SCTL is not End2End encryption, instead SCTL is more of an envelope, in which you store secrets until they are needed, and those secrets should only remain available in plain text while the operation that needs them is active.
sctl read will scan the envelope and attempt to find the NAMED secret.
If its found, it will decode, decrypt, and display the secret value.
This is to help ease the use-case for reading secrets serialized to
state without needing to intercept the values in an intermediary
process, similar to the hacky work-around of running sctl run env just
to view the secrets.
sctl read will scan the envelope and attempt to find the NAMED secret. If its found, it will decode, decrypt, and display the secret value. This is to help ease the use-case for reading secrets serialized to state without needing to intercept the values in an intermediary process, similar to the hacky work-around of running
sctl run envjust to view the secrets.This feature needs test coverage before merge.