Can I use this with any CI/CD platform?

Yes, it provides specific implementation patterns for GitHub Actions and GitLab CI, as well as general strategies applicable to any pipeline.

How does it prevent secrets from being committed to Git?

It provides configurations for pre-commit hooks and CI/CD scanning using tools like TruffleHog to detect and block secret leaks.

Does it support local development environments?

Yes, the skill includes setup guides for local Vault development servers and environment variable masking techniques.

How does this skill help with security audits?

It implements audit logging, least-privilege access, and automated rotation patterns to ensure all secret access is traceable and temporary.

Secrets Management for CI/CD

Name: Secrets Management for CI/CD
Author: Microck

byMicrock

•

デプロイメントとDevOps

Implements secure secrets management and rotation strategies across multi-cloud CI/CD pipelines using Vault and cloud-native tools.

概要

This skill provides specialized guidance for securing sensitive credentials, API keys, and certificates within modern CI/CD workflows. It covers integration patterns for HashiCorp Vault, AWS Secrets Manager, and platform-native tools like GitHub Actions and GitLab CI, ensuring secrets are never hardcoded and follow the principle of least privilege. Users can leverage this skill to implement automated secret rotation, Kubernetes external secrets integration, and proactive secret scanning to prevent accidental exposure in source control.

主な機能

Multi-cloud secret storage integration (Vault, AWS, Azure, GCP)
Automated secret rotation patterns and Lambda implementations
Kubernetes External Secrets Operator configuration
81 GitHub stars
CI/CD pipeline configuration for GitHub and GitLab
Proactive secret scanning and leak prevention strategies

ユースケース

Integrating HashiCorp Vault with Kubernetes for dynamic secret injection
Setting up automated rotation for cloud-provider API tokens
Securely injecting database credentials into production deployment pipelines

概要

主な機能

Multi-cloud secret storage integration (Vault, AWS, Azure, GCP)
Automated secret rotation patterns and Lambda implementations
Kubernetes External Secrets Operator configuration
81 GitHub stars
CI/CD pipeline configuration for GitHub and GitLab
Proactive secret scanning and leak prevention strategies

ユースケース

Integrating HashiCorp Vault with Kubernetes for dynamic secret injection
Setting up automated rotation for cloud-provider API tokens
Securely injecting database credentials into production deployment pipelines