Call it overkill, but I would see no reason not to go both private repo + encrypted creds.
Is ansible vault encryption brute force proof? I have no idea. I could spend an hour and figure out. But why not just follow decent engineering principles and double lock my door?
Is ansible vault encryption brute force proof? I have no idea. I could spend an hour and figure out. But why not just follow decent engineering principles and double lock my door?