Encrypt Your Sensitive Information Before Storing It - Encrypting with Mozilla SOPS and AGE

Committing secrets to your Git Repo can expose information like passwords, access tokens, and other types of sensitive information. Some might think that committing secrets to a private Git Repo is OK, but I am here to tell you it's not. If you're going to commit secrets to a git repo, private or public, you should encrypt them first using Mozilla SOPS (Secret Operations) and AGE. SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. Age is a simple, modern and secure file encryption tool, format, and built using Go. It can encrypt and decrypt your files making then safe enough to commit to your Git repos! Video Notes: https://technotim.live/posts/secret-encryption-sops/ A HUGE thanks to Datree for sponsoring this video! Combat misconfigurations. Empower engineers. https://www.datree.io Support me on Patreon: https://www.patreon.com/technotim Sponsor me on GitHub: https://github.com/sponsors/timothystewart6 Subscribe on Twitch: https://www.twitch.tv/technotim Become a YouTube member: https://www.youtube.com/channel/UCOk-gHyjcWZNj3Br4oxwh0A/join Merch Shop: https://l.technotim.live/shop Gear Recommendations: https://l.technotim.live/gear Get Help in Our Discord Community: https://l.technotim.live/discord 2nd channel: https://www.youtube.com/@TechnoTimTalks (Affiliate links may be included in this description. I may receive a small commission at no cost to you.) 00:00 - Are Private repos safe to commit secrets? 01:02 - What is Mozilla Sops and Age 01:58 - Ad: Datree - Prevent Kubernetes Misconfigurations 03:18 - Getting Started with SOPS 04:26 - Getting Started with Age Encryption 05:32 - Creating an Encryption Key Pair 07:43 - Encrypting and Decrypting YAML (.yml / .yaml) 12:59 - Encrypting and Decrypting Kubernetes Secrets 14:35 - VSCode SOPS Extension 17:05 - Encrypting and Decrypting ENV (dotenv / .env) 19:35 - Encrypting and Decrypting JSON (.json) 20:54 - Encrypting and Decrypting INI (.ini) 22:14 - Encrypting and Decrypting ANY File 24:01 - I Love Encrypting Now That I Know How! 24:39 - Stream Highlight - "105 Days of HomeLab" Music By Harris Heller https://l.technotim.live/sb-music-license Some video clips are licensed under Creative Commons license. Videos clips are from Yaroslav Shuraev, Mikhail Nilov, Matthew Lee Moore, KoolShooters, Tima Miroshnichenko Thank you for watching!