Stop storing long-lived credentials as GitHub secrets. Use OIDC and Azure Key Vault to build a truly passwordless and more secure CI/CD pipeline.
#1about 2 minutes
Understanding the fundamentals of GitHub Secrets
GitHub Secrets provide an encrypted way to store sensitive data like API keys within repositories for use in CI/CD workflows.
#2about 6 minutes
Managing secrets at different scopes in the UI
Secrets can be managed at the repository, environment, or organization level through the UI, but repository-level secrets become difficult to rotate at scale.
#3about 5 minutes
Consuming secrets in workflows and avoiding common pitfalls
Reference secrets in GitHub Actions using the `secrets` context, but be aware of pitfalls like hard-coding, commit history exposure, and improper access control.
#4about 5 minutes
Integrating GitHub with Azure Key Vault for centralization
Use Azure Key Vault as a centralized secret store to manage secrets outside of GitHub, improving scalability and separating access controls.
#5about 7 minutes
Configuring passwordless authentication using OpenID Connect
Set up a federated identity in Azure Entra ID with OpenID Connect to allow GitHub Actions to authenticate to Azure without long-lived secrets.
#6about 7 minutes
Fetching Azure Key Vault secrets in a GitHub workflow
Use the `azure/login` action with OIDC to authenticate, then use Azure CLI within a workflow to retrieve secrets from Key Vault for subsequent steps.
#7about 4 minutes
Key benefits of the Azure Key Vault integration
Integrating with Azure Key Vault provides centralized management, granular RBAC, secret versioning and history, and enhanced auditing capabilities.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
02:32 MIN
Securing workflows with secrets and best practices
CI/CD with Github Actions
07:11 MIN
Why hard-coded secrets are a growing developer problem
Stop Committing Your Secrets - GIt Hooks To The Rescue!
03:42 MIN
Securely handing over credentials and application secrets
SRE Methods In an Agency Environment
03:59 MIN
Using Azure for secure configuration and secrets management
Develop enterprise-ready applications for Microsoft Teams with Azure resources on modern web technologies
15:37 MIN
Key takeaways for preventing secret leaks in code
Stop Committing Your Secrets - GIt Hooks To The Rescue!
04:08 MIN
The risk of exposing credentials in Git repositories
Securing Secrets in the GitOps era
18:28 MIN
Q&A on GitOps secret management practices
Securing secrets in the GitOps Era
02:42 MIN
Prevent leaked secrets with push protection and scanning
GitHub Copilot: Beyond the Basics – 10 Ways to Elevate Your CodingWelcome to an in-depth exploration of GitHub Copilot and its capabilities. If you're a software developer or someone intrigued by AI's potential to revolutionize coding, this post is for you. GitHub Copilot, an AI-powered code completion tool, offers...
Dev Digest 129 - Now that's what I call private data!News and ArticlesAfter declaring Google a monopoly there are now considerations to force it to break up - isn't that what the whole Alphabet thing was about? In the last act of Crowdstrike coverage here, they released a deep analysis of the outage th...
From learning to earning
Jobs that call for the skills explored in this talk.
58:52
58:57
1:04:54
1:05:06
56:06
30:07
29:50
24:01
