Very few applications make it to production without requiring at least some configuration data that is "sensitive". An application might need a password for an SMTP server, or an API key for a web service, or an encryption key for a billing gateway. In Octopus Deploy 2.0, we've added a great new way to manage these settings: sensitive variables. You can learn more about how to use this feature in the documentation page on variables.
When a variable is sensitive:
- You can never retrieve the value from the API/UI (we assume you keep your passwords somewhere else if you need them)
- The value is stored encrypted in the Octopus database
- We'll do our best to prevent the value appearing in any logs
Sensitive variables is a feature that was on our UserVoice list for quite some time, and I think it will be a very useful feature for any deployment.