Add HashiCorp Vault to Diamonds DevContainer #199
Description
Secrets like crypto keys should should not be kept in an unencrypted state, even local .env files. To better protect these we should implement a Key Store in the Development Environments and be able to utilize the keys in CI/CD pipelines that handle secrets.
To handle this we should store will implement the HashiCorp Vault as part of the Diamonds DevContainer.
Requirements
- Persistence: The Secrets should persist across rebuilds of DevContainer
- Security and Encryption: The vault data should not be accessible outside of the DevContainer environment
- Scripts and Tests Integration (Hardhat): The Secrets need to be accessible via node
- Developer Setup: Devs need to be able to set it up easily and quickly
- Fallback to .env file
Possible Enhancements
Share across multiple projects: It may be possible to share the secrets across multiple project by pointing the local version to a particular file or having a remote host for the file.
Sharing may among multiple projects is not an initial requirement and it may not be needed for smaller projects.
Github login integration
For proper Access Control Authentication should be handled using a better method than simple password. The preferred method is using a third party verification service. In this case we have chosen Github for now.