-
Type:
Task
-
Resolution: Done
-
Priority:
Unknown
-
None
-
Affects Version/s: None
-
Component/s: None
-
None
-
None
-
Ruby Drivers
-
Not Needed
-
None
-
None
-
None
-
None
-
None
-
None
Final cleanup after all secret categories have been migrated to AWS Secrets Manager.
Prerequisites
RUBY-3672(AWS auth secrets) — done- FLE/CSFLE secrets migration ticket — done
- Kerberos secrets migration ticket — done
- Atlas connectivity secrets migration ticket — done
- RUBY-3725 (test runner consolidation) — done
Scope
- Remove the "delete private environment" function from common.yml.erb and all task references to it
- Remove all .env.private fallback paths from shell scripts (run-tests-aws-auth.sh, functions-aws.sh, functions-kerberos.sh, and any others)
- Remove the "export FLE credentials" and "export Kerberos credentials" function stubs if not already deleted in prior tickets
- Verify no .env.private writes remain anywhere under .evergreen/
- Coordinate with Evergreen project admins to delete the migrated project variables from Evergreen project settings (all 49 variables identified in RUBY-3311 analysis)
- Confirm aws_key / aws_secret (S3 artifact upload) disposition with DevProd — infrastructure vars, may stay or be handled separately
Files to change
- .evergreen/config/common.yml.erb and regenerated .evergreen/config.yml
- Any remaining .evergreen/*.sh files with .env.private references
Test plan
Full CI patch run to confirm no regressions. Verify no tasks fail due to missing .env.private.
- is fixed by
-
RUBY-3311 Use AWS Secrets Manager for Evergreen Test Secrets
-
- Backlog
-