Deploy Bot

[NishkarshRaj]

Deploy the bot so that it is always running and does not need manual execution.

[kudoabhijeet]

Which cloud platform would you recommend?

[NishkarshRaj]

@kudoabhijeet AWS for two reasons

1. We get free credits for AWS with our PRO Git tag due to our college ID
2. AWS is compatible to be automated with GitHub Actions.

If you guys complete the code for the bot with access keys here (Ik thats not recommended but we have to) I can help setup actions for this repo.

[kudoabhijeet]

For Access keys, we can export keys from a virtual env such as EC2 instance and receive them in configuration file in the repo. Please revert if it is feasible. @NishkarshRaj @MonitK

[MonitK]

@kudoabhijeet yes it is doable, but I think instance that you launch for bot, might use up entire free credits. There has to be an alternative way to do it.

[NishkarshRaj]

The easiest way to make keys secure and the best way to do so here would be to encrypt them.
Let's take it to the next step #DevSecOps
Store the encrypted keys in a file in same directory as the source code and whenever the bot is running, it would first fetch them via file handling (create function 1) and then decrypt it (create function 2).
Only the bot must be deployed on the cloud. As @MonitK said, keys should not be.
Only executables and applications to be deployed.

[kudoabhijeet]

Got it!. We decrypt the keys after fetching it from an encrypted file and then pass it to the OAuthHandler. Am I going in the right direction? @NishkarshRaj @MonitK :)
#DevSecOps

[NishkarshRaj]

Yes @kudoabhijeet you are!
But make sure you don't hard carry the project. DevOps means collaboration. Ask others to help as well or else even if we build an excellent project, it won't be considered as a DevOps project :(

[kudoabhijeet]

Okay! :)

[kshitizsaini113]

The encryption program for the bot is complete and a pull request is generated for the same.
You may have a look @NishkarshRaj @MonitK