I am looking for secret management options for pulumi apart from default service which pulumi provides. What is mostly used or preferred? Some things which we have currently are below:
• GitHub secrets
• AWS secret manager
Any document or experience someone can share would be great as we have recently started using pulumi.
10/29/2021, 7:25 PM
I don't believe we have 1password provider support yet, but I'd love to know more about your use case
10/29/2021, 7:42 PM
1. To store secrets required for deploying a server in hetzner cloud e,g hcloud token, AWS secret and Access for state file, Github Oauth KEY and ID for GH as auth provider in rancher etc.
2. Once rancher is installed using pulumi we would need to set some management there, currently using vault and for basic secrets rancher/kubernetes secrets can be used.
I am not sure if for both these scenario 2 separate management would be needed or we can do it together.
Currently, for pulumi I have saved everything in Github secrets that are fetched in GitHub actions as ENV values.