-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve README and website on where secrets are stored #298
Comments
Ah, I see. "Below the fold" (i.e. after the first page) https://www.dotenv.org/docs/quickstart talks about an encrypted .env.vault file and an encryption key that gets set in Heroku. This still doesn't answer my questions about what encryption is used, but does simplify/negate the rest of my concerns. |
We're working on clarifying this. There has been so much that has changed with the introduction of the .env.vault file a few months ago that we're way behind on this. The short of it for those reading (until we make clearer across all docs) is:
|
I think it's pretty important to be VERY clear and explicit about where secrets are stored and how.
This project's README, tutorials and guides are very keen to focus on how easy using dotenv-vault is, but I think this has lead to understating the work that dotenv-vault does for us.
It would be great to see the docs updated with:
The tutorial/guide does mention that it's set up with Heroku, but this doesn't seem to be required, so it sounds like there is a 3rd party store for the secrets.
I'd love to learn more
The text was updated successfully, but these errors were encountered: