|19 days ago||4 days ago|
|Mozilla Public License 2.0||MIT License|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
1 project | reddit.com/r/arbeitsleben | 5 Dec 2021
It's Now Possible to Sign Arbitrary Data with Your SSH Keys
15 projects | news.ycombinator.com | 13 Nov 2021
Yes it is, and they are awesome. git-crypt is a godsend for smaller projects (and maybe larger ones if permissions are granular enough) -- way simpler than sops and other alternative, with native integration via git filters (smudge). I use it on a ton of projects.
What's the one thing that you or a co-worker implemented for your team that has delivered the most value?
1 project | reddit.com/r/ExperiencedDevs | 7 Nov 2021
implemented a small wrapper over sops https://github.com/mozilla/sops for credential management. this got rid of all the back and forth when creds were rotated, added or a new team-mate onboarded.
Not sure if DevOps, but a few questions.
2 projects | reddit.com/r/devops | 16 Oct 2021
SOPS is a great tool for managing secrets: https://github.com/mozilla/sops
Secure Key Management in GraphJin the instant GraphQL to SQL service
2 projects | reddit.com/r/golang | 12 Oct 2021
The `graphjin secrets` command will open an editor where you can type in your secure environment variables on saving those will be encrypted and saved. In production those variables will be decrypted and used by GraphJin after fetching the decryption key from your cloud key management service. the secrets management has been built using the Mozilla SOPS library https://github.com/mozilla/sops
Just a reminder that the Twitch leak is mostly in GO
1 project | reddit.com/r/golang | 7 Oct 2021
Or something cross-cloud like https://github.com/mozilla/sops
Trying to install MySQL (&Wordpress)
1 project | reddit.com/r/docker | 3 Oct 2021
Note: The secrets file should be generated by the CI/CD at the runtime and should not be in the version control. If you want the secrets file to be in the version control, then you should at least encrypt them and decrypt at the runtime. The encryption/decryption part can be done easily with sops. Which one is the best? Depends, but that's a different topic... Whatever suits you and your needs :)
What's your best practice to backup these sensitive files containing credentials sprinkled through projects?
3 projects | reddit.com/r/commandline | 12 Sep 2021
Ask HN: What do you use GPG for?
2 projects | news.ycombinator.com | 1 Sep 2021
Let's say you bought one of those expensive Yubikeys; the U2F stuff works well enough, and you're wondering if there's anything useful to use GPG for.
Deriving SSH keys, or working with locally encrypted secrets (via [sops](https://github.com/mozilla/sops) for instance) could maybe be something. What use cases do you have where you find GPG useful?
4 projects | reddit.com/r/u_sybrenbolandit | 31 Aug 2021
Hashicorp Vault integration with Secret objects
4 projects | reddit.com/r/kubernetes | 31 Aug 2021
It is but it affects vault-secrets-operator too, see https://github.com/ricoberger/vault-secrets-operator/issues/104 (and no, I’ve only use vault-secrets-operator)4 projects | reddit.com/r/kubernetes | 31 Aug 2021
What you’re looking for is https://github.com/ricoberger/vault-secrets-operator
Automation assistants: GitOps tools in comparison
28 projects | dev.to | 12 Aug 2021
If you are using an external KMS in any case, then there are other options, such as the kubernetes-external-secrets operator that was originally started by GoDaddy and the externalsecret-operator from Container Solutions. If you use HashiCorp Vault, you also have the option of using the Vault Secrets operator. This works similarly to the Sealed Secrets Operator, but instead of managing its own key material, it retrieves the secrets from Vault. The CNCF Technology Radar from January 2021 provides an overview of the types of tools that are available for secrets management.
What are some alternatives?
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
Vault - A tool for secrets management, encryption as a service, and privileged access management
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
git-crypt - Transparent file encryption in git
Flux - Successor: https://github.com/fluxcd/flux2 — The GitOps Kubernetes operator
helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere
argocd-operator - A Kubernetes operator for managing Argo CD clusters.
atlantis - Terraform Pull Request Automation
argo-cd - Declarative continuous deployment for Kubernetes.
terraform-provider-sops - A Terraform provider for reading Mozilla sops files
v2ray-core - A platform for building proxies to bypass network restrictions.