Talk:CRV2 SecDepConfig

I've put some notes in here for expansion, I realise I'm not down as the author but wanted to share some thoughts. These are sketchy notes atm but will expand.

The aim of the process is to ensure only users with required access have permission to push to production


 * Developer pushes to version control & submits pull request
 * Lead developer performs review process
 * Lead Developer pulls changes to master

Capistrano for automated deployment
 * Create capdeploy user on $evironment with write permissions on relevant directories
 * SSH key authentication only
 * Capistrano cap deploy $environment pushes to correct environment