Vault by HashiCorp VS git-secret

Before you start, just a friendly reminder that HashiQube by default runs Nomad, Vault, and Consul on Docker. In addition, we’ll be deploying 21 job specs to Nomad. This means that we’ll need a decent amount of CPU and RAM, so Please make sure that you have enough resources allocated in your Docker desktop. For reference, I’m running an M1 Macbook Pro with 8 cores and 32 GB RAM. My Docker Desktop Resource... - Source: dev.to / over 1 year ago

When running cron jobs on Amazon EC2, you can, for example, use a secrets store like Vault. With Vault, your cron jobs can dynamically get the credentials they need. The secrets don’t get stored on the machine that’s running the cron jobs, and if you change a secret, the cron jobs will automatically receive that change. The downside of implementing a solution like Vault, however, is the overhead of managing the... - Source: dev.to / about 2 years ago

Vaultproject.io handles secrets management, so dynamic policies deal with database creds etc. "Manual" creds are stored in 1password or lastpass and added manually to Vault if it needs rebuilding. Source: over 2 years ago

It's all in the blog series, including sample configuration, but it's vaultproject.io and it allows you to do everything from managing simple secrets to auto-rotation of database credentials or even run your own KPI setup. Source: over 2 years ago

Our team is experimenting with Hashicorp Vault as our new credentials management solution. Thanks to the offical Vault Helm Chart, we are able to get an almost production-ready vault cluster running on our Kubernetes cluster with minimal effort. - Source: dev.to / almost 3 years ago

Git Secret is an essential bash tool for developers and DevOps professionals, offering a robust solution for secret management within a Git repository. This open-source tool effectively encrypts sensitive files and data, ensuring that confidential information like passwords, keys, and credentials are securely stored in the repository. - Source: dev.to / 4 months ago

Secrets inside the repo. All the credentials, ssh keys, VPN configs can be stored directly in the repo with support of the git secret. Gpg key is optional: config works fine if it is not provided and secrets are not decrypted. Source: 7 months ago

You might notice that some of the environmental variables have funky values that look more like template placeholders. For example "SESSION_STORAGE_SECRET=${SESSION_STORAGE_SECRET}". That's because there's a .env file that contains those (you can see it in the root of the GitHub repository page. As a good practice I try to isolate anything that needs to be secret right off the top. So even though this is a... - Source: dev.to / 9 months ago

There are a number of possible solutions: https://github.com/spwhitton/git-remote-gcrypt https://github.com/AGWA/git-crypt https://github.com/sobolevn/git-secret Most people who self-host a Git repository are fine with just transport-level encryption (TLS). - Source: Hacker News / almost 2 years ago

Hey guys, So I'm using git-secret as of now. Just stumbled across Mozilla SOPS today and finding it interesting. Which one you guys recommend and why? Advantages and disadvantages of each? I think SOPS is more robust and stable since it is being maintained by a large organization? Please correct me if I'm wrong. Help is appreciated. Source: almost 2 years ago