Configuration: How do I add basic HTTP authentication to an application?

Publicly exposed endpoints are accessible to anyone by default. If you are using one of the ContinuousPipe images for Apache or Nginx then you can enable basic auth using environment variables:

tasks:
   # ...
   deployment:
       deploy:
           # ...
           services:
               web:
                   specification:
                       environment_variables:
                           - name: AUTH_HTTP_ENABLED
                             value: true
                           - name: AUTH_HTTP_HTPASSWD
                             value: ${AUTH_HTTP_HTPASSWD}

Here the value of AUTH_HTTP_HTPASSWD is being passed in as a variable to keep it out of version control, this needs to be set on the configuration page for the flow in the ContinuousPipe console.