Reviving this thread to add that this is needed to manage secrets with external collaboration.
External collaborators might use a config.yaml outside the repo (sidesteps this issue) or they might use the Anvil Editor, which forces them to define new secrets or override the existing ones (stored in the anvil.yaml within the repo).
Currently, this issue seems to be solved for internal collaboration by either using the multi-environment feature in the Professional plan or emailing support to use the same encryption key for multiple apps on the same account.
However, this isn’t necessarily a good idea for external collaboration and open source collaboration, where collaborators are on different accounts.
I’d want secrets to be stored outside of the repo and I’d sacrifice the version control.
Alternatively, Tyler’s suggestion is quite clever - tying the secrets in the anvil.yaml to the App ID. That would probably be easier for Anvil to implement.