Deploying Phoenix app directly to Fly from an open-source repo: a security concern?


I am making an open-source Phoenix/Elixir text adventure bot for the people and I just wanna deploy it to Fly directly from the open-source repo via Github actions, with Fly.toml etc publicly visible; is there any reason I shouldn’t do this?

Does public knowledge of the contents of a Fly.toml for Elixir/Phx open our app up to any vulnerabilities?

Thanks y’all!

1 Like

As long as you don’t put secrets as environment variables you should be good!

My open source Phoenix app has its toml displayed too:

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.