Y
Hacker News
new
|
ask
|
show
|
jobs
by
cpursley
27 days ago
Why are important push secrets in a dev env config? Btw humans devs make this same mistake all the time.
1 comments
digitaltrees
27 days ago
umm lots of providers have cli tools: ‘heroku run rails db:drop —-app {name}’ railway, fly.io etc. so unless you don’t ever use their cli tools locally there’s a vector. Plus CI/CD might also have credentials to do things like run migrations.
link
cpursley
26 days ago
Well that’s a developer problem, then. We use fly but prod secrets are not saved locally.
link
digitaltrees
26 days ago
So you can’t ssh into the pg or database?
link