Hey @Paprikant thanks for writing this role! I'm wrapping this up into a training now and noticed that the cron job takes the password as a CLI argument.
Whenever it's running, that'll expose the database password to all users on the system. This could be fixed by serialising the database connection details to e.g. a yaml document, and then having that be the primary argument to the cron job (assuming permissions are correct on said configuration file.)
Not sure if you have bandwidth to fix this, but i wanted to raise the issue at least.
Hey @Paprikant thanks for writing this role! I'm wrapping this up into a training now and noticed that the cron job takes the password as a CLI argument.
Whenever it's running, that'll expose the database password to all users on the system. This could be fixed by serialising the database connection details to e.g. a yaml document, and then having that be the primary argument to the cron job (assuming permissions are correct on said configuration file.)
Not sure if you have bandwidth to fix this, but i wanted to raise the issue at least.