Most of the time, you want to share your components with others. But a component might require a value that you cannot share.
For instance a licence key or an API token.
Component Secrets are a way to share the functionality of a component without sharing secret values.
Create a component secret
To add a secret to one of your components,
- Extend its display row in the components list
- Select the "Secrets" tab
- Click on "Add Secret"
- Enter a name for the secret and the "value" - the secret content
- Click on "Submit"
You can now step through the "Edit" wizard of the component.
See how the new component secret was added as a parameter, automatically.
In your Ansible playbook or your Powershell script or your Dockerfile you can now refer to the secret value, using the name that you gave to the secret.
Vault
The secret is kept in a vault instance. A secret value once entered, can only be resolved by that component with the name/key you gave.
There is no other way for anyone to retrieve the secret value again.
Remove
If you want to remove a component secret again, you will have to remove the corresponding parameter from all versions of the component.
Depending on whether the secret was already promoted to "Pilot" or "Live" or even "Audited" you might have to propagate through multiple versions to remove the secret again.