nabaco
commented
4 years ago @BenjamenMeyer just to have a general understanding, can you give examples of secrets that you're talking about?
Open BenjamenMeyer opened 4 years ago
nabaco
commented
4 years ago @BenjamenMeyer just to have a general understanding, can you give examples of secrets that you're talking about?
BenjamenMeyer
commented
4 years ago @nabaco usernames and passwords for social medias accounts, master accounts for cloud infrastructure, etc
nabaco
commented
4 years ago Understood. Generally, I would strive to handle this through personal accounts that have permissions for access.
BenjamenMeyer
commented
4 years ago @nabaco yes and no. There are some accounts that will have a master shared account. We'll lock that and access through personal accounts.
LastPass provides the ability to share secrets among users. It has a free level for personal use, but nothing for open source projects.
GitHub can store encrypted secrets and limit them to collaborators; but you can't read the secret easily.
We could store some an ansible-vault in github and protect the encryption key; but that's still not very optimal.
Is anyone aware of a service for open source projects that we can use to share secrets between members?