https://github.com/karinushka/paneru does that
We (Mozilla) store our SOPS-encrypted files in git repos and we don't really get merge conflicts, but that's just because we structure secret files in a way such that two people don't edit the same file at the same time…
Could you go further into why SOPS scales badly?
If you care about this, you can use Shamir Secret Sharing to require two (or more) keys to recover the encrypted file. So even if AWS was malicious, they still wouldn't be able to get the file without your other key…
https://github.com/karinushka/paneru does that
We (Mozilla) store our SOPS-encrypted files in git repos and we don't really get merge conflicts, but that's just because we structure secret files in a way such that two people don't edit the same file at the same time…
Could you go further into why SOPS scales badly?
If you care about this, you can use Shamir Secret Sharing to require two (or more) keys to recover the encrypted file. So even if AWS was malicious, they still wouldn't be able to get the file without your other key…