Read environment variables to overwrite yaml configuration
ipfans opened this issue · comments
Thanks for your good toolkit. I have a scenario to use god
in Github Action
as a CD pipeline. In this scenario, the creds(netrc/ssh_key, etc) save into YAML are not secure.
One idea is to allow reading YAML settings from environment variables. So that we can store those creds in settings. How about this feature? I think it can extend the scenario which can use god
.
Yes, it is a good idea.
@ipfans for now I think to allow to store only the netrc_password
on an env variable. For example, if the option netrc_password
is not set on the YAML file, God tries to read the password (or token) from the environment variable NETRC_PASSWORD
. What do you think?
@pioz host
, user
, netrc_login
, and netrc_password
are the same important to hide(information leaks to social engineering). Other parameters are OK to expose.
@ipfans I've added the option to override the YAML conf with env variables like describes here https://github.com/pioz/god#override-yaml-configuration-options-with-env-variables
Let me know if this solves the issue. 🙏🏻
I think that's OK to me. Thanks🙏