i am actually eagerly waiting for someone to show the real-deal: actually everything in a github rep...

webdevver • last Tuesday at 9:42 PM • 3 replies • view on HN

i am actually eagerly waiting for someone to show the real-deal: actually everything in a github repo, including 'artfiacts', or atleast those artifacts which can't be reconstructed from the repo itself.

maybe they could be encrypted, and you could say "well its everything but the encryption key, which is owned in physical form by the CEO."

theres a lot of power i think to have everything in one place. maybe github could add the notion of private folders? but now thats ACLs... probably pushing the tool way too far.

Replies

b40d-48b2-979e • last Tuesday at 10:28 PM

    maybe they could be encrypted, and you could say "well its everything but the
    encryption key, which is owned in physical form by the CEO."

I don't see how this is any different from most projects where keys and the like are kept in some form of secrets manager (AWS services, GHA Secrets, Hashi Vault, etc.).

kittoes • yesterday at 12:29 AM

https://dev.azure.com/byteterrace/Koholint/_git/Azure.Resour...

How close do you think this is? Deploys everything but the actual backend/frontend code.

maccard • yesterday at 12:49 AM

At a previous job we put compilers and standard libraries in version control, with custom tooling to pull the right version for what you need.

We used p4 rather than git though.

alt Hacker News

Replies