Show HN: Clef – Manage secrets in Git with SOPS and plugin production delivery

Category: security

Tags: secrets-management, sops, git-native, cli-tool, kms

Score: 6.5/10 (Innovation: 7, Technical: 6, Documentation: 7, Utility: 6)

Clef is a secrets management CLI that layers a structured namespace-by-environment matrix, schema validation, drift detection, and a web UI on top of Mozilla SOPS, keeping secrets encrypted in git. It bridges the gap between SOPS's raw encryption and enterprise needs like audit trails and access control by leveraging existing KMS infrastructure. The project is innovative in its opinionated 'secrets-as-code' approach while relying on proven building blocks.

Target audience: backend devs, devops, platform engineers

Repository: https://github.com/clef-sh/clef · TypeScript · MIT · 3 stars

View on Hacker News