Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding the cd workflow to generate releases #218

Closed
wants to merge 1 commit into from
Closed

Conversation

jespino
Copy link
Member

@jespino jespino commented Jul 5, 2024

Description

This is a good practice to generate releases including environment variables like the RUDDER URL/KEY

@jespino jespino requested a review from crspeller July 5, 2024 09:23
@crspeller crspeller requested a review from phoinixgrr July 8, 2024 15:40
@crspeller
Copy link
Member

@jespino Is there some context to this change?
Asking for a review from @phoinixgrr since he has been working on the CI/CD for plugins.

@jespino
Copy link
Member Author

jespino commented Jul 8, 2024

@crspeller the idea is to be able to generate release through the standard CI and automatically set the environment variables for the production rudder whenever the telemetry PR is merged.

Copy link
Contributor

@phoinixgrr phoinixgrr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is no need for this workflow. The release process for mattermost-plugin-ai is migrated with #197

Documentation on how to release: https://github.com/mattermost/mattermost-plugin-ai?tab=readme-ov-file#how-to-release

@jespino
Copy link
Member Author

jespino commented Jul 11, 2024

@phoinixgrr so... how do you recommend to include the RUDDER key for the AI plugin? i has been added to other plugins/projects using a CI secret. How would you apply that secret here?

@phoinixgrr
Copy link
Contributor

phoinixgrr commented Jul 11, 2024

@jespino I would highly recommend against hardcoding the key directly into the code. Instead, consider injecting the key at runtime, although I am not sure if that's feasible in this situation. We need to understand the specifics.

Configuration settings, including keys, should be stored in the environment(injected during runtime) rather than within the code. You can refer to The Twelve-Factor App methodology for more details on best practices for configuration management.

Moreover security wise, if the Key is burned into the code, the key can be extracted with a tool like Ghidra or strings linux command.

Let's discuss this further, to find the best way to approach this problem.

cc: @saturninoabril

@jespino
Copy link
Member Author

jespino commented Jul 11, 2024

Following a different path for this

@jespino jespino closed this Jul 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants