Mosh says not to store secrets in EVs (EV section @ 1:55) .
In his Node course he says not to store secrets in config files but rather in EVs.
Where to store secrets if not in EVs?
Thank you
Hi,
That depends.
What is sure is you never put them in repos.
The thing is when you start a docker container providing variables in the command line, modern terminals keep an history of that. It is not encrypted.
You’d better use Dockerfile or Docker Compose files IMHO and apply the necessary security on those items.
With cloud you could also use something such as Azure KeyVault to manage any kind of secrets.
1 Like
Thanks for the input! I’ll look into that.