-
-
Notifications
You must be signed in to change notification settings - Fork 581
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Channel password from environment #146
Comments
What's the exact use case for this? Can you explain? |
I think @toxuin means that config can't be stored on eg. git repo because it contains a secret password. If sonic would allow you to overwrite the configuration based on environment variables, this would allow safe sharing of the config file.
then run sonic providing env. variable
Does it make sense? |
Well in our use case I was going to create a CI pipleline that would build the container with everything it needs including the configuration, but without any secrets in it, push it to Amazon ECR and then populate all the secrets right before app start on ECS. I believe other container orchestrators recommend the same or similar approach. Putting any passwords in either git or container repo feels wrong. CI is controlled by a 3rd party company where jobs are ran on shared compute resources. |
Ah, okay. That definitely makes sense then, and I agree with that use case. I'm open to PRs on this, should not be too hard / long to implement! Check the |
It would be surely a nice feature to be able to populate a Sonic Channel password from the environmental variable rather from the config file.
The text was updated successfully, but these errors were encountered: