sops
Simple and flexible tool for managing secrets in version control
SOPS (Secrets OPerationS) is an editor for encrypted files that supports multiple file formats including YAML, JSON, ENV, INI, and binary files. It provides seamless encryption and decryption capabilities using various key management systems including AWS KMS, GCP KMS, Azure Key Vault, HuaweiCloud KMS, age, and PGP. The tool is designed to make handling encrypted configuration files and secrets as simple as editing plain text files.
SOPS transparently handles encryption and decryption, allowing users to edit encrypted files with their preferred text editor. When you run 'sops edit filename.yaml', it decrypts the file, opens it in your editor, and automatically re-encrypts it when you save. The encrypted files contain all the metadata needed for decryption, making it easy to share encrypted configurations across teams while maintaining security.
This tool is particularly valuable for DevOps engineers, security teams, and developers who need to manage secrets and sensitive configuration data in version control systems. SOPS enables secure storage of passwords, API keys, and other sensitive data in Git repositories without exposing them in plain text, while still allowing authorized team members to easily edit and update these files.
Installation
# via Binary download
Download from https://github.com/getsops/sops/releases
# via From source
git clone https://github.com/getsops/sops.git $GOPATH/src/github.com/getsops/sops/ && cd $GOPATH/src/github.com/getsops/sops/ && make install
