Read about the obligatory security measures to take on a regular basis and when a Kyma organization member leaves the project.
All Secret used in the Prow production cluster must be changed every six months. Follow Prow secret management to create a new key ring and new Secrets. Then, use Secrets populator to change all Secrets in the Prow cluster.
NOTE: The next Secrets change is planned for October 1, 2020.
Make sure that jobs do not include any Secrets that are available in the output as this can lead to severe security issues.
When a Kyma organization member with access to the Prow cluster leaves the project, take the necessary steps to keep Kyma assets secure.
Remove the person from the kyma-prow Google project immediately. Follow this document to revoke necessary access.
Change all Secrets that were valid when the person was a project member. Follow Prow secret management to create a new key ring and new Secrets. Then, use Secrets populator to change all Secrets in the Prow cluster.