The Secret Password

  • Comments posted to this topic are about the item The Secret Password

  • I thought this is why you require pull requests and peer reviews before merging into master and kicking off a ci release.

  • That doesn't necessarily have anything to do with someone using a password variable or token in the release process. They could still include steps or changes in the flow that cause issues. Or they could deploy elsewhere a specific script if the CI/CD process isn't locked down appropriately.

  • I guess you'd also need to ensure that code reviews happen and no strange code can slip through. In a program of any size, perhaps with lots of changes, this could be an issue.

    The old saying: alter 10 lines, code review is intense. Alter 1000 lines, code review is "looks good".

  • Our continuous integration process uses TeamCity / Octopus and our deployments run under the context of a domain based service account. I don't recall the password being persisted anywhere in the CI tool configuration.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply