Introduce a new "Secrets" feature to securely manage sensitive data that various activities within a workflow might require. Examples include API keys for HTTP requests or connection strings for database queries.

Key Entities

Secret

• Id: Unique identifier for the secret.
• TenantId: Identifies the tenant the secret belongs to.
• Name: Human-readable name for the secret.
• Value: The actual secret value.

Secret Storage

• The Secret entity will be stored via the ISecretStore abstraction.
• Multiple implementations of ISecretStore will be supported, allowing for different storage options:
  • EF Core: Store secrets in a relational database.
  • Azure KeyVault: Retrieve secrets from Azure KeyVault via the AzureKeyVaultSecretProvider implementation.

Contracts

• ISecretStore: Manages secrets (CRUD operations). Provided by the Elsa.Secrets.Management module.
• ISecretProvider: Read-only access to underlying secret stores.

This architecture allows for flexible secret management, enabling scenarios like using a DatabaseSecretProvider to fetch secrets from a database or an AzureKeyVaultSecretProvider to fetch them from Azure KeyVault.

UI Enhancements for Variable Types

Dynamic UI Components

• Boolean: Render as a radio button list with options "True" and "False".
• DateTime: Render as a DateTimePicker for easy selection.
• Secret: Render as a dropdown list populated with secrets defined in the Secrets UI.
• Global: Render as a dropdown list populated with globals defined in the Globals UI.

Globals

• Introduce a "Globals" module similar to the Secrets module, where global values can be centrally managed.
• Globals should also be evaluated at runtime, with a pluggable persistence store for various integrations.

Conclusion

This feature enhances the security, flexibility, and extensibility of Elsa Workflows by centralizing the management of sensitive and non-sensitive data, ensuring that secrets and global values are handled securely and efficiently across different workflows.