Have a tod accessible docker container, where the user passes in the secrets to an env or auto create the .todconfig so it can be used in CICD piplines. At the moment, I'm writing curl requests that he the api, unless there is a better way I'm missing.