Move all credentials to db and have pbot pull creds from there #40

mhijazi1 · 2017-02-16T04:02:26Z

Currently all creds are pulled from env variables/files on the instance running pantherbot. This should be changed. Pantherbot should only need to pull one set of creds for the DB, connect to the db, and pull all creds needed from there.

Create DB table
Load Creds into DB (This needs to be done by an admin)
Pull Necessary Creds from DB
Have DB creds pulled from env variable
Set DB cred env variable in aws (this needs to be done by @mhijazi1)

ferrerluis · 2017-02-28T17:19:26Z

Even better @mhijazi1! What if you keep a .env.enc file with all credentials committed in the repo, then a single env variable to decrypt the file. This "master key" can then be shared across maintainers and injected in the instances that run Pbot.

Thoughts?

ferrerluis · 2017-02-28T17:20:33Z

In fact, Rails 5.1 included this sort of behavior in the framework. I know this is not Rails, but we could do something similar!

http://weblog.rubyonrails.org/2017/2/23/Rails-5-1-beta1/

mhijazi1 added the Enhancement label Feb 16, 2017

mhijazi1 self-assigned this Feb 16, 2017

mhijazi1 removed their assignment Feb 2, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Move all credentials to db and have pbot pull creds from there #40

Move all credentials to db and have pbot pull creds from there #40

mhijazi1 commented Feb 16, 2017

ferrerluis commented Feb 28, 2017

ferrerluis commented Feb 28, 2017

Move all credentials to db and have pbot pull creds from there #40

Move all credentials to db and have pbot pull creds from there #40

Comments

mhijazi1 commented Feb 16, 2017

ferrerluis commented Feb 28, 2017

ferrerluis commented Feb 28, 2017