Questions tagged [mozilla-sops]

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault and PGP.

SOPS (Secrets OPerationS) is a Mozilla project to securely automate the sharing and distribution of secrets and credentials in cloud environments.

https://github.com/mozilla/sops/

26 questions

votes

1 answer

How to extract value with SOPS without the extra newline in the output?

I'm trying to extract values from a SOPS-encrypted JSON file to export them into environment variables in order to run a web app, but the extraneous newlines keeps driving me crazy. For example, given this test.json (which is then encrypted with…

mozilla-sops

asked Mar 28 '23 at 17:12

toraritte

6,300
3
46
67

votes

1 answer

mozilla sops needed to encrypt a value in a shell file

I need to encrypt a file using SOPS. The string I am trying to encrypt is the "XXXXXXXX" part below: aws=($(aws sts assume-role --role-arn arn:aws:iam::XXXXXXXXXXXXX:role/dummy --role-session-name sandbox | jq -r '.Credentials[]')) my sops config…

bash mozilla-sops

asked Oct 27 '22 at 17:27

Bluz

5,980
11
32
40

votes

1 answer

Flux not decrypting using SOPS

I have configured Flux to use SOPS to decrypt. Here's a brief highlight of what I did. In the gotk-sync.yaml file I have added the decryption property. apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization metadata: name:…

kubernetes flux mozilla-sops

asked Sep 15 '22 at 03:41

RajV

6,860
8
44
62

votes

1 answer

encrypt file with sops with github workflow

I'm trying to encrypt a file with sops with github actions, my workflow code is name: Encrypt application secrets on: workflow_dispatch: jobs: encrypt: runs-on: ubuntu-latest steps: - name: Checkout code uses:…

encryption yaml github-actions mozilla-sops

asked Aug 17 '22 at 08:20

nadia univ

votes

1 answer

Encrypting secret to read GitHub source in Flux

In my Kubernetes cloud I do have FluxCD to manage all components. FluxCD is using SOPS to decrypt all the passwords. This is resulting in a declaration like this: --- apiVersion: source.toolkit.fluxcd.io/v1beta1 kind: GitRepository metadata: name:…

kubernetes flux eksctl mozilla-sops

asked Jul 26 '22 at 20:36

Marc Enschede

votes

1 answer

How to configure custom filter for git grep?

I am using mozilla/sops for encrypting and storing the secrets on git. They suggested a git diff filter to decrypt the data on git diff and it shows the actual diff of secret instead of diff of cipher-text. I configured this git filter using…

git mozilla-sops

asked Mar 17 '22 at 11:58

jack_t

votes

1 answer

Running terraform plan through sops exec-file

I have an encrypted providers.tfvars.json, so running: sops exec-file provider.tfvars.json 'terraform plan -var-file={} -out terraform.todo' I expect terraform to work correctly, but I get an error from terraform: Error: Argument or block definition…

terraform mozilla-sops

asked Mar 04 '21 at 22:03

sbaildon

votes

1 answer

SOPS won't decrypt a file if encrypted with an AssumedRole (and trying to decrypt without it using the same key)

I'm looking into SOPS as a possible solution for us to encrypt secrets and push them to our repo. I've been playing around with it and it's exactly what I need, except for a small issue. I'm hoping this is me just not finding the right…

encryption amazon-kms mozilla-sops

asked Jul 06 '20 at 18:47

davidfm

votes

1 answer

Need to Give Fined grained access to Developers to access the Specific KMS key which belongs to his project

Need to get a better solution for the below problem statement:- my secrets and config are encrypted via Mozilla sops and let's say the first time Devops team will do this at there end, but DevOps team will NoT encrypt the config all the time for the…

amazon-web-services amazon-kms mozilla-sops

asked May 30 '20 at 02:24

me25

votes

1 answer

How to encrypt a value imported from a JSON file using SOPS (Secrets OPerationS) and Go?

I have a JSON file as follows. secret.json: { "secret": "strongPassword" } I want to print out an encrypted value of the key "secret". I've so far tried as follows. package main import ( "encoding/json" "fmt" "io/ioutil" …

security go mozilla-sops

asked May 16 '19 at 10:31

tet

1,287
1
17
36

-1

votes

1 answer

SOPs with Terraform using Alias's

i have a working sops solution to encrypt files using 1 aws accounts (aws_sops) KMS and then deploy the secrets to another aws accounts secret manager (aws_secrets). This is done via connecting to the aws_sops having the .sops.yaml file point at its…

amazon-web-services terraform mozilla-sops

asked Feb 10 '23 at 16:42

Staggerlee011

Prev 1