1464
submitted 8 months ago by mino@lemmy.ml to c/programmerhumor@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] PowerCrazy@lemmy.ml 16 points 8 months ago

Self-approval leads to a road of sadness. For example, a theoretical company needs to self-renew an ssl cert. No problem, the cert will be stored with the rest of the secrets and retrieved in a secure way on deployment. Unfortunately if you don't store the cert key in a secure way, the deployment still works fine and you don't need to figure out the "onerous" encryption process.

So you push the private key to the company git repo, and then deploy the cert! Done and Done.

[-] mundane@feddit.nu 7 points 8 months ago

We have well established ways to deal with secrets. Also, everyone is responsible enough to not self approve changes where they do things they are uncertain of.

[-] rwhitisissle@lemmy.ml 0 points 8 months ago

If you don't establish an encryption mechanism for secrets that allows for automatic, in memory decryption on deployment from the start of your project, then your project is run by incompetent developers/ops specialists/architects/management/etc. and deserves to fail.

this post was submitted on 28 Feb 2024
1464 points (99.7% liked)

Programmer Humor

32503 readers
496 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS