
The Twelve-Factor App - cosmosgenius
http://12factor.net/
======
kylequest
Credentials or other secrets aren't a good idea for the environment variables.

I know I'm not the only one who thinks so... Here's what the Docker security
lead says about it: "When you store your secret keys in the environment, you
are prone to accidentally expose them"

Details are here:
[https://github.com/docker/docker/pull/9176#issuecomment-9954...](https://github.com/docker/docker/pull/9176#issuecomment-99542089)

In many cases the env vars are stored in files and those files have the same
problem regular config files have when they are checked in to a repo :-)

------
elinchrome
Is this best practices, manifesto, or both?

~~~
MCRed
None of the above, really. It's cargo cultism. It's written by the people who
implemented things that were architected by engineers, without understanding
the engineering principles behind what they did. So they try to "recreate it"
by building the equivalent of cardboard planes on the beach.

