Hi 🙂 I'm trying to understand if/how we can use octavia in a CI/CD pipeline and I'm confused about secrets management. Reading the conversations above I understand that secrets should be stored in

~/.octavia

if running octavia locally. Are we supposed to write secrets to the same file in whatever container will run the octavia commands? The readme mentions that env vars in configuration files are expanded, but that doesn't seem to be the case. Is the doc up to date?

@Oliver Meyer the env var should be set in the

.octavia

file of your host. This reply might be helpful to you: https://airbytehq-team.slack.com/archives/C02RRUG9CP5/p1664545354460199?thread_ts=1664199840.042819&cid=C02RRUG9CP5

@Oliver Meyer you may want to look at sops - that solved this for us very well. Allows us to have our encrypted secrets checked in alongside the configs. I wrote a custom wrapper that decrypts and calls docker run with the decrypted env file.

Thanks both, we've decided to wait for the CLI to be a bit more mature before adding it to our workflows

@Oliver Meyer, Has it developed sufficiently in your opinion to warrant using it? We don't have many connections so I'm considering not using it, but would rather use if just to get off on the right foot if possible.