I haven't solved the problem of sensitive .env files sitting around on my computer.
`sops exec-env`
I have an alias set for when I'm working with opentofu:
`alias tfenter='sops exec-env secrets.yaml "/bin/bash"'`
I encrypt with openbao's transit engine and backup age key kept in a password manager, so no secrets live on disk.
alt Hacker News
`sops exec-env`
I have an alias set for when I'm working with opentofu:
`alias tfenter='sops exec-env secrets.yaml "/bin/bash"'`
I encrypt with openbao's transit engine and backup age key kept in a password manager, so no secrets live on disk.