Proposal to implement some sort of a credentials storage

[bitkidd]

Hey!

The proposal to create some sort of a credentials storage is based on the same ideas as Rails already has implemented. Link to Rails docs here.

It allows you to keep your ENV secrets safe and sound inside your git repo and never lose them. Secrets are kept in an encrypted form in a credentials file and you have only to store a key file or phrase somewhere.

What it may bring us:

• it will allow not to lose secrets when an .env file was accidentally deleted or lost
• it allows not to set all the ENV variables manually for each deployment, but to have them in a git repo, decrypted and populated to ENV on app start
• it allows to share secrets between coworkers easily without the need to transfer .env file

I am ready to help with this, the only problem is that it needs to be injected before Env provider is launched (somewhere here), so that it will be possible to overwrite values from credentials with Env variables. It is a core change, so it should be agreed by core members.

What do you think?

[aayush123]

This can prove pretty useful in autoscaling environments. Keeping env vars safely and populating them is always a headache when setting up the ASG infra