Which cloud providers are covered by this skill?

The skill provides patterns for major providers including AWS Secrets Manager, Azure Key Vault, Google Secret Manager, and platform-native GitHub/GitLab secrets.

Does it support local development workflows?

Yes, it includes pre-commit hooks and environment variable management patterns to keep secrets secure during local development before they ever reach the pipeline.

Can this skill assist with automated secret rotation?

Yes, it includes implementation examples for automated rotation using serverless functions and manual rotation procedures for various environments.

How does this skill help prevent secret leaks?

It provides standardized patterns for using secret scanners like TruffleHog and specific guidance on masking secrets in CI/CD logs to prevent accidental exposure.

CI/CD Secrets Management

Name: CI/CD Secrets Management
Author: HermeticOrmus

byHermeticOrmus

セキュリティとテスト

Implements enterprise-grade secrets management and rotation strategies for secure CI/CD pipelines.

概要

This skill provides specialized guidance for securing sensitive credentials in automated pipelines, enabling developers to integrate robust secrets management solutions like HashiCorp Vault, AWS Secrets Manager, and native platform tools into their CI/CD workflows. It focuses on implementing least-privilege access, automated secret rotation, and proactive scanning for leaked credentials, ensuring that API keys, database passwords, and TLS certificates remain protected throughout the software development lifecycle without ever being hardcoded in source control.

主な機能

Automated secret rotation logic and implementations
Proactive secret scanning using TruffleHog and pre-commit hooks
HashiCorp Vault and AWS Secrets Manager integration patterns
0 GitHub stars
Native GitHub and GitLab CI/CD secrets configuration
Infrastructure-as-Code (Terraform) secrets management

ユースケース

Securing database credentials in production deployment pipelines
Integrating centralized secret storage with Kubernetes environments
Implementing automated rotation for high-risk cloud API keys

概要

主な機能

Automated secret rotation logic and implementations
Proactive secret scanning using TruffleHog and pre-commit hooks
HashiCorp Vault and AWS Secrets Manager integration patterns
0 GitHub stars
Native GitHub and GitLab CI/CD secrets configuration
Infrastructure-as-Code (Terraform) secrets management

ユースケース

Securing database credentials in production deployment pipelines
Integrating centralized secret storage with Kubernetes environments
Implementing automated rotation for high-risk cloud API keys