Add production settings
Closed this issue · 0 comments
jusjayson commented
A user shouldn't be able to hack our project INTO THE GROUND
Purpose
Our keys/secrets, allowed hosts, etc should be obscured into an env/gitlab ci for production.
Functionality
Description
Sensitive settings (i.e., DB password, DJANGO secret key, etc) should be obscured into the following
- Gitlab project variables
- In local dev, a common default can be used due to low security concerns
Affects: Where will this change?
- This will change production. We'll need to obscure keys from our builds using something like gitlab file vars.
Pros/Cons
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.