Secrets and Credentials in Pipelines
Your software needs sensitive information to run — database passwords, API keys, encryption keys. These secrets must be available to the pipeline without ever being exposed or stored in plain sight in the code.
Handling them properly is a fundamental security responsibility we take seriously on every project.
How We Keep Secrets Safe
- Secrets live in a dedicated, encrypted vault, never in the code.
- Access is limited to only the systems and people that need it.
- Values are injected at run time, not baked into builds.
- Secrets are rotated periodically and after any staff change.
Why This Protects Your Business
Leaked credentials are one of the most common causes of serious breaches. By keeping secrets out of the codebase and tightly controlled, we reduce the chance of an attacker ever gaining access to your data or systems.
Frequently Asked Questions
What happens if a secret is accidentally exposed?
We treat it as an incident: the secret is revoked and replaced immediately, and we review how it happened to prevent a repeat.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.