Managing Git/Docker secrets with SOPS The classic problem in cloud engineering is that you have a bunch of API keys, secrets and passwords you need to have available to your code but not available to others. The ideal solution looks like: You have your secrets in Git so you can merge them into config files They’re not availble to anybody who gets a copy of your repo Your machines can easily decryp