms.

Do you have a better option to suggest?

0 comments

2 comments · 2 top-level

lmm2y ago

Set up whatever maintains your secrets (vault?) so that it works the same way in dev, CI, and real. Have whatever manages your dev versions of services you depend on (vagrant? kubernetes-docker-whateveritisthesedays?) integrate with that so that you find your service endpoints and credentials the same way in every environment.

sevagh2y ago

No, and I don't think any CI platform deals with it in a great way. I mean that once you account for the fact that your dev team may not have access to all of the secrets, the single bash script/Makefile stops being able to shield you from the specific CI platform, and now you have to start using Jenkins secret storage, or GitHub Actions secrets, or whatever.

j / k navigate · click thread line to collapse