Changing Secret - Procedure needs to be documented

Question

Changing Secret - Procedure needs to be documented

franck-boullier opened this issue 5 years ago · comments

The Problem:

As described in #894 (comment), changing a secret across the env amongst the frontend, backend and the all the lambdas presents a lot of challenges and it would take quite some work to automate.

We need to make sure that if we have to change a secret (ex: API_ACCESS_TOKEN) this is properly documented to make sure that everything will be working as expected

Kai Hendry · Answer 1 · Mon Feb 10 2020 09:31:58 GMT+0800 (China Standard Time)

I think the solution is to simply do a tagged release if you want to update the env variables.

I.e. travis on a tagged release does a {dev,demo,prod} deploy via https://github.com/unee-t/frontend/blob/master/deploy.sh since the script fetches all the env afresh from ssm when it's run.