Integrate with credential-storages

[xakep666]

Currently kafkactl stores passwords (for sasl or maybe tls certs in the future) inside config file. It is not secure because passwords available for any application running from current user.
I want to discuss about integration with special credential storage. I.e. Docker uses https://github.com/docker/docker-credential-helpers to interact with keychain, wincred, etc.
I propose to use https://github.com/99designs/keyring library because it has integration with many system storages and truly cross-platform encrypted-file based storage. But kafkactl built with disabled cgo and keychain backend requires it. User can specify global storage backends settings in config.
Flow may look like this: when something requires passwords kafkactl attempts to find it by "context key" (context name+auth method type or certificate fingerprint). If credentials was not found user will be prompted for them. Credentials may be reset with commandline flag.
Any thoughs?

[d-rk]

Hi @xakep666,

generally I would appreciate this to be implemented.
But I don't want to sacrifice disabled cgo for such a small thing, because enabling cgo will probably lead to more problems when building for the different OSes/architectures.

the need for cgo in https://github.com/99designs/keyring is only for mac right? So one could live without mac support for now.
There is also https://github.com/zalando/go-keyring which supports fewer backends, but seems to work without cgo enabled.

The best option would probably be to contribute a keychain backend that does not require cgo to 99designs/keyring.
But I don't use Mac, so at least for me thats not an option.