We are using blackbox to probe both internal and external URL’s. To probe the external URL’s we need to go through a company proxy, meaning we need to expose the proxy credentials in the blackbox modules configuration file. Some endpoints also utilize other type of credentials for authentication like certificates.
Currently I have configured the blackbox component to use a CONFIG_FILE. The proxy details are in this module configuration file.
Problem is that this configuration will expose the credentials so I’m wondering if there is a way to utilize remote.vault - Hashicorp in combination with the Blackbox component to hide the secrets? Should I move to in-line configuration (assuming Blackbox module would resolve the remote.vault references) ? Or will Alloy be able to resolve any remote.vault references in the blackbox module configuration file as well?