Skip to content
RESN
GitHub

Secrets

List

  • AWS Tokens:
    • AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
    • Allows backend projects to access AWS resources
    • Includes S3 uploading, SQS queue, etc.
  • Cloudflare Token:
    • CLOUDFLARE_API_TOKEN
    • Allows GitHub workflow to trigger Cloudflare deployments
  • Contentful Token:
    • CONTENTFUL_ACCESS_TOKEN and CONTENTFUL_SPACE_ID
    • Allows site to access Contentful CMS privately
  • Sentry Tokens:
    • SENTRY_DSN, SENTRY_AUTH_TOKEN, SENTRY_ORG and SENTRY_PROJECT
    • Allows Sentry to report errors and automatically upload sourcemaps
  • Database URL:
    • DATABASE_URL
    • Production string contains server password
  • JWT secret:
    • JWT_SECRET
    • Random string determining JWT encoding and verification
    • If this is leaked, anyone can mimic a logged in user (bad)
  • Mailgun Tokens:
    • MAILGUN_PASSWORD
    • Used for our email service