Secrets and Rotations

Expired secrets are predictable outages.

Treat rotation as scheduled work, not incident work.

High-impact rotation targets

  • GHCR pull token
  • Common notify token
  • SynckHub infra tokens
  • Microsoft app client secret
  • WOPI token signing secret
  • Postgres passwords

Rotation rules

  1. rotate one class of secret at a time
  2. verify service health after each rotation
  3. keep rollback path for each step
  4. update Vault and deployment state together

Common anti-pattern

Manual secret edits outside audited workflow create state divergence you cannot reason about later.

Previous
Release Workflow
Next
Common Wiring