sops
sops copied to clipboard
getsops
Simple and flexible tool for managing secrets
I'd like to be able to allow *anyone* to encrypt secrets to me; but only allow decryption through sops/KMS. AWS support this with key_usage of `ENCRYPT_DECRYPT`. https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks When I attempted...
Reactivate tests that were disabled with a comment `waiting for #690 to be merged`. Waiting for https://github.com/go-yaml/yaml/pull/690
Hello, I need to remove a specific line from a encrypted sops file by using `sops --set` flag. I need to do this in my GitLab CI Pipeline so I...
On sops 3.7.3: ## Expected Given an encrypted .env file, ``` % sops -d secrets.enc.env --output-type json ``` ## Actual ``` % sops -d secrets.enc.env --output-type json
It took me a while to figure this out, but should argument order matter here? 🤔 ``` $ sops -d secrets.yaml envSecrets: deploy-key: 12345 $ sops -d secrets.yaml --extract '["envSecrets"]["deploy-key"]'...
It would be nice to encode sections with the same name in INI style config files. Duplicate sections should not be dropped from the encoded output, because some programs, namely...
Added support for vault's token helpers (https://www.vaultproject.io/docs/commands/token-helper), as exposed by vault api. This allows working against multiple vault instances, obtaining a valid token depending on the address of the vault...
I would like to be able to edit an already encrypted file in-place using the data from stdin so that I can use it as part of a script to...
Add support for CLOUDSDK_AUTH_ACCESS_TOKEN environment to pass though an oauth access token directly or via a file.
I currently see a few workarounds of the form `SOPS_AGE_KEY=$(…) sops …` floating around. I would like to store my age key in my password manager, not have to specify...
