I have some secrets that I store in a text file that is encrypted with git-crypt and committed to Git. This lets me share these secrets with other trusted people or across several development computers even if the Git repo is public. The current workflow on a development computer is to unlock the encrypted text file, load the contents into environment variables, and then run the app or deploy it.
I’d like to do the same on CircleCI. git-crypt has a way to export a symmetric private key that can unlock the encrypted file, but the key is a binary file. I can’t set it as the value of a secret environment variable in the CircleCI UI. I’m thinking to convert the key from binary to base64, set it as an environment variable, and then convert it back on the CI host. Has anyone else run into this problem and solved it though?