We should support Secret Manager as a more secure source for application secrets like S3 secret access keys and the GitHub OAuth2 app client secret.
For implementation, it seems like we should implement SmallRye Config's SecretKeysHandler for a new class, e.g., SecretManagerSecretKeysHandler, enabling us to set secret configuration properties like this: some.secret=${secret-manager::secret-name}. We should use the Secret Manager Java library so that we can use application default credentials for authentication.
We should support Secret Manager as a more secure source for application secrets like S3 secret access keys and the GitHub OAuth2 app client secret.
For implementation, it seems like we should implement SmallRye Config's
SecretKeysHandlerfor a new class, e.g.,SecretManagerSecretKeysHandler, enabling us to set secret configuration properties like this:some.secret=${secret-manager::secret-name}. We should use the Secret Manager Java library so that we can use application default credentials for authentication.