Suppose you are building a NextJS project. The project needs to use access credentials to third-party data services, both during the build (for fetching and rendering static content) and also post-build in an SSR deployment (for fetching and rendering dynamic content).
Different branches of the project need to use different access credentials. Specifically, the production branch needs to access data in a production repository, while other branches use data from a staging repository.
Non-production branches should not be able to access the production repository, and vice versa.
Currently, to my knowledge, the only way to provide secrets to Netlify build/SSR processes is through the Netlify environment variables - but unfortunately this doesn’t distinguish between different branches/environments.
Previously I have used a similar feature on a different hosting service, and it would be great to have it on Netlify too.