Which cloud providers are covered by this skill?

The skill provides patterns for major providers including AWS Secrets Manager, Azure Key Vault, Google Secret Manager, and platform-native GitHub/GitLab secrets.

Does it support local development workflows?

Yes, it includes pre-commit hooks and environment variable management patterns to keep secrets secure during local development before they ever reach the pipeline.

Can this skill assist with automated secret rotation?

Yes, it includes implementation examples for automated rotation using serverless functions and manual rotation procedures for various environments.

How does this skill help prevent secret leaks?

It provides standardized patterns for using secret scanners like TruffleHog and specific guidance on masking secrets in CI/CD logs to prevent accidental exposure.

CI/CD Secrets Management

Name: CI/CD Secrets Management
Author: HermeticOrmus

byHermeticOrmus

0•

セキュリティとテスト

Implements enterprise-grade secrets management and rotation strategies for secure CI/CD pipelines.

This skill provides specialized guidance for securing sensitive credentials in automated pipelines, enabling developers to integrate robust secrets management solutions like HashiCorp Vault, AWS Secrets Manager, and native platform tools into their CI/CD workflows. It focuses on implementing least-privilege access, automated secret rotation, and proactive scanning for leaked credentials, ensuring that API keys, database passwords, and TLS certificates remain protected throughout the software development lifecycle without ever being hardcoded in source control.

主な機能

01Automated secret rotation logic and implementations

02Proactive secret scanning using TruffleHog and pre-commit hooks

03HashiCorp Vault and AWS Secrets Manager integration patterns

040 GitHub stars

05Native GitHub and GitLab CI/CD secrets configuration

06Infrastructure-as-Code (Terraform) secrets management

ユースケース

01Securing database credentials in production deployment pipelines

02Integrating centralized secret storage with Kubernetes environments

03Implementing automated rotation for high-risk cloud API keys

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/hermetic-line secrets-management

For use in Claude.ai and ChatGPT

Download Skill