> 1. They're stored right next to variables like PATH,
So what? If the problem is that people might accidentally log secrets then the problem is not env variables.
> 2. They'll get printed any time someone writes a shell script
The set -x flag is a debugging flag to print out traces of a shell script being executed. This flag is disabled by default. Why is this far-fetched example being used to justify not using env variables?
> 3. They'll probably end up in your developers' ~/.profile or ~/.bashrc,
No, they don't. With containers you may launch devel env variables some way or another (env files, setting up the IDE, setting env variables manually) but at most they are a part of a testing config. The env variables used in production are handled by the deployment.
Even if you're able to sniff a env variable used in development, that has nothing to do with the production service.
> 4. Because they'll be in ~/.profile or similar, the secret will be in a file on disk anyway
This complaint makes no sense at all. No container orchestration system stores env variables in ~/.profile although their containers use env variables For secrets extensively. The container orchestration service provides secret-management services, including setting up the env your containers are launched, and all you need to care about is that your container needs to accept certain env variables that you will use on your app.
Even if you deploy services on bare metal, you should still use env variables for config and secrets, but you need to be able to manage secrets and rotate keys with a non-pet method.
> So I can understand why people might end up stuck with environment variables despite their downsides.
I'm sorry but you failed to both present any downside of using secrets and point out any scenario from the real world. I mean, anyone who ever read any intro tutorial on how to deploy a system is well-aware that you should not store passwords and keys and secrets in plain-text files. That has nothing to do with using env variables at all. In fact, all your examples are entirely oblivious to the standard workflow of deploying a service, moreso if it involves a container orchestration system.
So if the examples don't have any relation with basic practices and real-world workflows, why should anyone avoid using a best-practice?
So what? If the problem is that people might accidentally log secrets then the problem is not env variables.
> 2. They'll get printed any time someone writes a shell script
The set -x flag is a debugging flag to print out traces of a shell script being executed. This flag is disabled by default. Why is this far-fetched example being used to justify not using env variables?
> 3. They'll probably end up in your developers' ~/.profile or ~/.bashrc,
No, they don't. With containers you may launch devel env variables some way or another (env files, setting up the IDE, setting env variables manually) but at most they are a part of a testing config. The env variables used in production are handled by the deployment.
Even if you're able to sniff a env variable used in development, that has nothing to do with the production service.
> 4. Because they'll be in ~/.profile or similar, the secret will be in a file on disk anyway
This complaint makes no sense at all. No container orchestration system stores env variables in ~/.profile although their containers use env variables For secrets extensively. The container orchestration service provides secret-management services, including setting up the env your containers are launched, and all you need to care about is that your container needs to accept certain env variables that you will use on your app.
Even if you deploy services on bare metal, you should still use env variables for config and secrets, but you need to be able to manage secrets and rotate keys with a non-pet method.
> So I can understand why people might end up stuck with environment variables despite their downsides.
I'm sorry but you failed to both present any downside of using secrets and point out any scenario from the real world. I mean, anyone who ever read any intro tutorial on how to deploy a system is well-aware that you should not store passwords and keys and secrets in plain-text files. That has nothing to do with using env variables at all. In fact, all your examples are entirely oblivious to the standard workflow of deploying a service, moreso if it involves a container orchestration system.
So if the examples don't have any relation with basic practices and real-world workflows, why should anyone avoid using a best-practice?