Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So the biggest Heroku clone I can think of is Google's App Engine, and it's complicated for no reason. The most comical example is storing/accessing secrets. What should be something like `heroku config set MYSECRET=foo` is instead an entire tutorial on setting up a separate key management system and configuring GAE to use it, which cutting every corner still took me at least 2 hours.

It's like this all the way. Postgres is one click on Heroku, a miniature ordeal on GAE. Yeah I can handle it, but why. Maybe I don't have the patience and there's some light at the end of the tunnel. I thought maybe that light was gRPC, but turns out App Engine ironically can't run gRPC services.



Secrets should not be on the command line, they get logged to history. Instead should be prompted for like a password.


Only tangentially related, but if you prefix the command with a space, it doesn't get recorded to history.

    $ cd
    
    $ echo "one"
    one
    
    $  echo "two"
    two
    
    $ echo "three"
    three
    
    $ history | tail -3
    10089  cd
    10090  echo "one"
    10091  echo "three"
When you remember to do it, that is.


That is the default on many Linuxes' bashes but it's not universal and you can turn it on or off using HISTCONTROL: https://www.gnu.org/software/bash/manual/html_node/Bash-Vari...


Meanwhile, `ps` etc will still show the secret. Just do it the right way.


My former employer, a large lumbering fortune 500 trying to play in the agile pool, made extensive use of those specific features...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: