|19 days ago||3 days ago|
|Mozilla Public License 2.0||GNU General Public License v3.0 or later|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
1 project | reddit.com/r/arbeitsleben | 5 Dec 2021
It's Now Possible to Sign Arbitrary Data with Your SSH Keys
15 projects | news.ycombinator.com | 13 Nov 2021
Yes it is, and they are awesome. git-crypt is a godsend for smaller projects (and maybe larger ones if permissions are granular enough) -- way simpler than sops and other alternative, with native integration via git filters (smudge). I use it on a ton of projects.
What's the one thing that you or a co-worker implemented for your team that has delivered the most value?
1 project | reddit.com/r/ExperiencedDevs | 7 Nov 2021
implemented a small wrapper over sops https://github.com/mozilla/sops for credential management. this got rid of all the back and forth when creds were rotated, added or a new team-mate onboarded.
Not sure if DevOps, but a few questions.
2 projects | reddit.com/r/devops | 16 Oct 2021
SOPS is a great tool for managing secrets: https://github.com/mozilla/sops
Secure Key Management in GraphJin the instant GraphQL to SQL service
2 projects | reddit.com/r/golang | 12 Oct 2021
The `graphjin secrets` command will open an editor where you can type in your secure environment variables on saving those will be encrypted and saved. In production those variables will be decrypted and used by GraphJin after fetching the decryption key from your cloud key management service. the secrets management has been built using the Mozilla SOPS library https://github.com/mozilla/sops
Just a reminder that the Twitch leak is mostly in GO
1 project | reddit.com/r/golang | 7 Oct 2021
Or something cross-cloud like https://github.com/mozilla/sops
Trying to install MySQL (&Wordpress)
1 project | reddit.com/r/docker | 3 Oct 2021
Note: The secrets file should be generated by the CI/CD at the runtime and should not be in the version control. If you want the secrets file to be in the version control, then you should at least encrypt them and decrypt at the runtime. The encryption/decryption part can be done easily with sops. Which one is the best? Depends, but that's a different topic... Whatever suits you and your needs :)
What's your best practice to backup these sensitive files containing credentials sprinkled through projects?
3 projects | reddit.com/r/commandline | 12 Sep 2021
Ask HN: What do you use GPG for?
2 projects | news.ycombinator.com | 1 Sep 2021
Let's say you bought one of those expensive Yubikeys; the U2F stuff works well enough, and you're wondering if there's anything useful to use GPG for.
Deriving SSH keys, or working with locally encrypted secrets (via [sops](https://github.com/mozilla/sops) for instance) could maybe be something. What use cases do you have where you find GPG useful?
4 projects | reddit.com/r/u_sybrenbolandit | 31 Aug 2021
Ideas for centralized execution solution for TF and other tools
1 project | reddit.com/r/Terraform | 15 Nov 2021
So why not github actions using Atlantis?
Chaining terraform and asnible
2 projects | reddit.com/r/devops | 4 Nov 2021
The catch with this is that you'd need independent systems to actually run the code. With Terraform, that would play out as Atlantis or another similar system. With Ansible, that would be AWX. Both provide API-based capabilities to kick off jobs, and both can be configured to sync up with git repos prior to job kickoff. If you're using gitlab CI, it can handle the process orchestration for each system (rather than running the code directly).
Terraform & Makefiles - Better options?
4 projects | reddit.com/r/devops | 26 Oct 2021
My opinion is that people shouldn't be running terraform directly, it should be run from git https://www.runatlantis.io . PRs get previewed automatically, Mergable (meaning reviewed and approved) PRs are run, closed and merged automatically by atlantis.
GitOps using terraform
2 projects | reddit.com/r/Terraform | 15 Oct 2021
Use Atlantis https://www.runatlantis.io/
Self-service automation portal - recommendations?
1 project | reddit.com/r/devops | 10 Oct 2021
It’s not a dedicated UI but it’s a fairly automated solution. https://www.runatlantis.io
Terraform Pull Request Automation | Atlantis
1 project | reddit.com/r/savedForMS | 7 Oct 2021
Guys any suggestions on alternative to Terraform enterprise
1 project | reddit.com/r/Terraform | 1 Oct 2021
Newbie - reviewing long plans
2 projects | reddit.com/r/Terraform | 27 Sep 2021
For a more wholistic option, you could try something like https://www.runatlantis.io/ to move your terraform runs into a different medium, where review of large plans might be easier.
Terraform vs. CDK vs. CloudFormation vs. ???
1 project | reddit.com/r/aws | 25 Sep 2021
The downside to Terraform is that you'll be running your own IaC workers - whether this is cooking your own scripts, setting up Atlantis servers or shelling out for the very expensive (but very time-saving) Terraform Cloud is your business. If you want to hit the ground running but still "do it right" this can be an issue, but you can always fall back on the traditional "works on my machine!".
Building on Terraform | Apps for Terraform
1 project | reddit.com/r/Terraform | 21 Sep 2021
What are some alternatives?
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
terraform-github-actions - Terraform GitHub Actions
argo-cd - Declarative continuous deployment for Kubernetes.
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
Vault - A tool for secrets management, encryption as a service, and privileged access management
backstage - Backstage is an open platform for building developer portals
tfsec - Security scanner for your Terraform code [Moved to: https://github.com/aquasecurity/tfsec]
git-crypt - Transparent file encryption in git
awx - AWX Project
checkov - Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere