sops icon indicating copy to clipboard operation
sops copied to clipboard
verified publisher icon getsops

Exclude regex

Open adrianmoisey opened this issue 9 months ago • 0 comments

(I mentioned this to a maintainer at Kubecon EU 2025, I thought I'd file an issue too).

Example from https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-users-and-roles.html#k8s_file_realm

Given a file like this:

apiVersion: v1
kind: Secret
metadata:
  name: secret-basic-auth
type: kubernetes.io/basic-auth
stringData:
  username: rdeniro
  password: mypassword
  roles: kibana_admin,ingest_admin

I'd like the ability to encrypt all of stringData, except for stringData.roles and stringData.username.

I want the explicit "exclude" so that I can be confident that new fields are encrypted by default.

adrianmoisey avatar Apr 04 '25 08:04 adrianmoisey