pkl icon indicating copy to clipboard operation
pkl copied to clipboard
verified publisher icon apple

Support fetching secrets from cloud providers

Open Clebbie opened this issue 1 year ago • 1 comments

As a Developer I would like to store my application's secrets in my configuration.

I think we could add this feature with the read() interface. Supporting the cloud platforms could go a long way in making pkl the standard config language it wants to be.

i.e. read(azvault:some.vault.url)

Clebbie avatar Feb 13 '24 22:02 Clebbie

This is possible. To do this, you will need to drive Pkl execution through one of our language bindings. And, in the host language, you'll want to define a resource reader to implement reading from Vault, etc.

See:

  • https://javadocs.dev/org.pkl-lang/pkl-core/0.25.2/org/pkl/core/resource/ResourceReader.html
  • https://pkg.go.dev/github.com/apple/[email protected]/pkl#ResourceReader
  • https://github.com/apple/pkl-swift/blob/main/Sources/PklSwift/Reader.swift#L89

bioball avatar Feb 14 '24 01:02 bioball

Got it working in my go project. Ty for the documentation.

Clebbie avatar Feb 16 '24 02:02 Clebbie