Managing Secrets

In modern software engineering, most software being authored deals with some static or dynamic configuration that can be regarded as a “secret”. Secrets are any piece of information that your software relies on for operation but that which you would not want made publicly available. An example of application secrets would be credentials for accessing an external service, such as a payment processing gateway, or a cloud storage bucket.

Secrets should NEVER be committed to any source control system!

If you need help managing secrets for your project or need access to the Vaults, please reach out in Slack in #eng-devops.

Adding secrets to your project

  1. Create the secrets in the Dev Vault.
    • For garden environments, you'll add the values to garden.env. These will populate variables that can be used to configure your workloads.
  2. In your garden yaml file, reference your secrets as var.secrets.<app>.<secret_name>
    • Eg var.secrets.hitchedup.enom-api-key
Adding a New Database in Garden
Command Overview