AgentSkillsCN

secrets-management

精通Segment客户数据平台的各类模式,包括Analytics.js、服务器端追踪、基于协议的追踪计划、身份识别、目标配置,以及数据治理的最佳实践。适用于:Segment、Analytics.js、客户数据平台、CDP、追踪计划等场景。

SKILL.md
--- frontmatter
version: 4.1.0-fractal
name: secrets-management
description: Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.

Secrets Management

Secure secrets management practices for CI/CD pipelines using Vault, AWS Secrets Manager, and other tools.

Purpose

Implement secure secrets management in CI/CD pipelines without hardcoding sensitive information.

Use this skill when

  • Store API keys and credentials
  • Manage database passwords
  • Handle TLS certificates
  • Rotate secrets automatically
  • Implement least-privilege access

Do not use this skill when

  • You plan to hardcode secrets in source control
  • You cannot secure access to the secrets backend
  • You only need local development values without sharing

Instructions

  1. Identify secret types, owners, and rotation requirements.
  2. Choose a secrets backend and access model.
  3. Integrate CI/CD or runtime retrieval with least privilege.
  4. Validate rotation and audit logging.

Safety

  • Never commit secrets to source control.
  • Limit access and log secret usage for auditing.

Secrets Management Tools

🧠 Knowledge Modules (Fractal Skills)

1. HashiCorp Vault

2. AWS Secrets Manager

3. Azure Key Vault

4. Google Secret Manager

5. Setup Vault

6. GitHub Actions with Vault

7. GitLab CI with Vault

8. Store Secret

9. Retrieve in GitHub Actions

10. Terraform with AWS Secrets Manager

11. Organization/Repository Secrets

12. Environment Secrets

13. Project Variables

14. Protected and Masked Variables

15. Automated Rotation with AWS

16. Manual Rotation Process

17. Kubernetes Integration

18. Pre-commit Hook

19. CI/CD Secret Scanning