Secure circle.yml file #2



Continuing this discussion: Secure circle.yml file

This thread seems to best encapsulate the issue and we’re now facing the same question. How can we prevent a malicious user with write access to a development branch, from accessing all the environment variables we have configured for the project (including the AWS keys we use for deploymeny to production)?