Add page on integration with GCP Secrets Manager

sidebars.js

@@ -161,6 +161,7 @@ module.exports = {
                 'admin/cloud-credentials/gcp-cloud-credentials',
               ],
             },
+            'admin/integrations/gcp-secrets-manager',
             'admin/integrations/okta-user-deprovisioning',
             {
               type: 'category',

src/content/admin/integrations/gcp-secrets-manager.mdx

@@ -0,0 +1,84 @@
+---
+title: Using GCP Secrets Manager with Okteto
+description: Learn how to securely access secrets stored in Google Cloud Secrets Manager from an Okteto Development Environment
+sidebar_label: GCP Secrets Manager
+id: gcp-secrets-manager
+---
+
+# Using GCP Secrets Manager with Okteto
+
+## Overview
+This guide explains how to securely access secrets stored in **Google Cloud Secrets Manager** from an Okteto Development Environment. The recommended authentication method uses **Workload Identity Federation**, allowing developers to authenticate without storing long-lived service account keys.
+
+For a complete working example, refer to the [Okteto Community GCP Secrets Manager repository](https://github.com/okteto-community/gcp-secret-manager).
+
+---
+
+## Prerequisites
+Before proceeding, ensure you have the following:
+
+- **Google Cloud Project** with **Secrets Manager API enabled**
+- **Workload Identity Federation** configured as per [Okteto’s GCP Cloud Credentials Guide](admin/cloud-credentials/gcp.mdx)
+- **Okteto CLI** installed and configured
+- **kubectl** and **gcloud CLI** installed
+
+---
+
+## Step 1: Configure Workload Identity Federation
+To authenticate your Okteto workloads with Google Cloud, follow the steps in the [Okteto GCP Cloud Credentials Guide](admin/cloud-credentials/gcp.mdx). This method ensures secure access to GCP services without using long-lived credentials.
+
+---
+
+## Step 2: Store and Retrieve Secrets in GCP Secrets Manager
+### 2.1 Store a Secret
+To store a secret file in **Google Cloud Secrets Manager**, follow these steps:
+
+#### **Create a local secret file**
+Here we'll create a secret file `top-secret-information.txt` with the content:
+```
+MY_NAME=cindy
+MY_COLOR=valencia green
+```
+```sh
+echo -e "MY_NAME=cindy\nMY_COLOR=valencia green" > top-secret-information.txt
+```
+
+#### **Create a new secret in GCP**
+```sh
+gcloud secrets create top-secret-information --replication-policy="automatic"
+```
+
+#### **Upload the file as a new version of the secret**
+```sh
+gcloud secrets versions add top-secret-information --data-file=top-secret-information.txt
+```
+
+### 2.2 Verify this saved by retrieving the Secret Manually
+To retrieve the secret manually from your local environment:
+
+```sh
+gcloud secrets versions access latest --secret=top-secret-information
+```
+
+---
+
+## Step 3: Access GCP Secrets from an Okteto Development Environment
+### 3.1 Deploy the Example Application
+Ensure your development environment is running in Okteto and has access to the necessary **GCP credentials**.
+
+Clone the example repository and deploy the sample application:
+
+```sh
+git clone https://github.com/okteto-community/gcp-secret-manager.git
+cd gcp-secret-manager
+okteto up
+```
+
+This will start a development container with the necessary permissions.
+
+### 3.2 Retrieve and Use Secrets in the example Go Application
+Once the environment is deployed, go to the **Okteto UI** and click on the **endpoint** that Okteto created for you. The logic in `main.go` from the sample repository retrieves values from the secret file we created in **Google Cloud Secrets Manager**. The output will be similar to this:
+
+```
+Hi, my name is cindy, and my favorite color is valencia green.
+```