docs:conf:secret

Table of Contents

About

Secret are a piece of information that you don't want to be visible in clear in your code or to leak in any way (log, console, …)

The most known secret are tokens that represents a credential in order to log in to a system:

password
api key
…

To enhance secrecy you may also want to cache other information such as the location of you system (host, port,…)

Ciphered Secret Format

We support the following ciphered secret values:

Os env variable: in the conf file. ie
- ${MY_SECRET} or $SECRET
- or a template string foo${MY_SECRET}bar
Tabli Vault: Tabli encrypted value
HashiCorp Vault: vault:/path/to/secret/fieldName (Enterprise option)
For any other external vault, contact us

FAQ

Are Environment variables considered secret

Environment variables are not considered secret by default unless:

they have a encrypted value
they have in their name secret, key, password, pwd or passphrase
they are defined in the conf file as value. Example:

attribute: ${MY_SECRET}