#secret

app envault

A tool for managing secrets

3 releases

0.0.3 Jan 4, 2024
0.0.2 Jan 3, 2024
0.0.1 Jan 3, 2024

#110 in #secret

MIT license

21KB
517 lines

What is this

"envault" /ɪnˈvɔːlt/ is for encrypting confidential information such as API keys and managing them in a version control system.

How to use

1. Install

cargo install envault

2. Describe your environment variables in yaml

staging:
  AWS_ACCESS_KEY_ID: xxx
  AWS_SECRET_ACCESS_KEY: yyy
  AWS_DEFAULT_REGION: zzz

3. Set environment variables

You can use a single ENV_KEY environment variable to encrypt everything. You can also set environment variables for each environment and each confidential information individually.

export ENV_KEY__staging__AWS_ACCESS_KEY_ID=password
export ENV_KEY__staging=password
export ENV_KEY=password

4. Encrypt yaml

envault encrypt --raw .env.yaml [--enc .env.enc.yaml [--env staging]]

Then you will get the following YAML file.

staging:
  AWS_SECRET_ACCESS_KEY: U2FsdGVkX19Qa0czd1huMUGSvIdM93bbWlEdzLCviak=
  AWS_DEFAULT_REGION: U2FsdGVkX19tMzdQQnBGRcOVStFTiP4P7/p8qt/T7TE=
  AWS_ACCESS_KEY_ID: U2FsdGVkX195RWNXdU52dpGBFIMYJ5kW8IoJPxkjioE=

Existing confidential information will be merged with new confidential information and outputted.

5. Load environment variables to export

envault export --enc .env.enc.yaml --env staging

Dependencies

~6MB
~114K SLoC