AlexanderBand
commented
3 months ago Hi Tadas, it is not currently possible to specify the OpenID Connect client secret by environment variable. OpenID Connect was implemented with a basic feature set several years ago, so we could gain operational experience and feedback from the field.
As it stands, OpenID in Krill currently has very limited use and none of our paying customers depend on it. At this time, we do not have any plans to expand the feature set. Maintaining the robustness of the application and staying up to date with developing RPKI standards will take precedence for the forseeable future.
Hello,
Is there any way to use client_secret as environment variable? The value I want to use: https://github.com/NLnetLabs/krill/blob/0ede4730a6031ab19eacaba6d840b53d76ab6800/defaults/krill-multi-user.conf#L471 Not sure if I do not find how to use env variable, but I do not want to add secret in plaintext in my krill.conf file.
As example, if I do not want to use admin_token and write password in krill.conf, I can use KRILL_ADMIN_TOKEN as environment variable: https://github.com/NLnetLabs/krill/blob/0ede4730a6031ab19eacaba6d840b53d76ab6800/defaults/krill.conf#L128
Thanks in advance, Tadas