## Background ~"group::pipeline security" is currently [exploring an MVC for GitLab-native secrets management](https://gitlab.com/groups/gitlab-org/-/epics/10723). Meanwhile, we've been working to support [cloning private repositories](https://gitlab.com/groups/gitlab-org/-/epics/10882) during the creation of a workspace which requires injecting credentials into the container. ## Goal Provide input to ~"group::pipeline security" to help shape the MVC. How would a native secrets management solution benefit workspaces? How would we expect it to work? ## Outcome TBD