Open jackreimers opened 1 year ago
jackreimers
commented
1 year ago As per my discussion with @brydeno we are going to leave the GPT API key and database connection string as is because this would be better done as an infrastructure as code deployment and there is no secret data in the database or API key.
matt-goldman
commented
1 year ago Hi @jackreimers and @brydeno - I disagree about this:
there is no secret data in the database or API key.
While this is true for now, we are locking the GPT4 API key behind an authentication wall. It may not necessarily protect secret data, but it has a cost implication that needs to be protected.
I do agree with this:
this would be better done as an infrastructure as code deployment
Does that not mean that's what we should do, rather than leaving things as they are?
jackreimers
commented
1 year ago As per my conversation with @calumjs we are going to prioritise getting Identity Server implemented and come back to this at a later date.
matt-goldman
commented
1 year ago 
bradystroud
commented
1 year ago @jackreimers any update? This ones getting stale...
jackreimers
commented
1 year ago @bradystroud this will be resolved by https://github.com/SSWConsulting/SSW.Rules.GPT/issues/32 which is currently blocked
Cc: @matt-goldman
Hi
Pain
Currently there are secrets being stored in appsettings.json and in configuration variables in Azure. This is making setup of development environments confusing and means secrets are stored in the incorrect place.
Suggested Solution
Remove the secrets from appsettings.json and have them stored in secrets.json instead. Any secrets in Azure config variables should be moved to Key Vault or Connection Strings. The GitHub action to deploy to Azure should deploy the secrets to KeyVault.
Tasks
Acceptance Criteria
There should be no secrets stored outside of secrets.json in the project and they should be properly stored in Azure.
Thanks!