It would be nice to be able to pass in the MEND_RNV_GITHUB_APP_KEY as a base64 encoded string. Since the current system is replacing returns with \n base64 would avoid the need to do much at all to it and would work in a consistent manner with how Kubernetes handles secrets.
Two solutions I could envision:
If there was a separate ENV var that could be set MEND_RNV_GITHUB_APP_KEY_B64 or something which would have a lower precedence than the regular env var.
Have a check on the original ENV var to see if the string is B64 encoded first, if this additional check is too much overhead there could be a second var to establish the check in the first place MEND_RNV_B64_KEY or similar to either force processing of the key as base64 or just to check if it is first.
This, of course, would extend to any other places where keys are sent in via an env var, I just haven't encountered them to know if there are others.
It would be nice to be able to pass in the
MEND_RNV_GITHUB_APP_KEYas a base64 encoded string. Since the current system is replacing returns with\nbase64 would avoid the need to do much at all to it and would work in a consistent manner with how Kubernetes handles secrets.Two solutions I could envision:
MEND_RNV_GITHUB_APP_KEY_B64or something which would have a lower precedence than the regular env var.MEND_RNV_B64_KEYor similar to either force processing of the key as base64 or just to check if it is first.This, of course, would extend to any other places where keys are sent in via an env var, I just haven't encountered them to know if there are others.