If you develop an application that requires a bunch of config (e.g., tokens for third party dependencies like auth0, launch darkly, open telemetry, etc), database password, aws access keys, or any other type of sensitive information:
How do you share all of that config across your team? If someone new wants to contribute, how do you get them all of the secrets so they can run your app? What tools or workflow do you use to achieve this? What are your best practices so you don't have secrets everywhere?
Top comments (2)
I recommend checking out Vault. It's a great way of protecting secrets and configs. They also support dynamic secrets to keep them rotating to reduce the odds of a leak.
Currently just sharing on slack as needed (small organization helps a lot) but looking at git-secret as an alternative.
In our env files we put the variable and give it a value of 1 or 'supersecret'. Those are committed to github and anybody who needs to know the actual value requests it from the dev team lead.