#azure #env-file #env #keyvault #env-var #encryption-key

app keyweave

Fetches secrets from Azure Key Vault and weaves them into a convenient .env file

9 releases

0.2.7 Apr 10, 2024
0.2.6 Mar 5, 2024
0.2.5 Feb 25, 2024
0.2.4 Dec 1, 2023
0.1.0 Nov 9, 2023

#171 in Authentication

GPL-3.0 license

41KB
228 lines

Keyweave

github crates.io docs.rs build status test status

Keyweave

Keyweave is an open-source tool crafted to seamlessly fetch secrets from Azure Key Vault and weave them into a convenient .env file. Developed in Rust, Keyweave stands out for its efficiency and user-friendly design, making it an ideal choice for managing your application's secrets.

Features

  • Fetch Secrets: Retrieve secrets securely from Azure Key Vault.
  • Filtering: Optionally filter the secrets to be retrieved by name.
  • Output Customization: Choose the name of the output file, defaulting to .env.
  • Azure Default Credentials: Utilizes Azure default credentials for authentication.

Prerequisites

Before diving into Keyweave, ensure you have the following prerequisites:

  • Logged into the right Azure tenant:

    az login --tenant "your-tenant-guid"
    
  • The identity you logged in with has Get and List Secret Permissions in the Access Policies of the Key Vault.

Installation

Cargo

Keyweave is built with Cargo, the Rust package manager. It can also be used to install from crates.io:

cargo install keyweave

Homebrew (MacOS, Linux)

For MacOS and Linux systems, installation is a breeze with Homebrew. Simply run:

brew tap bartvdbraak/keyweave
brew install keyweave

Manual Download

If you prefer manual installation or need binaries for different platforms (including an executable for Windows), visit the Releases page of this GitHub repository.

Invoke-WebRequest -Uri 'https://github.com/bartvdbraak/keyweave/releases/latest/download/keyweave.exe' -OutFile 'keyweave.exe'

Building from Source

To build Keyweave from source, follow these steps:

git clone https://github.com/bartvdbraak/keyweave.git
cd keyweave
cargo build --release

Once built, run Keyweave using Cargo:

cargo run -- --vault-name <VAULT_NAME> [--output <FILE>] [--filter <FILTER>]

Usage

With the binary on your PATH, run Keyweave as follows:

keyweave --vault-name <VAULT_NAME> [--output <FILE>] [--filter <FILTER>]
  • --vault-name <VAULT_NAME>: Sets the name of the Azure Key Vault.
  • --output <FILE>: (Optional) Sets the name of the output file (default: .env).
  • --filter <FILTER>: (Optional) Filters the secrets to be retrieved by name.

Example

keyweave --vault-name my-key-vault --output my-env-file.env --filter my-secret

Documentation

Additional documentation for this package can be found on docs.rs.

License

Keyweave is licensed under the GPLv3 License. See LICENSE for more details.

Contributing

We welcome contributions! Feel free to submit pull requests, report issues, or suggest new features. Your input helps make Keyweave even better.

Dependencies

~12–22MB
~326K SLoC