From e3a8167722a69dcc5c2aee426449e7f65a5e163a Mon Sep 17 00:00:00 2001
From: banst <bastien@loftorbital.com>
Date: Fri, 10 Nov 2023 14:22:56 +0100
Subject: [PATCH] docs: update secret doc to use FIFO instead of temporary file

---
 docs/bundle-secrets.md | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/docs/bundle-secrets.md b/docs/bundle-secrets.md
index 2dea083f..8708df82 100644
--- a/docs/bundle-secrets.md
+++ b/docs/bundle-secrets.md
@@ -121,7 +121,7 @@ $ timoni bundle build -f bundle.cue --runtime-from-env | grep redis
 ## SOPS secrets
 
 When using [SOPS](https://github.com/getsops/sops),
-we can decrypt the secrets and pipe
+we can decrypt the secrets and [inject](https://github.com/getsops/sops#passing-secrets-to-other-processes)
 those values to env vars, then use `--runtime-from-env`.
 
 Another option is to extract the secret values of a Timoni Bundle to an YAML or JSON file,
@@ -164,9 +164,5 @@ at apply-time we can run the SOPS decryption,
 and pass the plain YAML to Timoni's apply command like so:
 
 ```shell
-sops -d bundle.secret.yaml > bundle.secret.plain.yaml
-
-timoni bundle apply -f bundle.main.cue -f bundle.secret.plain.yaml
-
-rm bundle.secret.plain.yaml
+sops exec-file --filename secrets.yml bundle.secret.yaml 'timoni bundle apply -f bundle.main.cue -f {}'
 ```