However, storing secrets in a git repo is still not as good as a purpose built store, because the access control on git is not fine grained enough.
Access is per-repo, so if you have enough secrets and disparate interested parties, the number of required repos could make a dedicated alternative far more manageable.
Access is per-repo, so if you have enough secrets and disparate interested parties, the number of required repos could make a dedicated alternative far more manageable.