This is an example on how to manage and deploy your .env secrets via sops and pgp encrypted into python scripts.
- sops
- gnupg
- pinentry
run install_dependencies.sh
to install above dependencies for ubuntu. currently sops v3.8.1 is installed. please check here for latest release.
pgp key (generated with gnupg) without passphrase (for ease of use in automatically executed python scripts, works just as well with passphase for pgp key). public pgp key added to .env file via sops, readme here.
run initial_setup.sh
to create python venv and install python dependencies.
via run.sh
to ensure that venv is sourced.
- SOPS Readme on how to use sops.
- python subprocesses on how subprocesses is used.
- python-dotenv stream string into env on how stream works.
- gupg and pgp on how to generate and manage pgp keys.