Keeping Secrets Secret
Your secrets are in another castle, and that’s okay.
Passwords and tokens (aka secrets) are a fact of life in software development, and operating Spinnaker involves managing configs with lots and lots of secrets.
Sharing Spinnaker configs in Git repos is ideal for source control repeatability and maintainability, but risks exposing your secrets to the world without a proper secrets management solution.
With Armory Secrets Management, keep Spinnaker configuration files in source control while protecting secrets with a secret store, such as Vault.
Instead of committing your secrets in plain text to source control, Secrets Management allows you to commit only the location of a secret in a secret store to your configuration files. You can then automatically decrypt secrets at the point of use, and audit their use with your secret store’s logs.
Armory’s Secrets Management currently supports encrypted S3 Buckets and Vault.
You can read more about the Armory Secrets Management here.