sops
sops copied to clipboard
getsops
Simple and flexible tool for managing secrets
This would allow the use of sops without needing to update key names in the areas that they are used to have `_encrypted` or `_unencrypted`. Encrypted example: ``` db: password_encrypted:...
this will allow for setting of parameters specific to each store, such as indentation level for YAML (https://github.com/mozilla/sops/issues/900).
While `decrypt` allows me to extract sub-part of the document tree, I cannot do this with `exec-file` or `exec-env`. Having ability to do this would be very useful. I would...
Add support for extracting sub-part of the document when running exec-file or exec-env command.
A KMS entry in a creation_rule keygroup supports setting aws_profile, but the value is not passed into the KMS MasterKey.
Am experiencing an issue where when trying to encrypt a file for the first time it fails when using a kms+role format in .sops.yaml ``` sops -e file.yaml Could not...
It would be cool if we could assume role with external id set. Something like this: ```creation_rules: - path_regex: secrets/environments/production/secrets.yaml kms: 'arn:aws:kms:us-east-1:666666666:key/xxxx-x-xxxxx+arn:aws:iam:us-east-1:666666666:role/kms_role' external_id: 'some_secret_external_id' ``` or ``` creation_rules: - kms:...
Currently, as far as I'm aware there is no way of encrypting a file in-place using SOPS via Golang. I'm essentially looking for an API to be exposed that does...
Hey I am trying to configure SOPS to encrypt secrets with kms keys that will come from different AWS accounts. Essentially if one has access to at least one of...
Calling sops.exe (win32 variant) from WSL can result into a gopanic: ``` sops.exe --encrypt --input-type yaml --output-type yaml 'D:\a\helm-secrets\helm-secrets\tests\tmp.jIEdrPlrTE\assets\values\sops\secrets.dec.yaml' # panic: runtime error: index out of range [0] with length...
