Very useful. My architect is asking me to create the secrets for my application. He told me to use a tool called sops. Thank you for helping me understand what it is for and how it works.
This really is an excellent introduction! Thanks for “taking the edge off” to make it so much more approachable. I’m considering it for Kubernetes, so the article from Frederic Hemberger was super helpful too; I’m glad you ended with that. 😊
Very useful guide. Can sops encrypt .env file values? Case: My containers work with environment variables, I need to encrypt them in .env file and pass them through container in decrypted state when container initializes.
Great Video. I have one query though. How do I make my PGP key available for SOPS encryption/decryption every time I build my docker image?I can't include it in the docker file or as part of ENV variables. That defeats the whole purpose. where do I store keep my pgp keys?
docker has a new flag called `secrets` github.com/moby/moby/issues/13490 medium.com/@tonistiigi/build-secrets-and-ssh-forwarding-in-docker-18-09-ae8161d066
The PGP method is intended for simple personal use on your own machine, or for last-ditch backup. It’s not really intended for more involved scenarios with VMs, CI, and so on. There may be a good direct answer to your immediate question, but I think the better answer to the more general question is: Use a method other than PGP as your primary intended method.
foo, bar and baz are conventional example names used in software. In his example "foo" was a "key", aka the name of some item, while "bar" was the item to be encrypted.
Very useful. My architect is asking me to create the secrets for my application. He told me to use a tool called sops. Thank you for helping me understand what it is for and how it works.
This really is an excellent introduction! Thanks for “taking the edge off” to make it so much more approachable. I’m considering it for Kubernetes, so the article from Frederic Hemberger was super helpful too; I’m glad you ended with that. 😊
Very insightful video tutorial for handling secrets 👏
At 08:59 you say "Message Access Control" for MAC. Isn't it "Message authentication code" or I'm missing something here?
This is very useful explanation video, thank you
Very useful guide. Can sops encrypt .env file values? Case: My containers work with environment variables, I need to encrypt them in .env file and pass them through container in decrypted state when container initializes.
Do you have more videos planned for SOPS?
Thank you, so cool explanation.
Thanks for taking the time to explain this
Quite a good introductory video.
thx so much, fantastic tutorial
Very accessible, thank you!
Very useful, great stuff
Great Video. I have one query though. How do I make my PGP key available for SOPS encryption/decryption every time I build my docker image?I can't include it in the docker file or as part of ENV variables. That defeats the whole purpose. where do I store keep my pgp keys?
docker has a new flag called `secrets` github.com/moby/moby/issues/13490 medium.com/@tonistiigi/build-secrets-and-ssh-forwarding-in-docker-18-09-ae8161d066
The PGP method is intended for simple personal use on your own machine, or for last-ditch backup. It’s not really intended for more involved scenarios with VMs, CI, and so on. There may be a good direct answer to your immediate question, but I think the better answer to the more general question is: Use a method other than PGP as your primary intended method.
I think this might be the blog post that 404s on the video: frederic-hemberger.de/articles/manage-kubernetes-secrets-with-sops/
Could you clarify where the foo:bar actually comes into play in the process? Specifically, what role does foo play?
foo, bar and baz are conventional example names used in software. In his example "foo" was a "key", aka the name of some item, while "bar" was the item to be encrypted.
Awesome!
You're a legend
Thank for not being on full screen all time.
Great video. Please show an Azure Demo.