In addition to the current secret types (files and SSH/PGP keys), I would like to be able to add environment variables.
Currently, I'm putting values in a file and adding the following commands to all tasks, but this isn't very wieldy when there are many tasks in a manifest:
set +x . ~/.buildsecrets set -x
This would be a great addition, thumbs up for this from me.
Thanks for the set workaround.
Thanks for the workaround ~evhan, but native support would be really nice!
For me, I usually use an secret management CLi (e.g. Doppler, HashiCorp Vault) and drop an init script or an prepared config for these as secret as workaround.