Integrations

SikkerKey integrates with the platforms your team already uses. For CI/CD platforms, SikkerKey pushes your vault secrets directly into the platform's native secret storage, so your workflows, pipelines, and jobs consume them without any SikkerKey-specific tooling. When a secret changes in SikkerKey, the new value is pushed automatically.

For container and infrastructure platforms, SikkerKey provides CLI and SDK-based approaches that inject secrets at runtime using machine authentication.

CI/CD Integrations

GitHub Actions, GitLab CI/CD, and Bitbucket Pipelines all follow the same model: connect from the dashboard, add a repository, select which secrets to sync. SikkerKey pushes the actual secret values into each platform's encrypted variable storage. Your workflows reference them natively -- no CLI, no SDK, no glue code.

• Secrets sync automatically when values change, rotate, roll back, or are restored
• Each secret-to-repository mapping is explicit -- nothing syncs by default
• Sync status is visible on the Integrations page in real time
• Removing a mapping deletes the secret from the platform immediately

Infrastructure Integrations

Docker and Kubernetes integrations use SikkerKey's machine authentication model. A machine identity is bootstrapped into the container or pod, and the CLI or SDK fetches secrets at runtime using Ed25519 signature verification.

Generic CI/CD

For platforms without a dedicated integration, bootstrap a machine identity using the CLI. The generic CI/CD guide covers Jenkins, CircleCI, AWS CodeBuild, and any other system that can run shell commands.