Adding the cd workflow to generate releases #218
Conversation
|
@jespino Is there some context to this change? |
|
@crspeller the idea is to be able to generate release through the standard CI and automatically set the environment variables for the production rudder whenever the telemetry PR is merged. |
There was a problem hiding this comment.
There is no need for this workflow. The release process for mattermost-plugin-ai is migrated with #197
Documentation on how to release: https://github.com/mattermost/mattermost-plugin-ai?tab=readme-ov-file#how-to-release
|
@phoinixgrr so... how do you recommend to include the RUDDER key for the AI plugin? i has been added to other plugins/projects using a CI secret. How would you apply that secret here? |
|
@jespino I would highly recommend against hardcoding the key directly into the code. Instead, consider injecting the key at runtime, although I am not sure if that's feasible in this situation. We need to understand the specifics. Configuration settings, including keys, should be stored in the environment(injected during runtime) rather than within the code. You can refer to The Twelve-Factor App methodology for more details on best practices for configuration management. Moreover security wise, if the Key is burned into the code, the key can be extracted with a tool like Ghidra or Let's discuss this further, to find the best way to approach this problem. cc: @saturninoabril |
|
Following a different path for this |
Description
This is a good practice to generate releases including environment variables like the RUDDER URL/KEY