{"id":24388153,"url":"https://github.com/masterpointio/sops-demo","last_synced_at":"2026-04-04T06:05:20.956Z","repository":{"id":220592703,"uuid":"752036697","full_name":"masterpointio/sops-demo","owner":"masterpointio","description":"A simple example of getsops/sops for a talk I'm giving at Denver Platform Engineering Meetup","archived":false,"fork":false,"pushed_at":"2024-02-02T22:54:10.000Z","size":11,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-03-07T00:59:11.578Z","etag":null,"topics":["secrets","secrets-management","sops","sops-demo"],"latest_commit_sha":null,"homepage":"https://masterpoint.io","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/masterpointio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2024-02-02T21:45:52.000Z","updated_at":"2024-12-30T14:38:25.000Z","dependencies_parsed_at":"2024-02-02T23:48:19.634Z","dependency_job_id":null,"html_url":"https://github.com/masterpointio/sops-demo","commit_stats":null,"previous_names":["masterpointio/sops-demo"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterpointio%2Fsops-demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterpointio%2Fsops-demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterpointio%2Fsops-demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterpointio%2Fsops-demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/masterpointio","download_url":"https://codeload.github.com/masterpointio/sops-demo/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243294928,"owners_count":20268308,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["secrets","secrets-management","sops","sops-demo"],"created_at":"2025-01-19T13:56:31.681Z","updated_at":"2025-12-27T09:27:22.734Z","avatar_url":"https://github.com/masterpointio.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# SOPS Demo\n\nA simple demo of [getsops/sops](https://github.com/getsops/sops). \n\nThis is for a talk I'm giving at [the Denver Platform Engineering Meetup](https://www.meetup.com/platform-engineering-denver/events/298484340/) on 02/07/24.\n\n## Installing SOPS\n\nTo install SOPS, you have two options:\n\n1. Use `aqua` to install (Recommended because aqua is another great tool that I could give an entire talk on):\n   1. [Install aqua via the instructions on their site](https://aquaproj.github.io/docs/install).\n   2. Once `aqua` is installed, run `aqua install` at the root of the directory.\n2. [You can install SOPS directly from their releases page](https://github.com/getsops/sops/releases).\n\n## Using SOPS Yourself\n\n### AWS Secrets\n\nFor the AWS Secrets file, you can't unfortunately 😅\n\nThe whole point to utilizing `sops` for the \"secret\" values that we are storing in `secrets/aws-secrets.yaml` is that you would need to have access to my AWS Account's KMS key to be able to decrypt those secrets. So if you try to run `sops secrets/aws-secrets.yaml` like I do during the demo, this will fail because you don't have access to the AWS KMS key that I used to create that file and therefore the tool can't decrypt the secret values.\n\nIf you want to bring your own AWS KMS key and use that with SOPS, you can go ahead and do that by running the following:\n\n```bash\nsops --kms $YOUR_KMS_KEY_ARN secrets/my-own-aws-secrets.yaml\n```\n\n### age Secrets\n\n[`age`](https://github.com/FiloSottile/age) is simple, modern and secure file encryption tool, format, and Go library.\n\nWe **can** use `age` to allow you to demo the `secrets/age-secrets.yaml` file locally! This is because `age` works with simple public / private keys and we've checked the private key into `./key.txt`, so that you can use it locally.\n\nTo demo / edit the `secrets/age-secrets.yaml` file, you don't even need `age` installed! You just need to run the following from the root of this project:\n\n```bash\nSOPS_AGE_KEY_FILE=key.txt sops secrets/age-secrets.yaml\n```\n\nThat will open a new editor for you where you can edit the decrypted values and upon exiting that editor, it will decrypt them with the `age` key 🎉\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmasterpointio%2Fsops-demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmasterpointio%2Fsops-demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmasterpointio%2Fsops-demo/lists"}