Below you will find pages that utilize the taxonomy term “Secrets”
SOPS To Manage Secrets In Git Repositories
In a previous post, we discussed using age
to manage secrets in Git repositories.
In this post, let’s improve our secrets management workflow in Git repositories using SOPS.
sops
is an editor of encrypted files that supports popular configuration formats such as YAML and various encryption
techniques such as age
.
Read the blog post about age
to install the package and creating the key file.
This time, we will use sops
to perform encryption and decryption operations instead of the age
command.
Age To Encrypt Secrets
Are you storing secrets such as database credentials, API keys, etc. unencrypted in Git repositories? Stop.
To protect your secrets, do not store them anywhere unencrypted. Especially in Git repositories. Ideally, your organization must have some vault solution where secrets can be stored and securely shared with people on a need-to-know basis. In many small organizations, having such a central secrets management solution is still a luxury. The need to store such secret information in Git repositories is obvious. There are a few ways in which you can encrypt secrets. We discussed using Ansible Vault in one of the previous blog posts.