dangtony98
commented
1 year ago This is an interesting idea but definitely a big change for the codebase as we'd have to move many variables inside @binaryben
I'd have to discuss this with the team and go from there — considering many ongoing initiatives and our limited bandwidth/capacity, I wouldn't expect this for some time though. That said, I'd be happy to continue the discussion here.
Feature description
Provide a startup wizard or another option for configuring and securely storing credentials required by Infisical without requiring environment variables.
Why would it be useful?
From a marketing point of view, it's ironic that Infisical is software that advocates against storing credentials in text files and then practically[^practical] requires that as part of its' own startup process (assuming the use of Docker for sake of a simple example). Ideally, I'd expect the startup process to require me to enter the encryption key manually and everything else is stored directly in the database with the secrets for other apps.
Specifically, I am hoping to use Infisical to store credentials such as SMTP provider auth which can be used by a bad actor to phish for user credentials.
[^practical]: I could, for example, use the free tier of Infisical Cloud offering to inject the secrets. That would defeat some of the benefits of self-hosting though from my point of view. I could also write a simple script to prompt for the credentials before starting up, but it seems impractical to do at every restart when I am launching an entire system to securely store credentials.