Secret management CLI will be used to manage our key vault backed secrets
Christopher Costa chcosta
chcosta
/ cli-tooling-epic.md
Last active
February 24, 2021 00:24
Defining the Shared Cli Tooling epic
Provide documentation and cli tool framework for various internal .NET Core engineering repos / teams.
We have a handful of internal cli tools in various repos, and the number is increasing. We need to provide consistent guidance and tooling support for various cli requirements so that we can manage our cli's using our own engineering (Arcade) principles. This epic is specifically targeting internal cli tool usage. Public tools (such as darc), may follow some of the same conventions / guidelines, but are not specifically targeted as part of this effort.
Today, there is very little consistency between cli's in terms of testing, support, documentation, contribution guidelines, usage, etc... We need to provide a common cli framework to address cli needs while keeping the barrier for contribution / particip
chcosta
/ secret-management-requirements.md
Last active
January 29, 2021 22:05
Secret management requirements
chcosta
/ gist:1287b33f8379873969cd9f81dc89de28
Last active
January 26, 2021 17:19
Secret Management scope
.NET Core Engineering manages a lot of secrets, and it is difficult to both manage and reason about them.
What follows is an overview of why we need a process in place for secret management, and then an overview of the scope of secret management that .NET Core engineering manages.
The Post-Build signing feature needs to provide adequate telemetry to diagnose performance related issues.
Gather data that is usable to investigate release pipeline signing performance in an effort to understand trends and make reasonable decisions about which components are primary contributors to signing time.