[SECURITY] Data Source Samples Use Environment Keys

microsoft / teams-ai

SDK focused on building AI based applications and extensions for Microsoft Teams and other Bot Framework channels

MIT License

405 stars 176 forks source link

[SECURITY] Data Source Samples Use Environment Keys #1666

Closed aacebo closed 3 months ago

aacebo commented 4 months ago

update data source samples that require user to update config.json with secrets to instead inject environment variables into default prompt using factory.

wangyuantao commented 4 months ago

FYI - different data source type has different secret name, for example, azure search using api key, but cosmos db is using connection string.

wangyuantao commented 4 months ago

Maybe there is no need to do that. Azure security requires no secret can be added into the download .zip file. we have already scrubbed the .zip. so moving secret from config.json to .env doesn't help. the developer must manually add the secrets here and there on their own after download.