This is exactly the functionality we’re looking for, coming from Vercel and missing their preview deployments. There are a few open pull requests with crucial functionality - being able to set the app config file, incorporating secrets, etc. Before we fork, I wanted to see if anyone from Fly was maintaining the repo and actively reviewing PR and adding features.
I’m building https://flycd.dev/ to help with the missing piece of preview deployment and all the headache that comes with it. It’s currently in private beta and will be open to the public in a few weeks.
It’s currently on public beta and you can create account and try it https://flycd.dev. Let me know if you need anything or have questions when setting up your first project over there.
Hey @pmbanugo is there a public repo for the project? I couldn’t find any mention on the site.
Glad there’s a solution for this problem but there should be some transparency if your project expects:
“Act on your behalf” rights in a private (or public) github repo
Secret storage
I’d really like to see how my secrets are being handled before I enter them on a site with no security policies or statements.
As an aside, i’ve been using DotenvVault with fly for a while now to manage my variables across environments and it has been really simple and effective.
Whatever rights it needs on GitHub, you can already see in the GitHub UI when you’re granting access to it. When in doubt, you can remove that access from GitHub when you want, and you have access to via activity history as well.
Secrets are encrypted and are not exposed via any API. You only see the keys in the UI, similar to how Fly shows it.
FlyCD is still in its early days working on making a better experience and also customer acquisition. Therefore, there’s no time at the moment to start crafting security statement and policies. You may have noticed that the docs is even a Notion doc outside the FlyCD domain. I can only tell you that the secrets are encrypted, and the project is not OSS.
It’s still early and I’m not working to get security licenses at the moment, unlike some other big products. Many of them started out small and acquired these licenses later.
If that’s not ok for you, then this isn’t the right time for you to use the product. You can check again when the product is grown to the point that I have resources to dedicate in getting security policies and licenses
Would you pay FlyCD to have such integration done for you? If you’ll pay for it, then I could consider having such integration in the platform.
Thanks for the quick reply, do you have any plans for issue tracking, handling feature requests etc?
Kind of what you’ve mentioned in your reply, how are secrets; encrypted, stored, handled. Just put down on the Notion docs somewhere.
From the user point of view, we have to trust that you as a sole actor have put the correct work into securing and handling secrets correctly.
Without mention of it anywhere in the docs, it raises the question of whether it has been thought of… to be over dramatic, the simple sentence"Your secrets are not stored as plain text on a publically accesible database" would show intent
This was for @philberryman unrelated to FlyCD ← Using Dotenv vault means you don’t have to worry about managing secrets across environments within Fly itself
I’ve thought about that but I haven’t decided yet. I’m planning to move to a different tool even for internal feature and release planning because I currently use KanbanFlow, which works for my indie and consulting projects.
I think I might use a public GitHub repo just for issue tracking for a start. I get feature request via email and just track it internally after resolving them and it works for now. I will open a private feature tracking and product roadmap to paying customers in the coming week.
I haven’t enabled payment for now, but I’m working on no-code means to collect recurring payment from customers who have requested some extra features or occasionally have issues and want me to prioritise them. These customers will pay a certain fee and get more priority than free users.
Hahah thanks for expressing your concern. I’ll make a note to add it to the docs. I still have some missing docs
I think secret handling is one of the features that took most effort to work on. I had 3 huge rewrite of that feature. I still have plans to improve the UI for managing secrets
If there are still concerns stopping you from using it, please let me know, even if some of those are features that might not be available for now.