My app uses a simple JSON config file. I could bake it into the docker image, but it has some secret information. There seem to be a couple ways I could handle this, and I wonder if there are any tradeoffs I’m missing.
It looks like the simplest would be to use the
[[files]] section of the fly configuration. Is there any problem doing this for confidential information? Based on the fact that
secret_name exists I’m guessing no.
I could also cram the whole thing (potentially base64 encoded) into a fly secret as suggested here, but that feels a bit hacky and would require changes to my docker image.
Anything I’m missing?