You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Bombadil should support secrets for variables (example: user password in a maven setttings template) to avoid committing secret values in a dotfile repository.
Proposal :
Creating secrets :
Bombadil should have a command enabling an user to add a secret variable to a variable file.
optionally --value could be replaced by the --ask parameter and bombadil should prompt the user for the secret value
Encrypting/Decrypting
Bombadil should inspire from pass (the standard unix password manager) and use gpg to encrypt/decrypt secret
Bombadil would delegate encrypting/decrypting to gpg, this simplify greatly the management of keys etc..
When bombadil needs to encrypt/unencrypt a variable it should use the default gpg key and eventually prompt the user for the gpg key passphrase if needed.
The text was updated successfully, but these errors were encountered:
still needs to confirm this is working with pinentry (my gpg cong might be wrong) could you test this by cloning
and checking out v2.0.0-rc ? ( you might need to change your config according to the readme )
Bombadil should support secrets for variables (example: user password in a maven setttings template) to avoid committing secret values in a dotfile repository.
Proposal :
Creating secrets :
Bombadil should have a command enabling an user to add a secret variable to a variable file.
Ex:
bombadil add-secret --var-file path/to/var/file --var-name maven_password --value mypassword
optionally --value could be replaced by the --ask parameter and bombadil should prompt the user for the secret value
Encrypting/Decrypting
Bombadil should inspire from pass (the standard unix password manager) and use gpg to encrypt/decrypt secret
Bombadil would delegate encrypting/decrypting to gpg, this simplify greatly the management of keys etc..
When bombadil needs to encrypt/unencrypt a variable it should use the default gpg key and eventually prompt the user for the gpg key passphrase if needed.
The text was updated successfully, but these errors were encountered: