Separate Build And Runtime Secrets
It’s a good practice to separate the secrets you need at build time and at run time.
Here’s why:
Separating the two types of secrets minimizes the risk associated with secret exposure. Build-time secrets, if compromised, should not give access to environments or resources beyond your CI system.
Run-time secrets are often more critical as they might grant access to live databases, third-party services (Stripe), and other sensitive production resources.
Keeping them separate ensures that a compromise at one stage (build or run-time) does not automatically lead to a breach at another. And compromises do happen. CircleCI had a compromise in January 2023. Heroku had a compromise in April 2022.
Join the 80/20 DevOps Newsletter
If you're an engineering leader or developer, you should subscribe to my 80/20 DevOps Newsletter. Give me 1 minute of your day, and I'll teach you essential DevOps skills. I cover topics like Kubernetes, AWS, Infrastructure as Code, and more.
Not sure yet? Check out the archive.
Unsubscribe at any time.