Closed mi-wood closed 5 years ago
Hi there! Hope you're doing great.
Please, correct me if I got it wrong, but I don't believe you need a secret DB (if you're concerned only about sharing passwords and access keys - .pem
files).
In my current project, we currently use git-crypt
as a solution for sharing sensitive information such as passwords and access keys in a secure way.
All the passwords are checked in with the code, but they're under a gpg encrypted directory.
Please, take a look at the documentation: https://github.com/AGWA/git-crypt
It basically consists in a trusted team member signing a gpg key to allow someone else to decrypt the files.
Hope it helps :)
Thanks @juliofarah! I'll take a look into when I get a chance!
There is something kinda similar to this in Rails 5.1, but I'm not sure if that covers the whole set of secrets/passwords you're referring to, @mi-wood.
http://edgeguides.rubyonrails.org/5_1_release_notes.html#encrypted-secrets
There's now an even newer way to do this in Rails 5.2. See: https://edgeguides.rubyonrails.org/5_2_release_notes.html#credentials
Also there is a guide explaining this new feature: https://edgeguides.rubyonrails.org/security.html#custom-credentials
Another way to do this is to just send them to each person via secure messaging. Things off the top of my head:
(If we want to be a bit more lax about security and opt for convenience, we could just send them over private messaging, whether it be on Slack, facebook, twitter, etc. I feel like we are not a big target for being hacked, realistically. But the "secure" options here seem somehow more diligent and purpose-appropriate choices for sharing secret info.)
In any case, I think we need a secure (or at very least private or one-to-one) messaging service to deliver the decryption key if we use one of the "store the keys, encrypted, in plain sight in your repo" approaches. So we will need private/secure messaging to do any suggestion given so far in this issues thread. Edit: or sign everyone up with a Gnu Privacy Guard (gpg) identity, as one option for the git-crypt
solution mentioned above.
An FYI on this, since I did this. I have a family plan for 1password and shared a vault with @tkwidmer. This should suffice for the time being. I think they recently introduced some sort of plan for nonprofits/charities, so if we ever need to upgrade we can look into that.
Relatedly, we could set up a "Heroku Team" to share access to the Heroku instance, if need be. Seems very similar to "Organizations" here on GitHub.
@DeeDeeG We're using this currently. The transition is what deleted the DB awhile back 😬
If GitHub had a shocked/horrified emoji reaction, this would be the time I'd press it.
Welp.
We should look into using a shared secret DB for some of our administrative keys. For accounts that allow multi-user access (ex. heroku) we should use that and make sure at least a few users have access to it. Otherwise, we should have somewhere to grab credentials from.