Secrets
Fuzzball supports the storage of sensitive information within a context as a “secret”. Secrets can be things like credentials for privately-hosted container registries or private containers on public registries, S3 access tokens, or credentials for accounts on sites like GitHub.
Secrets work in the following way: First, a user or account administrator creates a secret with sensitive information in it. This secret can then be referenced by name in a workflow specification YAML. While the workflow is running, Fuzzball retrieves the necessary sensitive information from the secret store based on the secret named in the workflow file. This allows sensitive information to remain encrypted and outside of text files while still being used in the workflow.