Sops Secret Management with PGP
Mozilla SOPS (Secrets OPerationS) is a simple and flexible tool for managing secrets. SOPS provides the scaffolding to enable the use of various encryption solutions to encrypt and decrypt select values in files whilst leaving the keys in plain-text. SOPS supports yaml, json, env, ini and binary formats and can integrate with; Amazon Web Services Key Managemnt Service Google Cloud Platforms Key Management Service Azure Key Vault age and Pretty Good Privacy (PGP) When looking at options for secret management I was searching for a solution that would have minimal overhead and enable me to keep my secrets in git along with the code. With SOPS, I can use my existing hardware backed PGP key that I use to sign my git commits as well as a secondary PGP key stored in the git repository, the private half of which only exists in GitLab for CI/CD operations. ...