I wrote this tool because I didn't want to pull in SOPS for a small project.
We just wanted to share some deployment secrets across our team.
https://github.com/itsfarseen/age-store
We use an architecture similar to SOPS.
There is a master age key that is encrypted to all the members of the team.
All files are encrypted using the master key.
To decrypt a file, the user first decrypts the master key and uses that to decrypt the file.
When removing a user, the master key is rotated and all files are re-encrypted.
I wrote this tool because I didn't want to pull in SOPS for a small project.
We just wanted to share some deployment secrets across our team.
https://github.com/itsfarseen/age-store
We use an architecture similar to SOPS.
There is a master age key that is encrypted to all the members of the team.
All files are encrypted using the master key.
To decrypt a file, the user first decrypts the master key and uses that to decrypt the file.
When removing a user, the master key is rotated and all files are re-encrypted.