Improve Config & secrets handling #480
Description
Is your feature request related to a problem? Please describe.
Inspired by #470, Outpost should be more careful when handling sensitive values. Currently, it's quite easy to accidentally log a secret. Outpost should make it harder to make that type of mistake.
Describe the solution you'd like
I think there are 2 ideas and Outpost should consider both.
- Instead of using normal String type, Outpost should use some sort of "SensitiveString" type or applying a masker of some sort. That way, when developers add logging to a config struct with senstive values, it will not logged by default.
- Consider Config schema and evaluate whether there's a way to be more intentional about the distinction between application config which drives the behavior of Outpost vs necessary credentials.
Describe alternatives you've considered
N/A
Additional context
N/A