Nico
@coderabbit ignore
@coderabbit resolve
Hello @tvarohohlavy I really appreciate your interest to keep helping this project but the way you are doing it is not okay. First of all I would appreciate if you...
@tvarohohlavy Sorry if I came out too strong, my intention is not to dismiss any work you did here. These features are desirable and interesting for sure but I'm trying...
@tvarohohlavy Okay so let's start maybe with defining what would be the minimal version we could ship. What is your use case for this feature? Are you using secrets providers...
I understand the use case, however I have a feeling this should not be the responsibility of Zerobyte. The secret resolving and provisioning should happen outside. Having code to handle...
Okay I understand the concern about long lived secrets in env. But the secrets manager inside the container doesn't solve the issue right? You have to use a secret to...
these are valid points but these are operational benefits (rotation, revocation, finegrained access) not more secure than a plain env. I personally never have encountered such a need outside of...
You have pin pointed exactly the feature creep I want to avoid. This is a trap I've experienced many times. If we add support for 1Password and Vault, the next...
I think the MVP would look like this (let me know what you think) Each "secret" field (ie: those that are normally encrypted) can be written as `env://VAR` or `file://name`...