aboutsummaryrefslogtreecommitdiff
path: root/README
blob: 6a93a7736819c6151ea211fd8ddcce8f5140d51c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
Bootstrap secrets management in a project.

Problem: Secrets (e.g., passowrds, API keys) get accidentaly commited and are
leaked when a repository becomes public.

Solution:

secrets.sh.example  defines variable names
secrets.sh          defines secret values
run.sh              sources secrets
.gitignore          exclude secrets.sh

Rationale
=========

People are lazy.  The less steps the better.  So, `run.sh` should create
`secrets.sh` out of `secrets.sh.example`, and nd tell the user to modify it.

This flow is simple and portable.  No unreliable dependencies like:

https://pypi.org/project/python-dotenv/  for the people that cannot use os.environ
https://www.npmjs.com/package/dotenv

People often use these tools because they don't know shell scripting.  Here's a
quick reminder

```sh
foo=somevalue
./run           # does not receive foo
foo=anothervalue ./run    # passes foo only for ./run
export foo      # mark variable for automatic export
export -n foo   # remove export mark
unset foo       # delete variable, alongside any marks

set | grep foo    # check local variables
env | grep foo    # check variables marked for automatic export to the environment of subsequently executed commands


# shell built-ins
help export
help unset

# external programs
man env

# Shell built-ins take precedence over any external program with the same name.
```

Just like the Internet, anything sensitive that git tracks is a pain to remove.
To remove it, the git history has to be rewritten.  If others had cloned the
repository they'll need to re-clone it.  And at that point, the commited secrets
are already compromised.