secret-loader provides a SecretLoader type that can load a SecretString
from an environment variable, a file, or directly as a String. The intended use case is to remove
hard-coded credentials in configuration files and replace them with hints on how an application should
load the secret instead. E.g. updating the following TOML configuration file:
[user.alice]
username = "alice"
key = "somecrazypassword"
[user.bob]
username = "bob"
key = "hello123"With the following configuration file instead:
[user.alice]
username = "alice"
key = "env:ALICE_SECRET_KEY"
[user.bob]
username = "bob"
key = "file:/home/bob/.auth_token"secret-loader currently implements the following feature flags:
| Feature Name | Description |
|---|---|
| serde | Enable automatic deserialization of a SecretLoader |
This project is available under the terms of either the Apache 2.0 license or the MIT license.
This project's documentation is adapted from The Rust Programming Language, which is available under the terms of either the Apache 2.0 license or the MIT license.