New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add SecretStdin to Container.WithExec options #7229
Comments
I typically trust ENV vars for secrets. This is how I use them secret := dag.SetSecret()
ctr.
WithSecretVariable("mysupersecret", secret).
WithExec(
[]string{"sh", "-c", "helm login --username foo --password $mysupersecret"}
) You can also clean up the env var after the Fix for docs here - #7232 |
This is why I don't like private conversations, but it's my fault this time. 😄 That's what I ended up doing here: https://github.com/sagikazarmark/daggerverse/pull/78/files#diff-beaf12926edc465430f49c65836319776edbc52ad35bb38065b8df5bdf2bf301R138-R162 |
What are you trying to do?
Pass a
Secret
to a commands stdin (without having to resolve it first):Why is this important to you?
Passing secrets to commands in plaintext isn't particularly safe. Although the documentation says that logs are scrubbed from secrets, who knows...
How are you currently working around this?
I'm passing the secret to the command as plaintext 🙈
The text was updated successfully, but these errors were encountered: