Does this skill help prevent secrets from being committed to Git?

Yes, it includes patterns for pre-commit hooks and CI/CD scanning using tools like TruffleHog to detect and block credentials before they are pushed to a repository.

Is it compatible with GitHub Actions?

Yes, it contains specific YAML templates for importing Vault secrets and managing native GitHub Repository and Environment secrets within your workflows.

How does it handle Kubernetes secrets?

It utilizes the External Secrets Operator pattern to securely sync secrets from external providers like Vault or AWS directly into Kubernetes Secret objects.

Which cloud providers are supported?

The skill provides implementation guidance for AWS Secrets Manager, Azure Key Vault, and Google Secret Manager, in addition to HashiCorp Vault.

Can I automate secret rotation with this skill?

Absolutely. It includes templates for automated rotation using AWS Lambda and manual rotation checklists to ensure credentials are updated regularly without downtime.

Secrets Management for CI/CD

Name: Secrets Management for CI/CD
Author: yusoofsh

byyusoofsh

0•

部署与 DevOps

Implements secure handling, storage, and rotation of sensitive credentials across major cloud providers and CI/CD platforms.

This skill provides a comprehensive framework for managing sensitive information in automated pipelines, ensuring that API keys, database passwords, and TLS certificates are never hardcoded or exposed. It offers standardized implementation patterns for industry-leading tools like HashiCorp Vault, AWS Secrets Manager, and GitHub Secrets, alongside advanced techniques for automated secret rotation and security scanning to maintain a robust security posture throughout the software development lifecycle.

主要功能

01Integration patterns for HashiCorp Vault, AWS, Azure, and Google Cloud

02Security scanning setup using TruffleHog to prevent secret leaks

03CI/CD workflow configurations for GitHub Actions and GitLab CI

040 GitHub stars

05Automated secret rotation scripts and AWS Lambda handlers

06Kubernetes integration via External Secrets Operator

使用场景

01Securing API keys within GitHub Actions and GitLab CI/CD pipelines

02Syncing cloud-based secrets to Kubernetes clusters securely

03Automating database credential rotation in production environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add yusoofsh/dotfiles secrets-management

For use in Claude.ai and ChatGPT

主要功能

01Integration patterns for HashiCorp Vault, AWS, Azure, and Google Cloud

02Security scanning setup using TruffleHog to prevent secret leaks

03CI/CD workflow configurations for GitHub Actions and GitLab CI

040 GitHub stars

05Automated secret rotation scripts and AWS Lambda handlers

06Kubernetes integration via External Secrets Operator

使用场景

01Securing API keys within GitHub Actions and GitLab CI/CD pipelines

02Syncing cloud-based secrets to Kubernetes clusters securely

03Automating database credential rotation in production environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add yusoofsh/dotfiles secrets-management

For use in Claude.ai and ChatGPT