secrets

command module

v0.0.0-...-8351a3e Latest Latest Go to latest Published: May 21, 2019 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/codeallthethingz/secrets

Links

Open Source Insights

README ¶

Secrets

Command line utility to generate and manage a JSON file that contains encrypted secrets and access lists to those secrets.

Uses AES with a passphrase to encrypt secrets.

The tool generates tokens for named services that have access to specific secrets. Those tokens are also encrypted using the passphrase.

File format is read by a serverless app that can act as your secrets manager: https://github.com/codeallthethingz/secrets-service

Installation

Check the project out in to your GO path and install. Assumes GO home is also on your path.

git clone git@github.com:codeallthethingz/secrets
cd secrets
go install

Usage

adding a secret

> secrets -p "my super long passphrase" set "gcp-credentials" "base64 gcp json"
Creating: secrets.json
added secret

adding access

> secrets -p "my super long passphrase" add-access "rpm.org" "gcp-credentials,mongo-token"
added access to rpm.org for gcp-credentials,mongo-token
Please use this token to access the secrets serice through the api
ea08dabb99f15e4573f16152397022455e04c161f9a047c2a5e1ede1a1f177f30b6af21991a10f73350e2d8c9c1b2611c0b37

Help

[codeallthethingz:~]$ secrets help
NAME:
   secrets - json file-based secrets manager

USAGE:
   secrets [global options] command [command options] [arguments...]

VERSION:
   0.0.1

COMMANDS:
     set                set a secret to the credential file, overwrites if exists but keeps access list
     get                get a secret out of the secrets file
     list               list all the secrets in the credentials file
     remove             remove a secret from the credential file
     add-access         returns a new access token (or existing access token) with access to a comma separated secrets for a named service
     get-access-token   get access token for a service
     remove-access      remove access to the a comma separated list of secrets
     revoke-service     remove all access for a service and delete the service access token
     change-passphrase  change the passphrase to a new passphrase
     help, h            Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --passphrase value, -p value    the phrase to encrypt and decrypt the vault
   --secrets-file value, -f value  change the file that is being used to store secrets (default: "secrets.json")
   --help, -h                      show help
   --version, -v                   print the version

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
model

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL