US Patent 11496302 Securely processing secret values in application configurations

Provided are techniques for securely processing secret values in application configurations. A configuration file for an application is retrieved from a first repository, where the configuration file stores a configuration value and a link to a secret value in a second repository. The secret value is retrieved from the second repository using the link. The configuration value is hashed to output a hashed configuration value and the secret value is hashed to output a hashed secret value. The hashed configuration value is signed, with a private key, to output a hashed and signed configuration value, and the hashed secret value is signed, with the private key, to output a hashed and signed secret value. The configuration value, the secret value, the hashed and signed configuration value, and the hashed and signed secret value are stored in a release file. The application is executed using the release file.