Separate Build And Runtime Secrets
It’s a good practice to separate the secrets you need at build time and at run time.
Here’s why:
Separating the two types of secrets minimizes the risk associated with secret exposure. Build-time secrets, if compromised, should not give access to environments or resources beyond your CI system.
Run-time secrets are often more critical as they might grant access to live databases, third-party services (Stripe), and other sensitive production resources.
Keeping them separate ensures that a compromise at one stage (build or run-time) does not automatically lead to a breach at another. And compromises do happen. CircleCI had a compromise in January 2023. Heroku had a compromise in April 2022.
Master GitHub Actions with a Senior Infrastructure Engineer
As a senior staff infrastructure engineer, I share exclusive, behind-the-scenes insights that you won't find anywhere else. Get the strategies and techniques I've used to save companies $500k in CI costs and transform teams with GitOps best practices—delivered straight to your inbox.
Not sure yet? Check out the archive.
Unsubscribe at any time.