How to use a private vcpkg registry, without hard-coding access token

[dhoesele]

Is it possible to use a private vcpkg registry, on gitlab which requires username and password or access-token, in vcpkg Manifest mode, without having to store the actual Access-Token in "vcpkg-configuration.json"?

For example, something like this Manifest file works:
{ "default-registry": { "kind": "git", "repository": "https://user:glpat-SomeTokenHere@gitlab.SomeCompany.com/path/to/vcpkg-registry.git", "baseline": "a9b8c7d6e5f4g3hi2jk1lm0no1p2q3r4st5uvwxyz" } }
But having to check in a Access-Token is not an option.

Is there a Way to use a environment variable in the Manifest file?
Something similar to this:
{ "default-registry": { "kind": "git", "repository": "https://user:${AUTH_TOKEN}@gitlab.SomeCompany.com/path/to/vcpkg-registry.git", "baseline": "a9b8c7d6e5f4g3hi2jk1lm0no1p2q3r4st5uvwxyz" } }

[ethanmusser]

I would like clarification on this as well. Integration with PATs should not require modifying the portfile or the vcpkg configuration to contain the token.