1 unstable release
| 0.0.1 | Jan 3, 2024 |
|---|
#14 in #confidential
Used in envault-processor
7KB
148 lines
What is this
"envault" /ɪnˈvɔːlt/ is a tool for encrypting confidential information such as API keys and managing them in a version control system.
How to use
1. Install
cargo install envault
2. Describe your environment variables in yaml
staging:
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: yyy
AWS_DEFAULT_REGION: zzz
3. Set environment variables
You can use a single ENV_KEY environment variable to encrypt everything. You can also set environment variables for each environment and each confidential information individually.
export ENV_KEY__staging__AWS_ACCESS_KEY_ID=password
export ENV_KEY__staging=password
export ENV_KEY=password
4. Encrypt yaml
envault encrypt --raw .env.yaml [--enc .env.enc.yaml [--env staging]]
Then you will get the following YAML file.
staging:
AWS_SECRET_ACCESS_KEY: U2FsdGVkX19Qa0czd1huMUGSvIdM93bbWlEdzLCviak=
AWS_DEFAULT_REGION: U2FsdGVkX19tMzdQQnBGRcOVStFTiP4P7/p8qt/T7TE=
AWS_ACCESS_KEY_ID: U2FsdGVkX195RWNXdU52dpGBFIMYJ5kW8IoJPxkjioE=
Existing confidential information will be merged with new confidential information and outputted.
5. Load environment variables to export
envault export --enc .env.enc.yaml --env staging
Dependencies
~1.7–2.3MB
~50K SLoC