lastpass or 1password instead of secrets repo?

[Trott]

Comment from @mmarchini in the #nodejs-dev channel of the OpenJS Foundation Slack while troubleshooting the bot/token issue that is keeping the commit queue from working:

I would love to see us moving out of nodejs-private/secrets and into 1password/lastpass for credentials

Thoughts?

[bnb]

Happy to help get the TSC more set up with the Enterprise 1Password org that they comped for us if that'd be helpful.

[AshCripps]

The only hurdle I can think off is the fact our ansible scripts use the secret repo on your local machine to add the jenkins secret to the machine when configuring the agent. WIll we be able to use 1password or lastpass for that?

[targos]

1Password has a feature for using secrets in automation https://1password.com/secrets/ That said, it doesn't necessarily have to be "password manager instead of secrets repo". Both could be kept for different needs.

[mmarchini]

Also, I was thinking more for account access (GitHub account for our bot, account for cloud providers, etc.) than for ssh access.

[jbergstroem]

I'd love 1P too - I use it for everything

[github-actions[bot]]

This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made.