|
|
|
|
|
|
by Nextgrid
1612 days ago
|
|
|
CI should only have environment variables needed for testing. For building/deploying to production, it just has to push the code/package/container image, not run it, meaning it has no need for production-level credentials. CI should never ever have access to anything related to production; not just for security but also to prevent potentially bad code being run in tests from trashing production data. |
|
|