#go#devops_workflow#encrypt_secrets#gitops#kubernetes#kubernetes_secrets
Sealed Secrets is a tool for Kubernetes that lets you safely store sensitive information—like passwords or API keys—in your code repository by encrypting them so only your Kubernetes cluster can decrypt them. You use a tool called `kubeseal` to encrypt secrets on your computer, and then store the encrypted result in your repository. When you apply this encrypted secret to your cluster, a special controller inside Kubernetes decrypts it and creates a regular secret that your apps can use. This means you can manage all your configuration in Git, even secrets, without worrying about exposing sensitive data, and only the cluster itself can access the real secret[2][5][1]. The benefit is that your secrets are protected at every step, and you can use Git workflows for everything, making your setup more secure and easier to manage.
https://github.com/bitnami-labs/sealed-secrets
有消息称#小米#MIUI 安全组件即小米的杀毒引擎添加有国家反诈中心的扫描接口(nationalAntiFraudSingleAppScan)。
at com.miui.guardprovider.engine.mi.antidefraud.AntiDefraudAppManager.getSign(Unknown Source:0)
at com.miui.guardprovider.engine.mi.antidefraud.MiDetectAppsManager.virusInMiEngineRiskList(Unknown Source:30)
at com.miui.guardprovider.engine.mi.antidefraud.AntiDefraudAppManager.getDetectUnsafeAppStatus(Unknown Source:6)
at com.miui.guardprovider.manager.SecurityService$a.nationalAntiFraudSingleAppScan(Unknown Source:17)
at com.miui.guardprovider.aidl.IAntiVirusServer$Stub.onTransact(Unknown Source:38)
MIUI security components.apk源代码分析
viamogua.co