What are your thoughts on having native support for secrets?
Docker has the idea of “secrets” (sensitive values that shouldn’t be passed as environment variables). A secret, say my_db_password, appears in a container as a file: /run/secrets/my_db_password.
There’s already precedent for server.system.environment, so how about a key like server.system.secret?
On startup, the secrets directory’s files would get looped, each file name would be added to the struct as a key (e.g., server.system.secret.my_db_password), which would would be set to the value of the file’s contents.
To accommodate for non-docker (legacy) contexts, there could be a setting to specify the secrets directory (a “secrets location” app-specific setting, maybe).
I originally brought this up here:
https://lucee.daemonite.io/t/how-do-we-make-configuring-lucee-rock/193/12