|
|
|
|
|
|
by cgdangelo
5079 days ago
|
|
|
I'm curious what kind of sensitive information you're concerned about exposing. I don't mind deploying with rsync--in fact, I'll do it quite a lot when the remote host lacks git--but I'd usually prefer to use git where possible. I typically deploy with a similar setup that you described, but instead of rsync'ing the files locally I just make a clone of the repo and serve that. Though it is another step to fetch/merge, it stops me from losing any changes that someone did to production without telling me. I only recently used Capistrano to deploy a project and it was very satisfying, so I'm gravitating towards that as my default deployment method. |
|
|
+1. Secrets should not be in your VCS repo. I'd guess the parent is talking about user/pass or pub/priv key creds.
I really wish "we" had better tools for passing around config, and secrets in particular. Chefs data bags are close, but I still don't want the master knowing my secrets.