sops
sops copied to clipboard
getsops
Simple and flexible tool for managing secrets
The current Go libraries used for Azure KeyVault access will be out of support by March 31, 2023 https://github.com/Azure/go-autorest Can SOPS please update to use the new libraries for continued...
I want run run a sops key service and provide a unix socket via bind mount to containers. This appears broken in 3.10.2 even when running without any bind mounts...
Hi! So the README.rst states: ```rst Encrypting only parts of a file ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Note: this only works on YAML and JSON files, not on BINARY files. By default, SOPS encrypts...
Running following command in a directory doesn't contain `.sops.yaml`: ```sh sops --age=age1xxfdafu5j4e5z7y5l6my6x07vjuh6unxersnwne4etpvykheq9gsj003fv -e mysecret.json ``` got results: ``` error loading config: no matching creation rules found ``` This is clearly...
(I mentioned this to a maintainer at Kubecon EU 2025, I thought I'd file an issue too). SOPS is great in that the structure of a file is kept after...
To be able to integrate SOPS widely into tooling, there seems to be a need for the API implementation for the major programming languages, e.g.: python, java, javascript, golang Any...
(I mentioned this to a maintainer at Kubecon EU 2025, I thought I'd file an issue too). Example from https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-users-and-roles.html#k8s_file_realm Given a file like this: ``` apiVersion: v1 kind: Secret...
If settings like `encrypted_regex`, `unencrypted_regex`, `encrypted_suffix`, `unencrypted_suffix`, `encrypted_comment_regex`, `unencrypted_comment_regex` are used, files read with the binary store often end up unencrypted. This is likely the cause for the observations in...
Streamline how the config is loaded (right now it is loaded up to four times in some situations, like when running `sops edit foo.yml`). (Ref: https://github.com/getsops/sops/pull/1820#pullrequestreview-2727929345)
I would suggest an option to keep metadata around in decrypted version of the YAML file so that file can be re-encrypted with same settings, without having to have `.sops.yml`...
