Source control is essential for all cloud development projects, not just team environments.
- Treat automation scripts as source code and version them together with your application code.
- Never check in secrets (sensitive data such as credentials) to a source code repository.
- Azure lets you download files that contain publish settings in order to automate the creation of publish profiles. These files include user names and passwords that are authorized to manage your Azure services. If you use this method to create publish profiles, and if you check in these files to source control, anyone with access to your repository can see those user names and passwords. You can safely store the password in the publish profile itself because it's encrypted and it's in a .pubxml.user file that by default is not included in source control
- Structure your source control to enable a clean "dev-ops" workflow
No comments:
Post a Comment