Add creds.json.tpl file to documentation (#1554)

* Add creds.json.tpl file to documentation

* Add documentation for shell script example.

* Update documentation slightly to clarify

Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
This commit is contained in:
Jack Platten 2022-06-20 04:35:32 -07:00 committed by GitHub
parent 81d76fb164
commit 96eb56f140
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 21 additions and 1 deletions

View file

@ -0,0 +1,14 @@
{
"bind": {
"TYPE": "BIND"
},
"cloudflare": {
"TYPE": "CLOUDFLAREAPI",
"apitoken": "op://Secrets/Cloudflare DNSControl/credential",
"accountid": "op://Secrets/Cloudflare DNSControl/username"
},
"linode": {
"TYPE": "LINODE",
"token": "op://Secrets/Linode DNSControl/credential"
}
}

View file

@ -152,7 +152,7 @@ Message: `ERROR: creds.json entry ... is missing ...: ...`
However no `TYPE` subkey was found in an entry in `creds.json`.
In 3.16 forward, it is required if new-style `NewRegistrar()` or `NewDnsProvider()` was used.
In 4.0 this is required.
In 4.0 this is required.
The fix is to add a `TYPE` subkey to the `creds.json` entry.
@ -198,6 +198,12 @@ Following commands would execute a shell command:
dnscontrol preview --creds "!op inject -i creds.json.tpl"
```
This example requires the [1Password command-line tool](https://developer.1password.com/docs/cli/)
but works with any shell command that returns a properly formatted `creds.json`.
In this case, the 1Password CLI is used to inject the secrets from
a 1Password vault, rather than storing them in environment variables.
An example of a template file containing Linode and Cloudflare API credentials is available here: [creds.json.tpl-example.txt]({{ site.github.url }}/assets/creds.json.tpl-example.txt))
## Don't store secrets in a Git repo!
Do NOT store secrets in a Git repository. That is not secure. For example,