...
| Code Block |
|---|
headers = {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Authorization': Bot.Bot().GetPasswordConfig("jira_authorization_secret")
}
url = Bot.Bot().GetConfig("one_app_api") + "search?username={email}"
response = requests.get(url, headers=headers) |
Pro : Very simple
con Con : password Password potentially saved in git & once you know the key, you can decrypt them
Environment Security
We can store passwords as an environment variable such as below :
| Code Block |
|---|
elastic_password = VARIABLE::varname |
Better than basic, no password will ever be visible in the backoffice and password will never be saved in git, and only accessible and editable by someone with a vm access
Azure Vault Security
We are using in this strategy an azure vault, we have a documentation page here : /wiki/spaces/DO/pages/3341090877
In our environment code, we will store the credentials using this new method so the secrets are stored in a secured azure security vault, only accessible by the bot.
| Code Block |
|---|
elastic_password = AZUREKEYVAULT::varname |