Seven secrets tools, one job each. The boundary between AI-readable and human-only is structural, not policy.This site is the single public source of truth for the secrets-management story. Each repo’s
README.md keeps only the literal commands its workflow needs; the narrative lives here.
The boundary that matters
| AI-readable (CI + dev) | Human-only | Planned |
|---|---|---|
Doppler, automation keychain, AWS Vault session, SOPS in-repo, BWS via bridge | Bitwarden vault, elevate-access keychain | OpenBao |
Which tool for which secret
| Tool | Use it for | Deep dive |
|---|---|---|
| Doppler | AI provider keys (AI_TOKEN, Copilot, HuggingFace, provider-specific fallbacks); GitHub Actions secrets distributed via secrets-sync; dryvist org-level Doppler integration | doppler |
| macOS Keychain | Tiered GitHub PATs (RESTRICTED, PRIVATE, ADMIN); BWS access token; Claude Code OAuth credential | macos-keychain |
| AWS Vault | AWS credentials per OpenTofu root (one profile per root) | aws-vault |
| Mozilla SOPS | Encrypted OpenTofu / Ansible vars committed to git; initial-bootstrap passwords; internal topology | sops |
| Bitwarden vault | SSH keys, recovery codes, age-key escrow, account passwords — AI tools never reach this | bitwarden |
| BWS | Programmatic AI tokens that cannot use the shared AI_TOKEN convention, fetched via the Python bridge | bws |
| OpenBao (planned) | Self-hosted homelab service-to-service auth | openbao |
What this section covers
Golden laws
The fifteen non-negotiables. Every other page is just an implementation of one of these.
How it fits together
Multi-diagram tour of every secret flow — CI, local dev, AI sessions.
secrets-sync architecture
How Tier 1 secrets reach 20+ GitHub repos through one workflow.
Local AI isolation
Why AI tools structurally cannot view protected token values.
Scrubbed values
Canonical placeholders for IPs, domains, usernames, and tokens in every committed file.
docs.dryvist.com.