Mark single variable as sensitive
We have defined a rule, that only our Ops team can see ProductionTest and Production environment and this gives a bunch of headaches.
- Not being able to define global variables
- Forgetting to set dependent variables i ProdTest and Prod
- Not being able to see non-sensitive variables in ProdTest and Prod
- Overhead for Ops, setting up non-sensitive variables
Suggestion: Add the possibility to mark a single variable as sensitive.
This is done in Octopus 2.0
We're going to implement something like this in Octopus 2.0. You'll be able to mark a variable as "secure". A secure variable can only be written - the value can be set, but you won't be able to see it in the UI or via the API, even for admins, and the value will be encrypted in our DB.
Jasper Nygaard commented
Just saw another side effect yesterday, when troubleshooting another teams setup.
- Developers get frustrated and avoid using octopus variables and use postdeploy.ps1 to switch configuration options between environments :(