diff --git a/content/docs/Applications/AppSecurity.md b/content/docs/Applications/AppSecurity.md index 35a8d92..ef80efd 100644 --- a/content/docs/Applications/AppSecurity.md +++ b/content/docs/Applications/AppSecurity.md @@ -109,4 +109,4 @@ The app cannot be run until either the code change is reverted or the admin appr The following enhancements are planned for the security model -- Secrets management is planned, in such a manner that the application can request access to specific secrets. The application can use the secret but will not have direct access to the secret value, it will work with a reference to the secret key. +- For the [secrets management feature]({{< ref "/docs/configuration/secrets/" >}}), the app does not have direct access to the secret value. Apps can access any secret from the secret manager currently. An improvement planned to to allow restricting apps to specific secrets. diff --git a/content/docs/Applications/Overview.md b/content/docs/Applications/Overview.md index b82b10b..550e220 100644 --- a/content/docs/Applications/Overview.md +++ b/content/docs/Applications/Overview.md @@ -122,7 +122,7 @@ By default, apps are created with the system authentication type. System auth us To change app to be un-authenticated, add `--auth none` to the `app create` command. After an app is created, the auth type can be changed by running `app update-settings auth none /myapp`. OAuth based authentication is also supported, see [authentication]({{< ref "docs/configuration/authentication" >}}) for details. {{}} -Changes done to the app settings using the `app update` command are not staged or versioned, they apply immediately to the stage/prod/preview apps. App settings are fundamental properties of the app, like what authentication type to use, what git auth key to use etc. +Changes done to the app settings using the `app update-settings` command are not staged or versioned, they apply immediately to the stage/prod/preview apps. App settings are fundamental properties of the app, like what authentication type to use, what git auth key to use etc. -All other changes done to app metadata (like account linking, permission approval and code reload) are staged before deployment. Use the `--promote` option to promote the change after applying it on the staging app. When a promotion is done, all previously staged changes for that app are promoted, not just the most recent change. +All other changes done to app metadata (like account linking, permission approval and code reload) are staged before deployment. Use the `--promote` option on the change to promote the change immediately after applying it on the staging app. Use `app promote` command to promote later. When a promotion is done, **all** previously staged changes for that app are promoted, not just the most recent change. {{}}