0.4.1 • Published 5 years ago

secrethub-manager v0.4.1

Weekly downloads
15
License
MIT
Repository
-
Last release
5 years ago

SecretHub Manager

CLI tool for managing a single project's secrets targeting possibly multiple environments.

Why?

Secret management is often a mess. Vault by HashiCorp and others solve this brilliantly, but with the clear downside of complexity. SecretHub is a promising alternative for it's simplicity, but it still requires developers learn how to use it properly.

SecretHub Manager CLI is built on top of SecretHub to create an environment variable system that's easy to config, use, manage, and expand during the progress of a project.

Installation

yarn add secrethub-manager

Usage

Credentials

There is a couple of ways to provide SecretHub Manager with credentials to connect to SecretHub API, here on listed in the order of priority:

A) Environment variable

SecretHub CLI respects an environment variable SECRETHUB_CREDENTIAL with a credential string - so does SecretHub Manager.

When: perfect for usage on CIs

B) Global secrethub sign-up

If you already use SecretHub CLI and would like to use the globally signed-up user credentials, you don't need extra configuration.

When: simple, single person projects, or when you have all team members signed-up to the same SecretHub organization.

C) Local .secrethub/credential file

You can save the project's SecretHub credential on a file at .secrethub/credential.

When: perfect for sharing a single credential with a small team.

Don't forget to add .secrethub dir to .gitignore!

D) Prompted if missing

Any command will request you to manually input the credential if you haven't setup one of the previous methods.

Template

Create a secrethub.env file following SecretHub template guide. This will be your source of truth for any environment.

Template variables

SecretHub Manager supports SecretHub's template variables via the SECRETHUB_VAR_<var_name> environment variable pattern.

Also, you can define your variables on package.json, so that SecretHub Manager can prompt for them when they are missing - useful to simplify switching envs locally. Ex:

+  },
+  "secrethub": {
+    "variables": {
+      "env": {
+        "message": "What environment you want to initialize?",
+        "choices": [
+          "development",
+          "qa",
+          "staging",
+          "production"
+        ]
+      }
+    }
   }
 }

Usage

Initialize

yarn secrethub-manager init

Will inject secrethub variables into the secrethub.env file, and save it as .env.

Save

yarn secrethub-manager save

Will save the current .env file to SecretHub, based on the secrethub.env template.

Manager

SecretHub Manager provides two commands to facilitate managing all available variables, for all targeted environments of your project, in your local machine:

Download
yarn secrethub-manager manager download

Will get all available SecretHub secrets, and add to a single file: .secrethub/manager.

You can limit to a sub-path on SecretHub by configuring your package.json as follows:

 }
+  },
+  "secrethub": {
+    "path": "some/path"
   }
 }

Don't forget to add .secrethub dir to .gitignore!

Save

After manually altering .secrethub/manager content, use this command to save it all back to SecretHub:

yarn secrethub-manager manager save
@secrethub/clicommanderenquirerenvfilewait-on
@infinitebrahmanuniverse/nolb-sec@everything-registry/sub-chunk-2726
0.4.1

5 years ago

0.4.0

5 years ago

0.3.0

5 years ago

0.2.1

5 years ago

0.1.2

5 years ago

0.2.0

5 years ago

0.2.2

5 years ago

0.1.3

5 years ago

0.1.1

5 years ago

0.1.0

5 years ago