https://devops.sarmento.org/en/tags/secret-management/Recent content in Secret-Management on /var/log/janioHugoenTue, 26 May 2026 06:23:46 +0000https://devops.sarmento.org/en/posts/secret-management-macos-linux/Sun, 17 May 2026 11:54:00 +0000https://devops.sarmento.org/en/posts/secret-management-macos-linux/<p>At some point in the life of almost every sysadmin, there comes a slightly uncomfortable realization: too many secrets are scattered across the environment.</p> <p>A password inside a <code>.env</code> file here, a token buried in shell history there, a forgotten webhook inside a <code>docker-compose.yml</code>, an API key hardcoded into a “temporary” script that somehow survived for two years in production. None of those things seem catastrophic individually. The problem is that infrastructure rarely collapses because of one gigantic mistake; most of the time, it collapses under the accumulated weight of dozens of tiny operational shortcuts.</p>