-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path64c3ea7c.43f1dca1.js
1 lines (1 loc) · 3.43 KB
/
64c3ea7c.43f1dca1.js
1
"use strict";(self.webpackChunkadminforth=self.webpackChunkadminforth||[]).push([[863],{6583:(e,t,o)=>{o.r(t),o.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>n,toc:()=>l});var n=o(521),s=o(4848),a=o(8453);const r={slug:"how-i-opensourced-my-secret-tokens",title:"How I Open-Sourced My Secret Access Tokens from GitHub, Slack, and NPM \u2014 and Who Actually Cares",authors:"ivanb"},i=void 0,c={authorsImageUrls:[void 0]},l=[];function u(e){const t={a:"a",code:"code",p:"p",...(0,a.R)(),...e.components};return(0,s.jsxs)(s.Fragment,{children:[(0,s.jsxs)(t.p,{children:["Our framework has a CI pipeline that runs ",(0,s.jsx)(t.code,{children:"npm run build"}),", publishes the package to NPM (",(0,s.jsx)(t.code,{children:"npm publish"}),"), and creates a new release on GitHub. It also sends a notification about the release to a Slack webhook for our team."]}),"\n",(0,s.jsx)(t.p,{children:"Secrets for these services were stored in our CI\u2019s built-in Vault (we are running a self-hosted Woodpecker CI)."}),"\n",(0,s.jsxs)(t.p,{children:["Recently, while moving plugins to separate repositories, I decided to try ",(0,s.jsx)(t.a,{href:"https://infisical.com/",children:"Infisical"})," for centralized secrets management instead of the internal CI Vault. Infisical provides a self-hosted open-source solution, has a well-organized UI, and offers better access control than our CI Vault. It was important to me that I could reuse secrets across different repositories without copying them every time I created a new plugin."]}),"\n",(0,s.jsx)(t.p,{children:"Here\u2019s what I did:"})]})}function d(e={}){const{wrapper:t}={...(0,a.R)(),...e.components};return t?(0,s.jsx)(t,{...e,children:(0,s.jsx)(u,{...e})}):u(e)}},8453:(e,t,o)=>{o.d(t,{R:()=>r,x:()=>i});var n=o(6540);const s={},a=n.createContext(s);function r(e){const t=n.useContext(a);return n.useMemo((function(){return"function"==typeof e?e(t):{...t,...e}}),[t,e])}function i(e){let t;return t=e.disableParentContext?"function"==typeof e.components?e.components(s):e.components||s:r(e.components),n.createElement(a.Provider,{value:t},e.children)}},521:e=>{e.exports=JSON.parse('{"permalink":"/blog/how-i-opensourced-my-secret-tokens","source":"@site/blog/2025-01-24-how-i-published-token/index.md","title":"How I Open-Sourced My Secret Access Tokens from GitHub, Slack, and NPM \u2014 and Who Actually Cares","description":"Our framework has a CI pipeline that runs npm run build, publishes the package to NPM (npm publish), and creates a new release on GitHub. It also sends a notification about the release to a Slack webhook for our team.","date":"2025-01-24T00:00:00.000Z","tags":[],"readingTime":4.34,"hasTruncateMarker":true,"authors":[{"name":"Ivan Borshchov","title":"Maintainer of AdminForth","url":"https://github.com/ivictbor","imageURL":"https://avatars.githubusercontent.com/u/1838656?v=4","key":"ivanb","page":null}],"frontMatter":{"slug":"how-i-opensourced-my-secret-tokens","title":"How I Open-Sourced My Secret Access Tokens from GitHub, Slack, and NPM \u2014 and Who Actually Cares","authors":"ivanb"},"unlisted":false,"prevItem":{"title":"IaaC Simplified: Automating EC2 Deployments with GitHub Actions, Terraform, Docker & Distribution Registry","permalink":"/blog/compose-ec2-deployment-github-actions-registry"},"nextItem":{"title":"Why manual Release Notes and Versions are a chaos and how to fix it","permalink":"/blog/why-manual-release-notes-and-versions-are-a-chaos-and-how-to-fix-it"}}')}}]);