travishathaway
commented
1 year ago To accomplish this, we could use the cryptography package.
Open travishathaway opened 1 year ago
travishathaway
commented
1 year ago To accomplish this, we could use the cryptography package.
travishathaway
commented
12 months ago I think that this is issue has more-or-less resolved by the following:
https://conda-incubator.github.io/conda-auth/user/#storage-backend-unavailable
We may want to implement our own, more secure fallback storage backend in the future. But for now, I think having users optionally install the extra keyring package will suffice.
I will leave this issue open in case we decide to go this path in the future.
What is the idea?
We currently only support the keyring module as a potential storage backend. This feature adds a new storage backend which relies on the usage of environment variable values to encrypt and decrypt values.
Why is this needed?
To expand support of this plugin to server systems that might not have installed supported password managers like on desktop systems.
What should happen?
This pull request:
adds a way for us to easily add in new secret storage backends. We need to add a new backend that looks for a special environment variable value to use as a master key. This master key will then be used to encrypt and decrypt secrets.
Additional Context
No response