Secrets are currently managed using Ansible Vault. This has worked well for a simple setup with a single developer but as a team forms and grows it's not a very scalable solution. For example, there are already merge issues when two branches look to update the secrets files separately.
ISIS has a secrets service based on Hashicorp Vault that is already in use by other teams. Migrate our services to this implementation. There are collections available for Hashicorp Vault support within Ansible.
Secrets are currently managed using Ansible Vault. This has worked well for a simple setup with a single developer but as a team forms and grows it's not a very scalable solution. For example, there are already merge issues when two branches look to update the secrets files separately.
ISIS has a secrets service based on Hashicorp Vault that is already in use by other teams. Migrate our services to this implementation. There are collections available for Hashicorp Vault support within Ansible.