From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id oKXCGvxQF2OVgwEAbAwnHQ (envelope-from ) for ; Tue, 06 Sep 2022 15:54:04 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id qLy3GvxQF2PqfAAAauVa8A (envelope-from ) for ; Tue, 06 Sep 2022 15:54:04 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 08C39241C4 for ; Tue, 6 Sep 2022 15:54:04 +0200 (CEST) Received: from localhost ([::1]:57634 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oVZ1Z-00024R-O5 for larch@yhetil.org; Tue, 06 Sep 2022 09:53:58 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:50004) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oVYTj-0001Fp-OC for emacs-orgmode@gnu.org; Tue, 06 Sep 2022 09:19:08 -0400 Received: from mail-pj1-x1034.google.com ([2607:f8b0:4864:20::1034]:35595) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oVYTh-0006o6-K1 for emacs-orgmode@gnu.org; Tue, 06 Sep 2022 09:18:59 -0400 Received: by mail-pj1-x1034.google.com with SMTP id m10-20020a17090a730a00b001fa986fd8eeso14975263pjk.0 for ; Tue, 06 Sep 2022 06:18:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:from:to:cc:subject:date; bh=GOM6PIx0kxcOFD04ZIVHLV4tF8v6VPlbIril28zbU9M=; b=SWxlo2hecpPpjS/togwtFqGFJiTq5/+RtLwawxj2TgYfAbYHE3+BG5GjUBqZbiNg1+ F9ZMex19xd0CFqx6k80Lt46JojIsPnGw5HorDRvrK+s9FrViXIXPLSJQRmKhXYYuYiE0 K2EYNvqVIlpdDWtgpToOOg8+EIQz+B2oIUmjM/7q9Bd6NDp8sUwQJDV/aLvuYSYsE3Lk 8TCLLReElIu5ebFDrKob+usboXcX+6NxZvcxNqj89IoCA4Pv9Uvu19E/HuqfLaztSpJK jc77sgPt0mO5An7vA1NfmK5k0bvLlxj6BPtDIfp54mccjzyFBVkvmJ58bC0gBtXgEhz/ UPcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:x-gm-message-state:from:to:cc:subject:date; bh=GOM6PIx0kxcOFD04ZIVHLV4tF8v6VPlbIril28zbU9M=; b=4zpG5ma1t8O6+re9utdfX1a6VByrktHKdxmYcCZRIXxaRZ1zpdyjzlAz8gsPVjPft4 LMtqXQktGzh9uCPtZt0DrNzT40MArYoySmGWDZQcp3UDOm62tZqH7Gdbsyvul/MYHAor XEK0PLNfUnP5aPIFeyZRzCOIcN7ohQmdSZDE/A7SQLigVC9PYBo7orwmzeAfWjNnixu0 qxG+Vipsz9nPPiw79TOdiIr8tqi6cboW709M7J3SzbHr76djIYkcZLUYQ/6mLbQ4I71E ayc8AQH3KGXwVGOEJvoKOhb5Zonm7PQQNp1a/xwLXrmuKaGTNg+MWYeIh4S7Pt/3C9q4 suvA== X-Gm-Message-State: ACgBeo0vcE9ud00BFQ6RqenQS0FW4/25VugMHi5mzIxFZB6FN1awreFv ZYDFS0Rw4swe+mUjGA/Skuc= X-Google-Smtp-Source: AA6agR56JCGObevM22sYitQe5O70YwgjRypSv6Y7RsxQGT8wZ0McRzYIbVkQN+nnjcMluQSBmLde1w== X-Received: by 2002:a17:903:248:b0:172:7520:db04 with SMTP id j8-20020a170903024800b001727520db04mr54427731plh.99.1662470336341; Tue, 06 Sep 2022 06:18:56 -0700 (PDT) Received: from localhost ([2409:8a70:2b2:5800:8ec6:81ff:fe70:339d]) by smtp.gmail.com with ESMTPSA id c3-20020a17090a490300b001fd803f057bsm12395333pjh.33.2022.09.06.06.18.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Sep 2022 06:18:55 -0700 (PDT) From: Ihor Radchenko To: Felix Dorner Cc: emacs-orgmode@gnu.org Subject: Re: Secrets in org-babel In-Reply-To: References: Date: Tue, 06 Sep 2022 21:19:51 +0800 Message-ID: <871qsoy70o.fsf@localhost> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=2607:f8b0:4864:20::1034; envelope-from=yantar92@gmail.com; helo=mail-pj1-x1034.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: "Emacs-orgmode" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1662472444; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=GOM6PIx0kxcOFD04ZIVHLV4tF8v6VPlbIril28zbU9M=; b=LhY/pZatXRUEInzwiVuTOUCu9Gbr2Q9Xa0WOc/bXbLd37nfn76Flkrs2l8mBk+KAon0+sc C6lh4KHTFqYeuppLEgUlmVIOgl8WzqMwleP0b82yBXIR71YI7N/6ldb4p9CUXgaxVuhGeN Zw3OTlFlou/CsnoM21hVrakyCFu53ONXbcsnVbFztQ3/B7Mfy26z9xxR7p5jOLzFg3+HQG I79fExg0/otPsWKiNq95Fo/eNId24rRTD9eURx98MO9kCxtwr1zVnTMpVEEujnGaGix6gY 3F7sB7hBLibWtK86o2UlpQTi08ADxlGRDpnkYHK2SL7Q0LMqy5XCCcJisQy0UQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1662472444; a=rsa-sha256; cv=none; b=sFRO6qSAt8CXXBtfu9v7ZtTX+Fiv5TVCaPzcsMleH/Lnz0gUvNAIXrI491RgypJeeAhPX7 P0z0TxNsW9Owpm339ByJgZZlbRMl/a1G+e5BzvdMtu5+EwTUjmHzdsXbuemKzwaz/oOCsR 3RvqfIOOwsy25AOhsA5Fy+UM/VyLNmHHOJyJ5xFIsN/STIdgPdMiJ7HDEzHVz0EEa/6RFA HXq1xPtZk3F5aoLJikQTlKjOXy/YYqzIgiwHkJx2KgS3X9psrKXriWjhZHrPUQmFj0cFyB i7YkVpcprcLBdFeUb83OtT5BEkZBQUFjyMYLH6CJKJqj9pTyHjixDXbg1M3SJQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=SWxlo2he; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -1.77 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=SWxlo2he; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 08C39241C4 X-Spam-Score: -1.77 X-Migadu-Scanner: scn1.migadu.com X-TUID: lqIjyoo10P6y Felix Dorner writes: > New org user, fascinated by org-babel, but stumbled over something I have > no good solution for: I have mostly shell blocks, and very often have to > retrieve secrets from aws secretsmanager before I can do anything useful, > e.g. query a database in several places. What I've been doing is to put the > secret retrieval into a named block and can then inject the secret into > other blocks with a parameter that calls that block. But then, the secret > value is also echoed to the messages buffer, which I'd like to avoid? I'd > also like to avoid repeating the secrets-retrieval code all over the place. > Thanks for any tips. :results none or :results silent will not echo the output. Also, you may find https://www.kpassa.me/posts/literate2/ useful. Finally, you may put your named secret block inside encrypted heading via org-crypt (https://orgmode.org/manual/Org-Crypt.html#Org-Crypt). -- Ihor Radchenko, Org mode contributor, Learn more about Org mode at https://orgmode.org/. Support Org development at https://liberapay.com/org-mode, or support my work at https://liberapay.com/yantar92