Secret environment variables allow us to keep our configuration in version control. I like this idea, but it's currently difficult to use in a continuous delivery setup.
It would be better if we could run a doctl command to encrypt the environment variables when we change them locally. That way, I can add a new secret variable, encrypt it, add it to version control, and deploy from GitHub Actions.
Currently I deploy locally first so that I can get the encrypted variables to add to version control. It breaks automation.