Request: Include pass shell script when building the runner image
Description
A customer requests that the pass package be included in the runner image so that they can use the pass password manager in their CI pipelines.
Vault is supported but requires a new service, which often requires additional services and approvals.
pass is in most Linux distribution's package repositories, is a small shell script, and supports stuffing everything in git using GPG keys.
The user would simply put the GPG private key into a CI variable and ensure that the password store is formatted according to whatever key/value syntax is required.
This would be a low-effort, scalable solution that requires no additional approvals and allows a team-focused strategy towards secrets management.
Proposal
Include the pass package in the runner image.