Idea
Secure app deployment requires passing some kind of secrets, let’s do it properly.
Abstract
This message will self-destruct in 5… 4… 3… Do you also sometimes feel like you’re part of a spy mission instead of a development team?
We pass on logins, passwords, private keys, API keys, and all of this requires complete secrecy. From the programmer’s laptop, through the CI process, to the production environment. Entrust your secrets to a password manager? Or maybe keep them in the repository? But how?
I’ll talk about how you can safely keep secrets together with the code, how to conveniently integrate a password manager, and when your secrets in CI are vulnerable.
And who knows? Maybe along the way, we’ll learn how to trust each other?
Previous events
Full list can be found here
Slides
pdf PL
pdf EN
interactive version