Component: Secrets

[StachuDotNet]

This Issue exists to collect many items that relate to "Secrets" in Darklang -- a managed system of creating encrypted values such as passwords, referencing/using them, and protecting them from parties who shouldn't have access.

Before working on any of this, we need to get a bit further along with our baseline CLI and editing experience.

• bring back Secrets in darklang-next locally
  • take inspiration from james
• Allow adding documentation to secrets
  • When a user adds a secret, there's often useful information to go with it, such as a description, or how to set it or change it. As I add some API keys to an app, I find I want a link to the documentation, and also a link to how to change the key. If possible, a user might want to link to the upstream "resource" (maybe a page for that key on the vendor's dashboard).
• support deleting secrets (see old Support deleting Secret Keys #2815)
• Add regular notification of secrets
  • Users might set up Dark with a secret and then forget about it, which increases the attack surface should dark be compromised.
  • To help with this, we should send regular notifications to customers listing the names of secrets they have stored on the platform. Maybe a monthly or quarterly email that they can configure in settings.
• thoughts: "prevent accidental exposure" (see old Secrets: Prevent Accidental Exposure #3709)
  • todo: extract the individual ideas here