Can I use this with GitHub Actions?

Absolutely, it provides specific YAML templates for importing, masking, and utilizing secrets securely within GitHub Actions and GitLab CI jobs.

Does this skill help with secret scanning?

Yes, it includes implementation patterns for tools like TruffleHog to detect secrets in your codebase and block insecure commits.

How does it handle secret rotation?

The skill provides automation patterns using AWS Lambda and manual workflow processes to ensure credentials are updated regularly without causing application downtime.

Which cloud providers are supported?

The skill covers major platforms including AWS Secrets Manager, Azure Key Vault, and Google Secret Manager, along with third-party tools like HashiCorp Vault.

Secrets Management for CI/CD

Name: Secrets Management for CI/CD
Author: HermeticOrmus

byHermeticOrmus

보안 및 테스팅

Secures sensitive credentials and automates secret rotation within CI/CD pipelines using industry-standard tools and cloud services.

소개

This skill provides comprehensive guidance and implementation patterns for securing sensitive information within automated pipelines. It covers the integration of enterprise-grade tools like HashiCorp Vault and cloud-native services like AWS Secrets Manager, ensuring that API keys, database credentials, and certificates are never hardcoded. By offering ready-to-use configurations for GitHub Actions, GitLab CI, and Kubernetes, it helps teams implement automated secret rotation, secret scanning, and least-privilege access to minimize security risks in production environments.

주요 기능

Pre-configured CI/CD workflows for GitHub Actions and GitLab CI
0 GitHub stars
Secret scanning implementation using tools like TruffleHog
Automated secret rotation patterns to reduce credential exposure
Kubernetes integration via External Secrets Operator
Multi-provider integration for HashiCorp Vault, AWS, Azure, and Google Cloud

사용 사례

Automating the rotation of TLS certificates and API keys
Securing database credentials in high-scale production deployments
Implementing secret scanning to prevent accidental credential leakage

소개

주요 기능

Pre-configured CI/CD workflows for GitHub Actions and GitLab CI
0 GitHub stars
Secret scanning implementation using tools like TruffleHog
Automated secret rotation patterns to reduce credential exposure
Kubernetes integration via External Secrets Operator
Multi-provider integration for HashiCorp Vault, AWS, Azure, and Google Cloud

사용 사례

Automating the rotation of TLS certificates and API keys
Securing database credentials in high-scale production deployments
Implementing secret scanning to prevent accidental credential leakage