From 169320528515d4bbb702d7b09bbdd66d236c9313 Mon Sep 17 00:00:00 2001 From: Jan Timpe Date: Mon, 3 Jun 2024 15:04:44 -0400 Subject: [PATCH] update env config to include secret key management --- .../004-configuration-by-environment-variable.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/Technical-Documentation/Architecture-Decision-Record/004-configuration-by-environment-variable.md b/docs/Technical-Documentation/Architecture-Decision-Record/004-configuration-by-environment-variable.md index dbd6920c1..95c1a4604 100644 --- a/docs/Technical-Documentation/Architecture-Decision-Record/004-configuration-by-environment-variable.md +++ b/docs/Technical-Documentation/Architecture-Decision-Record/004-configuration-by-environment-variable.md @@ -9,9 +9,11 @@ Accepted Applications need to be configured differently depending on where they are running. For example, the backend running locally will have different configuration then the backend running in production. +Further, environment variables can be designated "secret" or not; the term "secret key" is often used in place of secret environment variables. Secret keys are sometimes (but not always) shared between different deployment environments, which makes it useful to have a central "single source of truth" where a secret key can be kept and copied out to different environments. CircleCI solves this use case for us, allowing secret keys to be managed by the project's Environment Variables, and accessed in the deployment process to write to cloud.gov applications. + ## Decision -We will use environment variables to configure applications. +We will use environment variables to configure applications. We will use Environment Variables in CircleCI to store and manage secret keys. ## Consequences