Overview
Protecting sensitive values before storing them.
Definition
Protecting sensitive values before storing them.
Real-world example
API_KEY is stored encrypted in the control-plane database and decrypted only when starting the container, never returned in full via the API.
Common mistake
Putting secrets in docker-compose.yml committed to Git instead of platform secret storage.
Better-PaaS in practice
Mark env vars as secret in the UI. They are redacted in API JSON responses.
FAQ
Is secret encryption only relevant to Better-PaaS?
No. secret encryption appears across Docker, cloud platforms, and self-hosted tooling. Better-PaaS exposes the concept in deploy logs, dashboard fields, or docs when it affects your app.