[yocto] Best practices for tokens/passwords that can't be versioned
Alan Martinovic
alan.martinovic at senic.com
Tue Dec 11 03:55:05 PST 2018
Hi,
am looking for opinions on how to deal with recipes that depend on file content
that can't be versioned.
i.e.
The logging service on the embedded device needs to have a certain
private key or
token to work correctly.
But due to security reasons that file can't be versioned with the layer.
The best I came up with so far is to tie the recipe with an existence of an
env variable. If the variable isn't present the recipe fails if it is,
it's content
gets redirected to the correct file.
Seems like conf/local.conf could also offer a solution given that it's
a temporary
thing (per build setup), but didn't yet figure out a good mechanism.
Be Well,
Alan
More information about the yocto
mailing list