You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The purpose is to check SOPS files for correct and compliant usage without decrypting the SOPS files to ensure that all SOPS files are configured in the desired fashion. The goal is to provide a security linter that safeguards the security of the data protected by the SOPS files against common mistakes and against malicious configurations.
Hi,
first of all I would like to express my deepest gratitude for SOPS - it is a game changer for managing operational secrets!
We are currently working on an Open Source SOPS file security linter and compliance checker and would be happy for more thoughts from the SOPS community: https://github.com/Bonial-International-GmbH/sops-compliance-checker/pull/1/files and comments / suggestions are welcome there or here in this issue.
The purpose is to check SOPS files for correct and compliant usage without decrypting the SOPS files to ensure that all SOPS files are configured in the desired fashion. The goal is to provide a security linter that safeguards the security of the data protected by the SOPS files against common mistakes and against malicious configurations.
See the slides or English video / German video of my Cloud & Offline Secrets Management - Managing operational secrets with SOPS talk for more background and the motivation.
Kind regards,
Schlomo Schapiro
The text was updated successfully, but these errors were encountered: