加载中
正在获取最新内容,请稍候...
SOPS: Simple, Flexible Secrets Management for Developers and DevOps
SOPS (Secrets OPerationS) is a simple and flexible tool for managing secrets in file formats like YAML, JSON, ENV, INI, and BINARY. It encrypts secrets using AWS KMS, GCP KMS, Azure Key Vault, HashiCorp Vault, age, and PGP. Integrated well into Git workflows.
Go
Added on 2025年7月3日18,822
Stars943
ForksGo
LanguageProject Introduction
Summary
SOPS offers a robust yet simple solution for encrypting sensitive data stored in configuration files, allowing teams to safely commit encrypted secrets to their version control systems alongside their code. It leverages various key management systems for strong encryption.
Problem Solved
Storing sensitive information like API keys, database credentials, or certificates directly in source control or configuration files is insecure. Managing these secrets securely across development, staging, and production environments without complex infrastructure is challenging.
Core Features
Multi-Format Support & In-Repo Encryption
Encrypts secrets in various file formats (YAML, JSON, ENV, INI, BINARY) directly within your repository.
Multiple KMS & Key Backend Integration
Supports multiple key management services (KMS) including AWS KMS, GCP KMS, Azure Key Vault, HashiCorp Vault, as well as age and PGP for flexible encryption backends.
Intuitive CLI
Provides a command-line interface for easy encryption, decryption, and editing of secret files.
Tech Stack
Go
使用场景
SOPS is versatile and can be applied in numerous scenarios where secure secret storage and management are critical:
Application Configuration Secrets
Details
Encrypt configuration files containing sensitive API keys, database passwords, or service credentials before committing them to Git repositories.
User Value
Ensures sensitive application settings are never stored in plaintext in source control, reducing the risk of exposure.
Kubernetes Secret Management
Details
Manage Kubernetes Secrets by encrypting YAML manifests containing sensitive data like TLS certificates or docker registry credentials.
User Value
Provides a secure, version-controlled way to manage sensitive information deployed to Kubernetes clusters.
Recommended Projects
You might be interested in these projects
dagster-iodagster
Discover Dagster, the data orchestration platform designed for the development, production, and observation of data assets. Streamline your data pipelines and improve reliability.
Python
132661700
jeessy2ddns-go
This project provides a robust and easy-to-use solution for dynamic DNS (DDNS), automatically updating DNS records for various cloud providers and services.
Go
144651639
baomidoumybatis-plus
MyBatis-Plus is an enhanced toolkit for MyBatis that simplifies development by providing powerful features to streamline common database operations and configurations. It aims to boost productivity for Java developers.
Java
168984389