Credentials¶
It’s always a good idea to store general configuration separately from sensetive information, like usernames and password. On the one hand, it’s good from security perspective, on the other hand it allows creating common check definitions.
Plain YAML storage¶
Kibitzr loads arbitrary data structures from kibitzr-creds.yml
and makes it available inside transforms, fetchers and notifies through creds
variable.
It’s not the most secure way of storing passwords.
The good idea is to make it accessible only by owner:
$ chmod 600 kibitzr-creds.yml
While it does not feel safe to store bank accounts this way, it’s a good fit for API keys (like Telegram, or Slack).
System Keyring¶
All modern operating systems provide some form of secure credentials storage. But they usually require additional configuration.
Kibitzr provides access to keyrings through python keyring. To enable, install Kibitzr extension kibitzr-keyring:
$ pip install kibitzr-keyring
And follow the keyring instructions.
Once configured, keyring values will be available in creds.keyring
dictionary.