forge script should support loading private key from environment

[yonadaa]

Component

Forge

Describe the feature you would like

It would be useful if forge script had some way to load an account from a private key in the environment without passing the private key as a flag (similar to how using the --aws flag loads AWS_KMS_KEY_ID).

Currently a private key can be provided to forge script with the --private-key flag or by reading it in the script:

uint256 deployerPrivateKey = vm.envUint("PRIVATE_KEY");
vm.startBroadcast(deployerPrivateKey);

It is not always appropriate to use a flag because it requires manipulating the private key in the command line (as opposed to using .env). On the other hand, loading the key directly in the script limits the script to working with the private key signer.

Additional context

No response

[klkvr]

you can use --interactive for entering private key interactively without leaving it in command-line history.
also you can use foundry keystores to store arbitrary private keys in an encrypted file and simply use --account keystore_name

we could consider adding env variable or argument for private key path but imo storing plain private keys in files in working directories is an antipattern and is not more secure than having them in command line history, so not sure if we should encourage such workflows while we already have nicely-supported keystores