Secure and seamless injection of secrets based on execution debugging

1 . A computer-implemented method for injecting secrets into a software instance environment, comprising: identifying code of an application from storage; analyzing the code to determine a secret associated with execution of the application; monitoring the application running in one or more instances to determine a condition for the application to use the secret; validating the condition for the application to use the secret based on an execution state of the application; and injecting the secret into the one or more instances, wherein the application can then access the secret and perform an operation using the secret in accordance with the determined condition. 2 . The computer-implemented method of claim 1 , wherein analyzing the code to determine the secret associated with the application includes identifying a call associated with the secret. 3 . The computer-implemented method of claim 1 , wherein analyzing the code to determine the secret associated with the application includes identifying a method of delivering the secret. 4 . The computer-implemented method of claim 1 , wherein analyzing the code to determine the secret associated with the application includes analyzing an environmental variable. 5 . The computer-implemented method of claim 1 , wherein analyzing the code to determine the secret associated with the application includes pre-approving code for execution. 6 . The computer-implemented method of claim 1 , wherein monitoring the application includes debugging at least one line of code associated with the application. 7 . The computer-implemented method of claim 6 , wherein monitoring the application further includes comparing the debugged at least one line of code to pre-approved code. 8 . The computer-implemented method of claim 6 , wherein the debugging is performed by a host of the one or more instances. 9 . The computer-implemented method of claim 6 , wherein the debugging is performed with an extended Berkeley Packet Filter (eBPF). 10 . The computer-implemented method of claim 1 , wherein monitoring the application further includes evaluating at least one of metadata associated with the application, power consumption of hardware running the application, network traffic, or memory usage. 11 . The computer-implemented method of claim 1 , wherein monitoring the application further includes employing a machine learning algorithm to predict the execution state of the application corresponding to the determined condition. 12 . The computer-implemented method of claim 1 , wherein determining the condition for the application to use the secret includes predicting an execution state where the application running in the one or more instances can use the secret. 13 . The computer-implemented method of claim 1 , wherein validating the condition for the application to use the secret includes analyzing one or more lines of code associated with the execution state of the application. 14 . The computer-implemented method of claim 1 , wherein validating the condition for the application to use the secret includes analyzing one or more lines of code associated with a subsequent execution state of the application. 15 . The computer-implemented method of claim 1 , further comprising retrieving the secret from a secure location before injecting the secret into the one or more instances. 16 . The computer-implemented method of claim 1 , wherein injecting the secret includes providing the secret based on an environmental variable. 17 . The computer-implemented method of claim 16 , wherein the environmental variable includes at least one of a configuration file, an import file, or a request path. 18 . The computer-implemented method of claim 1 , wherein injecting the secret includes replacing a dummy secret embedded in the application with a valid secret. 19 . The computer-implemented method of claim 1 , wherein injecting the secret further includes identifying a type and a consumption method of the secret by the application and injecting the secret in accordance with the type and the consumption method. 20 . The computer-implemented method of claim 5 , further comprising verifying that the application running in the one or more instances used the secret according to the pre-approved code. 21 . The computer-implemented method of claim 1 , further comprising removing the secret from the one or more instances after the application accesses the secret. 22 . The computer-implemented method of claim 1 , further comprising revoking a permission associated with the secret after the application running in the one or more instances uses the secret. 23 . The computer-implemented method of claim 1 , wherein the application is stored in the database in a continuous integration/continuous delivery (CI/CD) pipeline. 24 . The computer-implemented method of claim 23 , wherein the application is digitally signed in advance of its integration into the CI/CD pipeline. 25 . The computer-implemented method of claim 6 , wherein: a debugger for debugging the application is hosted in a virtualized container; and the virtualized container hosting the debugger and the one or more instances running the application are managed by a common instance management platform. 26 . A non-transitory computer-readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for injecting secrets into a software instance environment, the operations comprising: identifying code of an application from storage; analyzing the code to determine a secret associated with execution of the application; monitoring the application running in one or more instances to determine a condition for the application to use the secret; validating the condition for the application to use the secret based on an execution state of the application; injecting the secret into the one or more instances, wherein the application can then access the secret and perform an operation using the secret in accordance with the determined condition. 27 . The computer-readable medium of claim 26 , wherein: analyzing the code includes pre-approving code for execution, and validating the condition for the application to use the secret includes comparing the execution state of the application to the pre-approved code. 28 . The computer-readable medium of claim 26 , wherein the operations further comprise: accessing a previous version of the application from storage; and identifying a change to the application compared to the previous version of the application; wherein validating the condition for the application to use the secret includes analyzing the change to the application. 29 . The computer-readable medium of claim 26 , wherein debugging the execution of the application is performed from a host of the instance or in a layer of an extended Berkeley Packet Filter (eBPF). 30 . The computer-readable medium of claim 26 , wherein the debugging the execution of the application is performed from an instance not hosting the application. 31 . The computer-readable medium of claim 26 , wherein the operations further comprise verifying that the application running in the one or more instances accesses a target service associated with the secret.