Credentials

It’s always a good idea to store general configuration separately from sensetive information, like usernames and password. On the one hand, it’s good from security perspective, on the other hand it allows creating common check definitions.

Plain YAML storage

Kibitzr loads arbitrary data structures from kibitzr-creds.yml and makes it available inside transforms, fetchers and notifies through creds variable. It’s not the most secure way of storing passwords. The good idea is to make it accessible only by owner:

$ chmod 600 kibitzr-creds.yml

While it does not feel safe to store bank accounts this way, it’s a good fit for API keys (like Telegram, or Slack).

System Keyring

All modern operating systems provide some form of secure credentials storage. But they usually require additional configuration.

Kibitzr provides access to keyrings through python keyring. To enable, install Kibitzr extension kibitzr-keyring:

$ pip install kibitzr-keyring

And follow the keyring instructions.

Once configured, keyring values will be available in creds.keyring dictionary.