Why you should put secrets in git

Nikolai Norman Andersen

Aulan 15:20-15:40

Development

Encrypted secrets that is! I'll demonstrate tools and techniques that will enable you to version control your secrets alongside the code it belongs to. Easily share secrets with new team members and get a full audit log as a bonus. And it's all according to modern security practices.

I will introduce you to SOPS and how you can use keys stored in secure remote services like Azure Key Vault or HashiCorp Vault. Access is easily controlled through the same identity you use for other services. I'll also show some gotchas to be aware of, but let's not be afraid of putting our secrets in git!

About the speaker

Nikolai specializes in how processes and technology work together to enable continuous delivery of solutions. He is always searching for ways to deliver fast without compromising quality. He loves problems related to distributed systems, automation and infrastructure, but shines when focusing on developer experience and deployment pipelines.