We use terraform to describe cloud infrastructure, check all k8s configmaps and secrets into source control (using sops to securely store secrets in git).
Curious about why you're using SOPS [1] instead of say, hashicorp vault or AWS/GCP's integrated keystores or git-crypt, etc?