Investigate age plugin-opportunities #1
Comments
stevelr
changed the title
|
I created Would love any feedback or comments if you have a chance to take a look. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are two potential age plugin opportunities:
use an age plugin that retrieves secrets from environment variables (such a plugin does not exist yet, or at least isn't listed in the plugin index on awesome-age). This would allow us to eliminate the need to write the private key to disk. To minimize risk of exposure, the secret is written with a random file name, has read access limited to the current user (or root), and the file is immediately deleted after it's used. A plugin that lets
ageread the identity from an environment variable would mitigate that risk.Could a plugin perform the 1password integration? I haven't read the plugin api so I don't know yet if it's possible or if it's a good idea.
The text was updated successfully, but these errors were encountered: