diff --git a/dojo/run.py b/dojo/run.py
index 99c21daa62841200b8351c1556e4370f65e2b621..b78443367995562bf590e011b7cb65d31ef657b7 100644
--- a/dojo/run.py
+++ b/dojo/run.py
@@ -25,15 +25,15 @@ class Entrypoint(object):
             jobs_config = self._read_yaml(config_file)
             base_config['jobs'].update(jobs_config['jobs'])
 
+        # Build secrets by decrypting available JSONs
+        env_json_secrets_path = os.path.join(config, 'secrets.%s.json.enc' % (env, ))
+        secrets = Secrets().decrypt(env_json_secrets_path)
+
         # Build the envionment-specific config, and merged to rendered config.json.
         env_config_path = os.path.join(config, 'config.%s.yml' % (env, ))
         env_config = self._read_yaml(env_config_path) or {}
         config = deep_merge(base_config, env_config)
 
-        # Build secrets by decrypting available JSONs
-        env_json_secrets_path = os.path.join(base_config_path, 'secrets.%s.json.enc' % (env, ))
-        secrets = Secrets.decrypt(env_json_secrets_path)
-
         # Build the job.
         job = self._build_job(name, config, secrets, runner)
 
diff --git a/dojo/secrets.py b/dojo/secrets.py
index ee4b09aaeaa8b615cac7b44c7e7208b44647ab06..d79fa4d961ab73eb695f0816a634abadac98cef0 100644
--- a/dojo/secrets.py
+++ b/dojo/secrets.py
@@ -32,9 +32,10 @@ class Secrets(object):
         secrets_file = self._read_file(json_secrets_path)
 
         # If there aren't any encrypted files, try loading the unecrypted file instead
-        if os.path.isfile(json_secrets_path.split('.enc')[0]) and not os.path.isfile(json_secrets_path):
+        unecrypted_secrets_file = json_secrets_path.split('.enc')[0]
+        if os.path.isfile(unecrypted_secrets_file) and not os.path.isfile(json_secrets_path):
             try:
-                secrets = json.loads(open(json_secrets_path.split('.enc')[0]).read())
+                secrets = json.loads(open(unecrypted_secrets_file).read())
             except ValueError as e:
                 raise ValueError(e)
         else:
@@ -46,6 +47,9 @@ class Secrets(object):
                 raise ValueError(e)
             try:
                 secrets = json.loads(out)
+                # TODO perhaps only write to file in the dev enviroment
+                with open(unecrypted_secrets_file, 'w') as f:
+                    json.dump(secrets, f, sort_keys=True, indent=4)
             except ValueError as e:
                 raise ValueError(e, out)
 
diff --git a/setup.py b/setup.py
index 9afdf28d27270486d9d85b64c37d5933a89bc628..56f9c6a785496e49bd78ac8d64ffcd0fb417b7cf 100644
--- a/setup.py
+++ b/setup.py
@@ -5,7 +5,7 @@ from setuptools import setup, find_packages
 
 setup(
     name='dojo',
-    version='0.0.41',
+    version='0.0.42',
     description='A framework for building and running your data platform.',
     author='Data Up',
     author_email='dojo@dataup.me',