Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow for passing of user credentials in env vars. #59

Open
ColinSullivan1 opened this issue Dec 15, 2021 · 1 comment
Open

Allow for passing of user credentials in env vars. #59

ColinSullivan1 opened this issue Dec 15, 2021 · 1 comment

Comments

@ColinSullivan1
Copy link
Member

ColinSullivan1 commented Dec 15, 2021

Allow for passing private user credentials through an environment variable for operating in Kubernetes, passing to containers, etc.

e.g.
export SYS_ACCT_CREDS="eyJ0eXAiOiJqd3QiLCJhbGci...."

and optionally:

export SYS_ACCT_JWT="eyJ0eXAiOiJqd3QiLCJhbGci...."
export SYS_ACCT_SEED="SUAIBDPBAUTWCWBKIO6XHQNINK5FWJW4OHLXC3HQ2KFE4PEJUA44CNHTC4A";

This UserCredentials option is a good starting place for building callbacks that would read env vars.

/CC @davidkemper @bwerthmann

@bwerthmann
Copy link
Contributor

bwerthmann commented Mar 10, 2022

IMHO, reading secrets from the env is an anti-pattern.

risk unintentional information exposure. Shell variables are often logged, passed down to child processes, or leaked to error reporting services without your knowledge.

https://www.cloudsavvyit.com/12631/how-to-secure-sensitive-data-with-docker-compose-secrets/
https://kubernetes.io/docs/concepts/configuration/secret/

thoughts?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants