What are best practices for keeping the vault files/secrets in a Trellis repository safe?
git-crypt looks nice but it hadn’t been updated for some years now.
Use git hooks with Husky to prevent committing the unencrypted vault file.
Unfortunately a pre-receive hook is not available on GitHub.com. But you could still use a GitHub Action that would trigger an alert and do other things if unencrypted data is committed.
1 Like
This topic was automatically closed after 42 days. New replies are no longer allowed.