Closed Mr0grog closed 4 years ago
@ibuys any thoughts on this?
My first thought is that Github allows unlimited free private repos now, we could set one up for runbooks.
If we do that, we probably need to do a serious permissions audit first. I’m a little unsure this org is ever going to be a particularly secure place for sensitive info, though :\
Then again, maybe this is just another instance of: put most stuff in public on GitHub, put all secrets in Keybase.
Then again, maybe this is just another instance of: put most stuff in public on GitHub, put all secrets in Keybase.
From my perspective, that approach has served us well. And I like the idea of keeping our procedures public on principle.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in seven days if no further activity occurs. If it should not be closed, please comment! Thank you for your contributions.
Since this sue was created, we’ve also made a private git repo on Keybase for secrets. We should probably continue to be we that as a more organized place for any especially sensitive docs.
I need to follow up on this, especially since my availability for this projects will be lessening soon.
This was done in #36.
There are some manual processes we regularly do that aren’t just deploying software. For example: https://github.com/edgi-govdata-archiving/web-monitoring/issues/130
It would be good to have somewhere clear to document these things; probably in this repo, but maybe it needs to be somewhere more private where we can share more sensitive info, like IP addresses, port numbers, keys, etc.