Skip to content

[Feature]: Implement Git Secret Backend for Sensitive Values #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
3 tasks done
ritwik-g opened this issue Feb 27, 2025 · 0 comments
Open
3 tasks done

[Feature]: Implement Git Secret Backend for Sensitive Values #24

ritwik-g opened this issue Feb 27, 2025 · 0 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@ritwik-g
Copy link
Contributor

Title

[Feature]: Implement Git Secret Backend for Sensitive Values

Problem Statement

After implementing the GCS backend for sensitive values, we need to expand support to other popular secret management systems. Git Secret provides a way to store encrypted files in Git repositories, which is useful for teams already using Git for configuration management.

Proposed Solution

Implement a Git Secret backend for sensitive values:

  1. Create a Git Secret backend implementation:

    • Implement GitSecretValueBackend class that extends the ValueBackend interface
    • Add integration with the git-secret tool
    • Implement secure storage and retrieval of sensitive values

  2. Update the configuration schema:

    • Add Git Secret-specific configuration options to the backend_config schema
    • Document the required Git Secret setup and GPG configuration

  3. Add CLI commands for Git Secret backend configuration:

    • Add options to configure Git repository paths and GPG keys
    • Support initialization and configuration of Git Secret

  4. Update documentation:

    • Add user guide for configuring and using Git Secret
    • Add examples and best practices

Implementation Details

The implementation will:

  1. Store sensitive values in Git Secret-encrypted files
  2. Use reference-based approach where only references are stored in the config file
  3. Support automatic retrieval of sensitive values when needed
  4. Include proper error handling for Git Secret-specific errors
  5. Add comprehensive tests for the Git Secret backend

Dependencies

This feature depends on the implementation of the base sensitive values support with the GCS backend.

Additional Context

This is part of a series of backend implementations for sensitive values, including:

  • GCS
  • AWS Secrets Manager
  • Azure Key Vault
  • HashiCorp Vault
  • Git Secret

Each backend will be implemented as a separate task to maintain focus and allow for incremental releases.

Labels

  • enhancement

Requirements

  • This feature aligns with the project's scope and goals
  • I've checked that this feature doesn't already exist
  • I've searched for existing feature requests
@ritwik-g ritwik-g added enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed labels Feb 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ritwik-g