I think a password manager like 1pass for all secrets (definitely not confluence) plus a cloud hosted secret system like Aws secretsmanager for secrets that need to be accessed programmatically e.g by various IAM roles.
Devs, once assumed a role, download the secret env files from secretsmanager.
You might see where I'm going with this, you have two systems to store secrets in, one for general use and one for programmatic use. It's not ideal but pragmatic and do consider if your in a security sensitive domain, then you would want to customise this process e.g. by only having one storage system and shorter access etc.
Someone of the two infra people would have the ability to assume a role/get a set of expiring "deploy" keys that they would paste into CI To start a deployment (still in ci just doing stuff that CI normally doesn't have permission to do)
Not sure why they're not just axing a whole bunch of staff like everyone else.. fees on-top of this marketplace is still a profitable concept and/or you could find a buyer
Speaking about opportunity cost of folks pursuing AI like a mad crowd... I started a ChatGPT competitor https://text-generator.io let me know what you think .. or if it's too much...
Looks like this post is flagged too... I'm also competing with you/co pilot with https://text-generator.io but I'm on Bing, take a deep look into your site/SEO etc and tip of the day for generative companies like ours is that we can generate a whole bunch of examples for SEO.
Normally HN and Reddit are less moderated than other sites that do a lot of shadow banning, condolences for getting stomped on by large co's and also welcome to the internet
For a text generator that doesn't store data you give it checkout https://text-generator.io it's also open AI compatible and self hostable so and easy migration
Checkout https://text-generator.io for embeddings for search, they are better because they are cheaper/faster/take into account linked images (actually embed text images and code in the same space)
Your training trick is neat/great innovation but also keep in mind it is likely overfitting meaning when you get a bit of new data you need to index and search that model isn't going to do well at all at embedding it, said differently that training works well if you can cover the types of data you're going to see in production really well at training time. If not there's a big accuracy drop for unseen data due to overfitting
I'm clearly not versed in AI but at least two of their examples are quite obviously wrong. Their Study Notes example asks for five key facts about Ancient Rome -- one of them is borderline incorrect and only applies to the Roman Empire, the other one is an overgeneralization, and they're two, not five. The "Receipts" example gets the total sum wrong.
Try https://text-generator.io the bs generated is about the same tbh... But much cheaper, and combines a web crawler so it can speak about links and images which makes it a lot better at lots of things like making a believable conversation about designs/invoices/reciepts/emojis.
I run the cheaper self hostable OpenAI alternative https://text-generator.io I've been working on automating this manual verification of everything, with a few components we already have like a search engine and an edit API we can both detect and correct most of these errors to at least be reflective of what a reliable source says like Wikipedia, still a lot of reasoning, logic and math issues will remain, but there's a big step up coming soon in factual generation
I built my own OpenAI compatible alternative, https://text-generator.io to help with that pricey ness. Also self hostable which helps people cut costs.
It also analyses linked web pages and image content automatically so helps people build these web integrations or auto img alt tag describers or reiept analysers etc without doing as much of the prompt engineering/crawling themselves.
Devs, once assumed a role, download the secret env files from secretsmanager.
You might see where I'm going with this, you have two systems to store secrets in, one for general use and one for programmatic use. It's not ideal but pragmatic and do consider if your in a security sensitive domain, then you would want to customise this process e.g. by only having one storage system and shorter access etc.
Someone of the two infra people would have the ability to assume a role/get a set of expiring "deploy" keys that they would paste into CI To start a deployment (still in ci just doing stuff that CI normally doesn't have permission to do)