Secret Value

About

Secret are a piece of information that you don't want to be visible in clear in your code or to leak in any way (log, console, …)

The most known secret are tokens that represents a credential in order to log in to a system:

• password
• api key
• …

To enhance secrecy you may also want to cache other information such as the location of you system (host, port,…)

Ciphered Secret Format

We support the following ciphered secret values:

• Os env variable: in the conf file. ie
  • ${MY_SECRET} or $SECRET
  • or a template string foo${MY_SECRET}bar
• Tabli Vault: Tabli encrypted value
• HashiCorp Vault: vault:/path/to/secret/fieldName (Enterprise option)
• For any other external vault, contact us

FAQ

Are Environment variables considered secret

Environment variables are not considered secret by default unless:

• they have a encrypted value
• they have in their name secret, key, password, pwd or passphrase
• they are defined in the conf file as value. Example:

attribute: ${MY_SECRET}