Skip to content

[Feature]: age / sops support for encrypted configuration #302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mattgianni opened this issue Apr 17, 2025 · 0 comments · May be fixed by #303
Open

[Feature]: age / sops support for encrypted configuration #302

mattgianni opened this issue Apr 17, 2025 · 0 comments · May be fixed by #303
Assignees
@mattgianni @juliagoolia @BeeSeeWhy
Labels
documentation Improvements or additions to documentation enhancement New feature or request

Comments

@mattgianni
Copy link
Collaborator

What feature or enhancement are you requesting?

To improve security and support Google API features consider using introducing age and sops for environment variable / credentials encryption.

The Google API requires a service account and an associated credentials JSON file to access resources like the Sheets and Drive API. Google active scans the Internet for these security credentials, and if found in plain-text, the credential keys are revoked, effectively disabling the associated service account.

age and sops would allow us to share sensitive keys through GitHub/Notion/email/etc. using encryption.

⚠️ Both age and sops are well supported on modern platforms, but they are not installed by default. They require installation and a small learning curve to use correctly. For example, developers would need to securely manage their own public/private key pairs.

Contact Details

No response
@mattgianni mattgianni added documentation Improvements or additions to documentation enhancement New feature or request labels Apr 17, 2025
@mattgianni mattgianni linked a pull request Apr 17, 2025 that will close this issue
Feature/age-sops-encryption #303
Draft
@mattgianni mattgianni moved this to In Development in Support SFUSD Apr 18, 2025
@mattgianni mattgianni moved this from In Development to In Review in Support SFUSD Apr 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mattgianni mattgianni

@juliagoolia juliagoolia

@BeeSeeWhy BeeSeeWhy

Labels
documentation Improvements or additions to documentation enhancement New feature or request
Projects
Support SFUSD
Status: In Review
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Feature/age-sops-encryption sfbrigade/support-sfusd
3 participants
@mattgianni @juliagoolia @BeeSeeWhy