I have a set of passwords which I have saved in git repo. But I want to keep the file always encrypted. But in my automation, I should be able to decrypt and read data from that file.
Any idea how its possible ?
Asked
Active
Viewed 212 times
0
-
Does this answer your question? [Node.js encrypts large file using AES](https://stackoverflow.com/questions/27345839/node-js-encrypts-large-file-using-aes) – O. Jones Apr 22 '21 at 11:58
-
I use SOPS to do something similar, and use a KMS key from AWS. Your CD would then either make environment variables or config files from decryption – LostJon Apr 22 '21 at 11:58
-
1Warning: this is **not** secure unless you never, ever, even once, check the decryption key into git. Usually these sorts of secrets are handled with environment variables. Cybercreeps love to dig around on github looking for passwords to steal. If you have ever pushed that file to github unencrypted, change those passwords **now.** – O. Jones Apr 22 '21 at 12:00