Skip to content

docs: add secure credential practices guide#24

Open
stevefulme1 wants to merge 1 commit intoredhat-cop:mainfrom
stevefulme1:docs/secure-credential-practices
Open

docs: add secure credential practices guide#24
stevefulme1 wants to merge 1 commit intoredhat-cop:mainfrom
stevefulme1:docs/secure-credential-practices

Conversation

@stevefulme1
Copy link
Copy Markdown

@stevefulme1 stevefulme1 commented Apr 6, 2026

Summary

  • Adds docs/secure_credential_practices.md — developer-facing guide for secure credential handling
  • Covers the five golden rules for credential management in this collection
  • Documents tooling enforcement: Gitleaks pre-commit hook setup, CI workflow, and .gitignore protections
  • Includes step-by-step instructions for adding new secrets, using Ansible Vault, and referencing secrets in playbooks
  • Provides a code review checklist for credential-related PRs
  • Defines a new team member onboarding process (Day 1 setup + key concepts)
  • Includes incident response procedures for accidental credential commits
  • References the Red Hat IT InfoSec secret management policy as the authoritative organizational standard

Related

  • Resolves: MFG-381
  • Companion to: MFG-380 (secure credential storage), MFG-376 (Gitleaks configuration)

Test plan

  • Review documentation for accuracy and completeness
  • Verify pre-commit setup instructions work on a fresh clone
  • Confirm code review checklist covers all credential patterns in the collection
  • Validate onboarding steps can be followed by a new contributor

🤖 Generated with Claude Code

@stevefulme1 @claude
docs: add secure credential practices guide
1f528dc 
Developer-facing guide covering golden rules for credential handling,
tooling enforcement (Gitleaks pre-commit and CI), code review checklist,
new team member onboarding process, and incident response procedures.
References Red Hat IT InfoSec secret management policy as the
authoritative source.

Resolves: MFG-381

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@stevefulme1 stevefulme1 requested a review from sabre1041 as a code owner April 6, 2026 17:47
@stevefulme1 stevefulme1 deployed to external-ci April 6, 2026 17:47 — with GitHub Actions Active
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sabre1041 sabre1041 Awaiting requested review from sabre1041 sabre1041 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@stevefulme1