What does HackerNews think of sops?

Simple and flexible tool for managing secrets

Language: Go

#10 in Amazon Web Services
#4 in Azure
#47 in Security
The Twelve-Factor App (2011) | Oct 2023
Expand Context ↕
For anyone new to SOPS like I was - https://github.com/getsops/sops
Ask HN: Any Encrypted Notes Backup? | Sep 2023
Expand Context ↕
Thanks! Another useful tool that can be added into a solution:

https://github.com/getsops/sops
OpenTF announces fork of Terraform | Aug 2023
Expand Context ↕
> > Maybe something that supports backends like AWS KMS (for encryption) or AWS Secret Manager (for storing/retrieving ) secrets.

> This is actually a feature I'd love OpenTF to have and am quite passionate about, personally

You're probably already aware, but SOPS¹ kinda fits the bill for integration here perfectly.

It supports local secrets as well as encryption via keys stored with all the big cloud providers, and it's already battle-tested as it is used heavily at Mozilla (it comes from there).

Additionally, like OpenTF, SOPS is maintained independently of any single corporation, written in Go, and distributed under the MPL-2.0 license. On its face, it seems like a match made in heaven.

SOPS is a great tool and could be a pretty killer starting point for this stuff!

--

1: https://github.com/getsops/sops
Check your secrets into Git [video] | Aug 2023
Basically, the simpler the better -- just encrypt your secrets and check them in to version control.

We use SOPS[0] for this, and have found it to be pretty nice.

[0]: https://github.com/getsops/sops

Shamir Secret Sharing | Aug 2023
This is pretty cool!

Mozilla SOPS¹ also supports this, but it's not nearly as user friendly for non-technical folks. Probably one of those solutions you reviewed before creating Banana Split!

--

1: https://github.com/getsops/sops