Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
x/build: build infrastructure secrets should be stored in a single secure location. #37171
Secrets required by services in the build repository do not currently have a canonical storage location. The secrets should also be encrypted and stored in a secure location which has a clear audit log of access and changes made to the secrets. We should explore the possible options for secrets management.
This change adds a package which can be used to retrieve secrets from GCP Secret Management Service. The goal of this package is to ensure that there is a simple and known way to retrieve secrets for any service housed in the build repository. This package should enable the storage of the project secrets in a single, secure location. A simple use of the package is introduced to the scaleway application. Updates golang/go#37171 Change-Id: I957afc2a8b8cede2c2eaa132513fad3fb3691867 Reviewed-on: https://go-review.googlesource.com/c/build/+/217340 Run-TryBot: Carlos Amedee <email@example.com> TryBot-Result: Gobot Gobot <firstname.lastname@example.org> Reviewed-by: Alexander Rakoczy <email@example.com>