Credentials and secrets ¶

Credentials store ¶

Sensitive configuration parameters are stored in the digitalmarketplace-credentials repository.

Mozilla SOPS ¶

We use Mozilla SOPS to encrypt/decrypt secrets using Amazon KMS.

SOPS can create a file that stores your secrets in your chosen format along with some metadata about how the file should be decrypted.

Because Digital Marketplace encrypts its files with AWS KMS keys SOPS will attempt to retrieve the correct key from AWS KMS (using the stored profile of the user) and use it to decrypt the file.

For more about SOPS in general please read the official documentation because it is really informative and gives you a good overview.

For specific information about how SOPS is used on Digital Marketplace please consult the README in the credentials repository.

SSH keys ¶

To access Jenkins via SSH, you will need to add your GitHub id to the file jenkins-vars/jenkins.yaml. See adding and removing access for new starters for more details.

Credentials and secrets¶

Credentials store¶

Mozilla SOPS¶

SSH keys¶

Credentials and secrets ¶

Credentials store ¶

Mozilla SOPS ¶

SSH keys ¶