🤔 Description
...
When in use, the key store file can be used to provide values to acli.propertiesby way of substitution variables similar to the current method of referring to environment variables or other properties (i.e., using ${my.variable} syntax).
The default syntax for referring to key store values is using a variation of that the syntax of the form ${secret:my.secret} (note the addition of the secret: prefix).
...
Normally, this means that ACLI prompts you for your key store password before it continues (or reads it from stdin when not connected to a tty). You may also decide to To short-circuit the prompting behavior by setting , set the environment variable ACLI_SECURE_PROPERTIES_PASSWORD with your password as a value.
| Note |
|---|
Setting your key store password as an environment variable may or may not be appropriate, depending on your risk tolerance. Doing so is a convenience that comes at a cost of reduced security. Advantage: Disadvantage: Whether you decide this is an acceptable risk is entirely at your discretion, and depends on considerations on the threat modelling that you and your organisation use. Use this method at your own risk. |
...