Steps to take:

• List secrets present in this issue
• Create a link to this issue in the web interface Experiment bed readme update: add instructions related to #201 #250
• Implement keys below in a separate branch with a script to generate a container from it which can be scanned
• Add master merging script for the .github/scripts/docker-create-and-push.sh

Keys that can be added:

• Azure
• AWS
• GCP
• Git credentials :SSH key
• Git credentials: developer token
• private key RSA key & private ECC key
• GPG keychain (armored and notarmored)
• AES keys
• Slack callback
• kubeconfig
• QR-code (will be hard to represent a secret which is detactable other than through entropy,skipping it)
• BasicAuth
• gradle credentials
• mvn credentials
• NPM
• Firebase push notification keys (android/ios)
• OTP Seed
• segment.io access keys
• Vault root token & unseal keys
• Any JWT Token
• Gitlab PAT
• Gpg armoured export private and public keys
• Azure devops access token
• onepassword emergency kit, 1password-credentials.json and accesstokens
• keybase paperkey
• IBM-cloud?
• Nomad credentials (wait till Nomad support #299 happens)
• Spring boot Session token
• Slack access tokens:bottoken & usertoken, applevel token & config token (requested..pending)
• Braze API-keys (requested)
• Lastpass integration/api-key
• Confidant key
• Docker hub access token
• Vagrant cloud access token
• confluence/jira secrets
• AWS instance profile
• add dockerconfig (https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/)
• secrets above with encodings (base64, Hex encoding)
• Database connection strings
• OIDC token

which other secret would you like to add? please comment