As a developer of GC Notify, I would to be able to administer our secrets in a single location. GitHub actions secrets are not very manageable as it is impossible to see the secret value once created, and these secret changes are done out of band.
WHY are we building?
Why do we need this?
WHAT are we building?
Rework github actions workflows to have only the absolute minimum of GA secrets, and reference everything else using aws secret manager. Github Tokens and AWS Account ID's should be the only secrets github requires
VALUE created by our solution
Close to the business, what's the value?
Acceptance Criteria
Given some context, when (X) action occurs, then (Y) outcome is achieved.
[ ] Generate appropriate log messages so that executions of this feature can be tracked
[ ] Can misuse of this feature cause harm? If yes, create an alert
[ ] Update the status of related findings, insights, and hypotheses on the Research Airtable
[ ] Once change/fix/feature is implemented, link relevant Airtable records to design artifacts (Figma)
Description
As a developer of GC Notify, I would to be able to administer our secrets in a single location. GitHub actions secrets are not very manageable as it is impossible to see the secret value once created, and these secret changes are done out of band.
WHY are we building?
Why do we need this?
WHAT are we building?
Rework github actions workflows to have only the absolute minimum of GA secrets, and reference everything else using aws secret manager. Github Tokens and AWS Account ID's should be the only secrets github requires
VALUE created by our solution
Close to the business, what's the value?
Acceptance Criteria
Given some context, when (X) action occurs, then (Y) outcome is achieved.
[ ] Generate appropriate log messages so that executions of this feature can be tracked
[ ] Can misuse of this feature cause harm? If yes, create an alert
[ ] Update the status of related findings, insights, and hypotheses on the Research Airtable
[ ] Once change/fix/feature is implemented, link relevant Airtable records to design artifacts (Figma)
Privacy considerations
Security controls in place
Measuring success and metrics
QA Steps