Skip to main content

Infisical

Infisical is Devman's primary secret-management surface for application runtime secrets.

Responsibilities

  • Store LLM provider keys and application tokens.
  • Separate local, staging, and production environments.
  • Support machine identity or token-based runtime loading.
  • Keep secret values out of git, docs, logs, and screenshots.

Bootstrap Boundary

Some infrastructure bootstrap values may still be needed in GitHub Actions secrets or protected server .env files before Infisical is reachable. Do not delete bootstrap secrets until the recovery path is verified.

Related pages: Infisical Runtime, GitHub Actions Secrets, and Rotation Checklist.