You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/articles/20260313-blog-server-hacking-part-three.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -50,7 +50,7 @@ Mismanaging secrets has always been terrible, but with the rise of malwares, and
50
50
There's usually two types of configuration: unsensitive data (identifiers, usernames, URLs without auth) and secrets, such as passwords, private keys (for asymetric algorithms), or tokens. We're interested in the latter here.
51
51
52
52
Some secrets are long or short lived. Things like OAuth2 tokens, valid for a relatively short period of time, are usually stored in application state, cache or databases, and refreshed often.
53
-
Long-lived secrets usually do not receive that much attention though, especially when you start building a service. You just put things into variable environments (either directly or through your PaaS abstraction, like `fly secrets`), and it stays there for 5 years before seeing its first-ever renewal.
53
+
Long-lived secrets usually do not receive that much attention though, especially when you start building a service. You just put things into environment variables (either directly or through your PaaS abstraction, like `fly secrets`), and it stays there for 5 years before seeing its first-ever renewal.
54
54
55
55
Let's say we need to have a couple of secret keys to deploy our app, and we want to generate a Kubernetes secret that our app will have access to.
0 commit comments