I learned that access to the private is necessary for sops edit to decrypt values! sops edit doesn't support unencrypting some keys but not others. (I would be interested in this feature though) Instead, if you only have access to the public key, you can delete the old encrypted field and reprovision the password with sops --encrypt. This allows workflows where only the public key is available to developers. You can even add this to your Makefile to make it easy to rotate your db password (such as when somebody leaves your team to go to a different company) Sorry for the late response! Cool question
Hi Leigh did you manage to debug the issue you were having with sops edit ? Thanks in advance
Such suspense!!
I learned that access to the private is necessary for sops edit to decrypt values!
sops edit doesn't support unencrypting some keys but not others.
(I would be interested in this feature though)
Instead, if you only have access to the public key, you can delete the old encrypted field and reprovision the password with sops --encrypt.
This allows workflows where only the public key is available to developers.
You can even add this to your Makefile to make it easy to rotate your db password (such as when somebody leaves your team to go to a different company)
Sorry for the late response! Cool question
Easiest to ping me directly on twitter, the k8s slack, or the CNCF slack
Hi Leigh, what terminal are you using ? Is it light weight and fast ? Tyia.
Easiest to ping me directly on twitter, the k8s slack, or the CNCF slack
Leigh should have to do a rap at the startup of every video
Brainstorming for this upcoming year 🤔