Hello!
Sorry for the delayed response.
Generally speaking, Chaos Toolkit tries to remain the declarative world. This means, all the information a Chaos Toolkit experiment requires to run should be found in the experiment file itself.
In your case, this means:
* the configuration section which contains a flat mapping of non-sensitive data
* the secrets section which contains a nested mapping of topics with sensitive data
In both cases, the value can be inlined, but in the case of the secrets, this is obviously problematic to share. The value can also be read from the environment variables of the current shell session. Finally, they can also be read from HashiCorp vault.
In both latter cases, the sensitive data is not part of the file but read during execution by the chaos toolkit command.
These key/values are then used during the experiment by the extensions that implement probes or actions against your system. Which key is taken by which extension can usually be found in the documentation. Suffice to say, keys are usually mapped directly to the function's arguments implementing the probe or action.
Hope this makes sense,
- Sylvain Hellegouarch