Don't allow secrets passed on the CLI

giantswarm / prometheus-pingdom-exporter

prometheus-pingdom-exporter exports Pingdom metrics to Prometheus

https://giantswarm.io

Apache License 2.0

50 stars 46 forks source link

Don't allow secrets passed on the CLI #25

Open svenstaro opened 4 years ago

svenstaro commented 4 years ago

You currently allow for passing secrets on the CLI like so:

prometheus-pingdom-exporter server <USERNAME> <PASSWORD> <API-KEY>

This is insecure as other users can see this in ps aux. You should strongly prefer passing this as env vars instead which others users can't see as easily.