That's what I'm suggesting in that issue - a standard way to load them from a file while leaving them encrypted. The common practices I've seen so far with credentials in most people's build scripts involve them being in plaintext either in their environment variables or in a file. By having an very convenient way to store them properly and safely, I figure people will be encouraged to be safer.