I think I’m probably showing my native-developer origins here. No worries if this is not something you deem worth the time clarifying.
I was thinking a bit more about secrets in Fly and how they can be set via the command line, which then sets environment variables at runtime. I don’t have the best understanding why this is a good security practice. I’d love a thought or two here or in the docs on how to reason about this vs. say including secrets in a text file. Not that I’ve done this, but it appears to be possible to get env variables from a running process, so the value-add isn’t obvious on the surface to me at least.
Maybe this is just me, but I’d love to see some thoughts / religion on this to build my intuition around when I might be about to do something stupid security-wise.
I don’t doubt you guys know what you’re doing, but I don’t want to cargo cult setting some env variables without understanding the value-add. Thank you!