Skip to content

fix: move non-sensitive data out of secrets.toml - BED-8838#57

Open
StranDutton wants to merge 1 commit into
fix/0.2.12from
fix/BED-8838-split-secret-config
Open

fix: move non-sensitive data out of secrets.toml - BED-8838#57
StranDutton wants to merge 1 commit into
fix/0.2.12from
fix/BED-8838-split-secret-config

Conversation

@StranDutton

@StranDutton StranDutton commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Splits the BHE destination url out of secrets.toml and into config.toml, so that secrets.toml contains only credentials (token id and key), while config.toml holds non-sensitive config.

/resolves BED-8838

Note

This change is backward-compatible - existing collectors will still work if URL is left in secrets_<collector-name>.toml after the update. Read below to find relevant DLT documentation that confirms this behavior.

  • Updated example enterprise configs (extension-specific and general secrets.toml / config.toml) to reflect changes.
  • Updated comments in docker-compose.yml (for enterprise) to reflect changes.
  • Updated Helm README and comments related to the change
  • Also removed a stale reference to interval which needed to be removed
  • Ran locally and confirmed behavior.

DLT Config Documentation - our situation applies to rule #4.
-> Previously, we referenced the BHE URL via dlt.secrets.value - this meant that value had to be defined as an env variable or inside of secrets.toml. Because of how secret injection works, our update to now grab the URL from dlt.config.value allows DLT to search through the 2 previously mentioned places (env variables and secrets.toml) in ADDITION to config.toml. As a result, the URL can now be defined in secrets.toml or config.toml. **One caveat ** is that if URL is that, if URL defined in both files, the one in secrets.toml will take precedence after this change due to DLT's hierarchy.

@StranDutton StranDutton self-assigned this Jul 6, 2026
@StranDutton StranDutton changed the title fix: move non-sensitive data out of secrets.toml fix: move non-sensitive data out of secrets.toml - BED-8838 Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant