How should secrets be stored?

[devSarry]

Hey I would like to test out your work. It looks like a great base for a project I want to create. I was wondering how should the the secrets be store in github?

Should they be something like SECRETS_ENV:

BOOTSTRAP_USER="value"
BOOTSTRAP_PASSWORD="value"

OR

BOOTSTRAP_USER="value";"BOOTSTRAP_PASSWORD="value"

[devSarry]

So it's the first one.

One thing I've noticed. Looking through the commits you used to have it where the variables were explicitly defined instead of just one secrets object. It's just my 2 cents but I think it probably better that way. In the current implementation the value of the SECRETS_ENV is hidden and can't be edited, only replaced. So inspecting the the code is the only way to see what variables are supposed to be in secrets but you can never check if you have anything defined for them.

[aniongithub]

That's a great point. I'll add a bit that prints all the defined names (and names only) of the secrets as part of execution so it's clear to the user which ones are defined. The values, of course are secrets and shouldn't be printed. Would that help?

The reason I put it all into one file was for easy management as well as to simplify the scripts themselves.

[devSarry]

Yea I understand why. It simplifies the action script. Printing out the set variables in secrets would definitely help. Thats a great idea.