Lib.rs

Cryptography
#api-key #secret #version-control #encryption #env-var #encrypting #variables

app envault

A tool for managing secrets

Owned by kentrino.

3 releases

0.0.3 Jan 4, 2024
0.0.2 Jan 3, 2024
0.0.1 Jan 3, 2024

#642 in Cryptography

Download history 14/week @ 2024-01-02 1/week @ 2024-02-13 24/week @ 2024-02-20 25/week @ 2024-02-27 9/week @ 2024-03-26 43/week @ 2024-04-02

52 downloads per month

MIT license

21KB
517 lines

What is this

"envault" /ɪnˈvɔːlt/ is for encrypting confidential information such as API keys and managing them in a version control system.

How to use

1. Install

cargo install envault

2. Describe your environment variables in yaml

staging:
  AWS_ACCESS_KEY_ID: xxx
  AWS_SECRET_ACCESS_KEY: yyy
  AWS_DEFAULT_REGION: zzz

3. Set environment variables

You can use a single ENV_KEY environment variable to encrypt everything. You can also set environment variables for each environment and each confidential information individually.

export ENV_KEY__staging__AWS_ACCESS_KEY_ID=password
export ENV_KEY__staging=password
export ENV_KEY=password

4. Encrypt yaml

envault encrypt --raw .env.yaml [--enc .env.enc.yaml [--env staging]]

Then you will get the following YAML file.

staging:
  AWS_SECRET_ACCESS_KEY: U2FsdGVkX19Qa0czd1huMUGSvIdM93bbWlEdzLCviak=
  AWS_DEFAULT_REGION: U2FsdGVkX19tMzdQQnBGRcOVStFTiP4P7/p8qt/T7TE=
  AWS_ACCESS_KEY_ID: U2FsdGVkX195RWNXdU52dpGBFIMYJ5kW8IoJPxkjioE=

Existing confidential information will be merged with new confidential information and outputted.

5. Load environment variables to export

envault export --enc .env.enc.yaml --env staging

Dependencies

~5.5MB
~106K SLoC